urlscan.io logo urlscan.io
SecurityTrails logo

justthenews.com Open in urlscan Pro
2620:12a:8001::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Submission: On February 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 91 IPs in 8 countries across 83 domains to perform 227 HTTP transactions. The main IP is 2620:12a:8001::3, located in United States and belongs to FASTLY, US. The main domain is justthenews.com. The Cisco Umbrella rank of the primary domain is 122125.
TLS certificate: Issued by R3 on January 21st 2022. Valid for: 3 months.
This is the only time justthenews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2620:12a:8001::3 54113 (FASTLY)
7 18.66.248.53 16509 (AMAZON-02)
1 18.66.112.83 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 2600:9000:225... 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
1 151.101.66.132 54113 (FASTLY)
4 142.250.184.226 15169 (GOOGLE)
8 108.156.255.177 16509 (AMAZON-02)
3 18.66.112.111 16509 (AMAZON-02)
4 2.18.234.190 16625 (AKAMAI-AS)
5 18.235.17.58 14618 (AMAZON-AES)
2 18.185.192.100 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:bdf::69 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2.18.233.56 16625 (AKAMAI-AS)
2 2a02:26f0:12d... 20940 (AKAMAI-ASN1)
5 23.22.109.72 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 3.231.0.153 14618 (AMAZON-AES)
1 23.58.216.21 16625 (AKAMAI-AS)
2 3 104.92.74.8 16625 (AKAMAI-AS)
2 54.186.23.98 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 16 18.203.130.18 16509 (AMAZON-02)
2 67.202.105.24 32748 (STEADFAST)
1 51.89.9.252 16276 (OVH)
2 185.86.137.121 201081 (SMARTADSE...)
2 12 2.18.234.21 16625 (AKAMAI-AS)
2 2 185.33.223.38 29990 (ASN-APPNEX)
8 52.19.2.69 16509 (AMAZON-02)
2 3 216.52.2.48 30282 (AS-INAPCD...)
6 7 213.19.147.45 3356 (LEVEL3)
4 5 3.33.220.150 16509 (AMAZON-02)
1 54.177.241.193 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 178.162.133.149 60781 (LEASEWEB-...)
1 1 147.75.38.124 54825 (PACKET)
2 2 3.126.56.137 16509 (AMAZON-02)
1 52.222.236.42 16509 (AMAZON-02)
1 108.157.4.74 16509 (AMAZON-02)
10 2.16.186.139 20940 (AKAMAI-ASN1)
2 2600:9000:223... 16509 (AMAZON-02)
1 52.205.96.140 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 185.33.221.15 29990 (ASN-APPNEX)
5 5 18.194.56.109 16509 (AMAZON-02)
4 4 34.243.37.252 16509 (AMAZON-02)
3 7 64.202.112.127 23352 (SERVERCEN...)
2 2 3.124.70.84 16509 (AMAZON-02)
2 2 34.98.64.218 15169 (GOOGLE)
1 1 44.193.191.16 14618 (AMAZON-AES)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 1 54.210.154.62 14618 (AMAZON-AES)
1 150.136.222.2 31898 (ORACLE-BM...)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 64.202.112.255 22075 (AS-OUTBRAIN)
1 1 104.111.215.191 16625 (AKAMAI-AS)
2 2 34.255.38.72 16509 (AMAZON-02)
1 1 198.148.27.139 19189 (PULSEPOINT)
3 3 54.73.209.201 16509 (AMAZON-02)
3 185.86.138.114 201081 (SMARTADSE...)
1 2600:9000:224... 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 104.111.219.144 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
1 2 209.54.176.128 16509 (AMAZON-02)
2 4 172.217.16.130 15169 (GOOGLE)
1 1 66.155.71.150 13768 (COGECO-PEER1)
1 44.238.135.153 16509 (AMAZON-02)
3 4 151.101.130.49 54113 (FASTLY)
2 3 104.111.242.53 16625 (AKAMAI-AS)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
1 1 185.29.132.241 30419 (MEDIAMATH...)
3 2.18.233.180 16625 (AKAMAI-AS)
4 104.89.20.125 16625 (AKAMAI-AS)
1 18.195.155.181 16509 (AMAZON-02)
1 1 124.146.215.44 2514 (INFOSPHER...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 35.186.249.84 15169 (GOOGLE)
1 52.222.214.123 16509 (AMAZON-02)
2 18.66.248.26 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
6 213.19.147.42 26120 (RHYTHMONE)
1 18.66.112.41 16509 (AMAZON-02)
1 52.222.188.32 16509 (AMAZON-02)
1 151.101.114.132 54113 (FASTLY)
1 44.228.63.192 16509 (AMAZON-02)
1 89.187.169.47 60068 (CDN77 ^_^)
1 2600:9000:218... 16509 (AMAZON-02)
2 23.37.38.181 16625 (AKAMAI-AS)
2 204.237.133.116 62713 (AS-PUBMATIC)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 34.230.197.238 14618 (AMAZON-AES)
1 34.240.176.29 16509 (AMAZON-02)
1 1 54.205.198.81 14618 (AMAZON-AES)
1 72.251.241.196 29791 (VOXEL-DOT...)
1 18.208.85.173 14618 (AMAZON-AES)
2 69.173.144.139 26667 (RUBICONPR...)
1 69.173.144.165 26667 (RUBICONPR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 8.43.72.98 26667 (RUBICONPR...)
1 151.101.66.137 54113 (FASTLY)
1 162.247.243.147 13335 (CLOUDFLAR...)
1 51.89.21.21 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.5.186.197 14618 (AMAZON-AES)
227 91
16    2620:12a:8001::3 (United States)

ASN54113 (FASTLY, US)
justthenews.com
7    18.66.248.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-53.dus51.r.cloudfront.net
cdn.privacy-mgmt.com
1    18.66.112.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-83.fra56.r.cloudfront.net
ccpa.sp-prod.net
4    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2600:9000:2251:2600:0:bed9:b980:93a1 (United States)

ASN16509 (AMAZON-02, US)
01.cdn.mediatradecraft.com
10    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    151.101.66.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
8    108.156.255.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-255-177.dus51.r.cloudfront.net
c.amazon-adsystem.com
3    18.66.112.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-111.fra56.r.cloudfront.net
js.stripe.com
4    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
5    18.235.17.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-17-58.compute-1.amazonaws.com
prd-collector-anon.ex.co
2    18.185.192.100 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-192-100.eu-central-1.compute.amazonaws.com
message.sp-prod.net
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2620:1ec:bdf::69 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:26f0:6c00::210:bb91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
1    2.18.233.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-56.deploy.static.akamaitechnologies.com
cdn.playbuzz.com
2    2a02:26f0:12d:4ab::2c79 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
5    23.22.109.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-109-72.compute-1.amazonaws.com
atrack.avplayer.com
track1.aniview.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    3.231.0.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-0-153.compute-1.amazonaws.com
ccpa-service.sp-prod.net
1    23.58.216.21 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-216-21.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
3    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
secure-assets.rubiconproject.com
2    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
16    18.203.130.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
pixel.33across.com
ssc-cms.33across.com
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
2    185.86.137.121 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
12    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
js-sec.indexww.com
2    185.33.223.38 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
8    52.19.2.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
7    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    54.177.241.193 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-177-241-193.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    52.222.236.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-42.fra56.r.cloudfront.net
ob.cheqzone.com
1    108.157.4.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-74.dus51.r.cloudfront.net
ats.rlcdn.com
10    2.16.186.139 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-139.deploy.static.akamaitechnologies.com
mcd.ex.co
2    2600:9000:223e:5200:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    52.205.96.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-96-140.compute-1.amazonaws.com
premiumsrv.aniview.com
1    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
5    18.194.56.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-56-109.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    34.243.37.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-37-252.eu-west-1.compute.amazonaws.com
ads.avct.cloud
7    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
2    3.124.70.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-70-84.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    44.193.191.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-191-16.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    2a05:d018:d29:3605:5da:b029:1b25:7ea6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    54.210.154.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-154-62.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.222.2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    34.255.38.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-38-72.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    54.73.209.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-209-201.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    185.86.138.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    2600:9000:224a:1200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
2    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
cm.g.doubleclick.net
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    44.238.135.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-135-153.us-west-2.compute.amazonaws.com
dmp.brand-display.com
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
2    2600:1f18:e8a:cd02:882c:d916:bae1:7722 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.cheqzone.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    104.89.20.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-20-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    124.146.215.44 (Shibuya, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    35.186.249.84 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 84.249.186.35.bc.googleusercontent.com
sulkycook.com
1    52.222.214.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-123.fra56.r.cloudfront.net
get.s-onetag.com
2    18.66.248.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-26.dus51.r.cloudfront.net
geo.privacymanager.io
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.targeting.unrulymedia.com
tag.1rx.io
1    18.66.112.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-41.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    52.222.188.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-188-32.ham50.r.cloudfront.net
signal-beacon.s-onetag.com
1    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
1    44.228.63.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-63-192.us-west-2.compute.amazonaws.com
m.stripe.com
1    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cheqzone.b-cdn.net
1    2600:9000:218f:a400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    204.237.133.116 (Philadelphia, United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    34.230.197.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-197-238.compute-1.amazonaws.com
rtb.adentifi.com
1    34.240.176.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-176-29.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.205.198.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-198-81.compute-1.amazonaws.com
sync.extend.tv
1    72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    18.208.85.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-85-173.compute-1.amazonaws.com
sync.aniview.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
1    51.89.21.21 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p13.id5-sync.com
id5-sync.com
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    52.5.186.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-186-197.compute-1.amazonaws.com
track1.aniview.com
Apex Domain
Subdomains		 Transfer
16 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1545
rtb.gumgum.com — Cisco Umbrella Rank: 1288
5 KB
16 ex.co
player.ex.co — Cisco Umbrella Rank: 10546
prd-collector-anon.ex.co — Cisco Umbrella Rank: 8539
mcd.ex.co — Cisco Umbrella Rank: 10432
1 MB
16 justthenews.com
justthenews.com — Cisco Umbrella Rank: 122125
330 KB
13 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
ssum.casalemedia.com — Cisco Umbrella Rank: 1337
htlb.casalemedia.com — Cisco Umbrella Rank: 461
15 KB
11 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 4925
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095
eus.rubiconproject.com — Cisco Umbrella Rank: 541
token.rubiconproject.com — Cisco Umbrella Rank: 689
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1135
150 KB
10 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1327
widget-pixels.outbrain.com — Cisco Umbrella Rank: 1659
sync.outbrain.com — Cisco Umbrella Rank: 758
odb.outbrain.com — Cisco Umbrella Rank: 1495
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6021
93 KB
10 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
45 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
207 KB
9 servenobid.com
public.servenobid.com — Cisco Umbrella Rank: 3540
ads.servenobid.com — Cisco Umbrella Rank: 1823
7 KB
9 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
153 KB
8 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2244
track1.aniview.com — Cisco Umbrella Rank: 2186
premiumsrv.aniview.com — Cisco Umbrella Rank: 11372
sync.aniview.com — Cisco Umbrella Rank: 2703
200 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 528
tag.1rx.io — Cisco Umbrella Rank: 1334
3 KB
7 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 5382
135 KB
6 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
tag.targeting.unrulymedia.com — Cisco Umbrella Rank: 8400
2 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
imasdk.googleapis.com — Cisco Umbrella Rank: 418
906 KB
6 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1143
q.stripe.com — Cisco Umbrella Rank: 7622
m.stripe.com — Cisco Umbrella Rank: 1086
76 KB
5 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 473
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
18 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
3 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
2 KB
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1372
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578
2 KB
5 sp-prod.net
ccpa.sp-prod.net — Cisco Umbrella Rank: 8988
message.sp-prod.net — Cisco Umbrella Rank: 18452
ccpa-service.sp-prod.net — Cisco Umbrella Rank: 13846
20 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
1 KB
4 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3163
2 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
3 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
secure.adnxs.com — Cisco Umbrella Rank: 404
3 KB
4 mediatradecraft.com
01.cdn.mediatradecraft.com — Cisco Umbrella Rank: 97153
41 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
180 KB
3 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3723
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4374
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 4566
22 KB
3 sulkycook.com
sulkycook.com — Cisco Umbrella Rank: 133346
27 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 990
1 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
1 KB
3 cheqzone.com
ob.cheqzone.com — Cisco Umbrella Rank: 7290
obs.cheqzone.com — Cisco Umbrella Rank: 4818
22 KB
3 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 816
1 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
134 KB
3 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4221
log.outbrainimg.com — Cisco Umbrella Rank: 2231
1 KB
3 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 9046
atrack.avplayer.com — Cisco Umbrella Rank: 10118
71 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
424 B
2 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1747
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 698
695 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1872
id5-sync.com — Cisco Umbrella Rank: 596
11 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
619 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 588
1 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 359
427 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 865
1 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1218
16 KB
2 33across.com
pixel.33across.com — Cisco Umbrella Rank: 2343
ssc-cms.33across.com — Cisco Umbrella Rank: 877
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
17 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 636
1 KB
1 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 348
711 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 367
14 KB
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1634
408 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1830
546 B
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1228
88 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
425 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 533
482 B
1 b-cdn.net
cheqzone.b-cdn.net — Cisco Umbrella Rank: 36733
5 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5557
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 13
501 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1948
685 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 908
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
656 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1929
261 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
299 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 2705
17 KB
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 424
513 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 707
240 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 577
383 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 510
1 KB
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 921
44 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1292
293 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1187
428 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 973
612 B
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1554
36 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1204
309 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
478 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 702
749 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1117
428 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
814 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 playbuzz.com
cdn.playbuzz.com — Cisco Umbrella Rank: 19349
46 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
53 KB
227 83
Domain Requested by
16 justthenews.com justthenews.com
cdn.privacy-mgmt.com
15 rtb.gumgum.com 1 redirects public.servenobid.com
g2.gumgum.com
10 mcd.ex.co player.avplayer.com
10 pagead2.googlesyndication.com justthenews.com
pagead2.googlesyndication.com
srcdoc
imasdk.googleapis.com
8 ads.servenobid.com public.servenobid.com
g2.gumgum.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
8 c.amazon-adsystem.com justthenews.com
c.amazon-adsystem.com
7 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
7 cdn.privacy-mgmt.com justthenews.com
cdn.privacy-mgmt.com
5 imasdk.googleapis.com player.aniview.com
5 x.bidswitch.net 5 redirects
5 match.adsrvr.org 4 redirects ssum-sec.casalemedia.com
5 sync.1rx.io 5 redirects
5 prd-collector-anon.ex.co player.ex.co
4 tag.targeting.unrulymedia.com player.aniview.com
4 eus.rubiconproject.com g2.gumgum.com
player.aniview.com
eus.rubiconproject.com
4 sync-tm.everesttech.net 3 redirects g2.gumgum.com
4 cm.g.doubleclick.net 2 redirects ssum-sec.casalemedia.com
g2.gumgum.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 ads.avct.cloud 4 redirects
4 track1.aniview.com justthenews.com
player.aniview.com
4 01.cdn.mediatradecraft.com justthenews.com
01.cdn.mediatradecraft.com
4 cdnjs.cloudflare.com justthenews.com
cdnjs.cloudflare.com
3 sulkycook.com justthenews.com
sulkycook.com
3 ads.pubmatic.com g2.gumgum.com
player.aniview.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 match.prod.bidr.io 3 redirects
3 ce.lijit.com 2 redirects player.aniview.com
3 ssum-sec.casalemedia.com 1 redirects public.servenobid.com
js-sec.indexww.com
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 widgets.outbrain.com justthenews.com
3 js.stripe.com justthenews.com
js.stripe.com
3 securepubads.g.doubleclick.net justthenews.com
securepubads.g.doubleclick.net
2 token.rubiconproject.com g2.gumgum.com
eus.rubiconproject.com
2 hbopenbid.pubmatic.com player.aniview.com
2 tag.1rx.io player.aniview.com
2 htlb.casalemedia.com player.aniview.com
2 log.outbrainimg.com widgets.outbrain.com
2 www.facebook.com justthenews.com
2 geo.privacymanager.io ats.rlcdn.com
2 creativecdn.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 obs.cheqzone.com ob.cheqzone.com
justthenews.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ssum.casalemedia.com
2 us-u.openx.net 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 secure.adnxs.com 1 redirects ssum.casalemedia.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 ups.analytics.yahoo.com 2 redirects
2 sync.targeting.unrulymedia.com 1 redirects g2.gumgum.com
2 ib.adnxs.com 2 redirects
2 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 q.stripe.com justthenews.com
2 ccpa-service.sp-prod.net ccpa.sp-prod.net
2 atrack.avplayer.com justthenews.com
2 player.aniview.com player.ex.co
player.aniview.com
2 message.sp-prod.net ccpa.sp-prod.net
1 s0.2mdn.net imasdk.googleapis.com
1 js-sec.indexww.com player.aniview.com
1 id5-sync.com player.aniview.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com justthenews.com
1 pixel-us-east.rubiconproject.com justthenews.com
1 pixel.rubiconproject.com g2.gumgum.com
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 sync.aniview.com ssum.casalemedia.com
1 cm.adgrx.com ssum.casalemedia.com
1 sync.extend.tv 1 redirects
1 dpm.demdex.net ssum.casalemedia.com
1 rtb.adentifi.com ssum.casalemedia.com
1 ad.turn.com 1 redirects
1 static.adsafeprotected.com justthenews.com
1 cheqzone.b-cdn.net ob.cheqzone.com
1 m.stripe.com m.stripe.network
1 odb.outbrain.com widgets.outbrain.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 ssum.casalemedia.com player.aniview.com
1 get.s-onetag.com 01.cdn.mediatradecraft.com
1 www.google.de justthenews.com
1 www.google.com justthenews.com
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com g2.gumgum.com
1 ssc-cms.33across.com g2.gumgum.com
1 sync.mathtag.com 1 redirects
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 pixel-sync.sitescout.com 1 redirects
1 cdn.id5-sync.com justthenews.com
1 secure.cdn.fastclick.net justthenews.com
1 pixel.quantserve.com 1 redirects
1 s.ad.smaato.net ssbsync.smartadserver.com
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 premiumsrv.aniview.com player.aniview.com
1 ats.rlcdn.com 01.cdn.mediatradecraft.com
1 ob.cheqzone.com widgets.outbrain.com
1 prebid.a-mo.net 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 p.rfihub.com 1 redirects
1 jadserve.postrelease.com public.servenobid.com
1 onetag-sys.com public.servenobid.com
1 pixel.33across.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 micro.rubiconproject.com 01.cdn.mediatradecraft.com
1 widget-pixels.outbrain.com justthenews.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.playbuzz.com justthenews.com
1 player.avplayer.com player.ex.co
1 fonts.googleapis.com client
1 public.servenobid.com justthenews.com
1 www.googletagmanager.com justthenews.com
1 player.ex.co justthenews.com
1 ccpa.sp-prod.net justthenews.com
227 124
Subject Issuer Validity Valid
justthenews.com
R3		 2022-01-21 -
2022-04-21		 3 months crt.sh
*.privacy-mgmt.com
R3		 2022-01-23 -
2022-04-23		 3 months crt.sh
*.sp-prod.net
R3		 2021-12-31 -
2022-03-31		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
01.cdn.mediatradecraft.com
Amazon		 2021-08-23 -
2022-09-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2021-11-06 -
2022-11-06		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-01-26 -
2022-05-04		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-22 -
2022-05-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
outstreamedia.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.playbuzz.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-13 -
2022-05-13		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.stripe.com
DigiCert SHA2 Secure Server CA		 2021-09-08 -
2022-09-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-16 -
2022-02-14		 3 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-29 -
2023-01-27		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.cheqzone.com
Amazon		 2022-01-22 -
2023-02-20		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
ads.servenobid.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.knorex.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
obs.cheqzone.com
R3		 2022-02-01 -
2022-05-02		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
sulkycook.com
R3		 2022-01-08 -
2022-04-08		 3 months crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-11 -
2022-05-04		 4 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-07 -
2022-11-11		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh

This page contains 38 frames:

Primary Page: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Frame ID: AE8C9B84429ADCE07EC2BECD3DAC296C
Requests: 129 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&usp_consent=${US_PRIVACY}&redirect=https%3A%2F%2FSSP_DOMAIN.COM%3Fuid%3D%24UID
Frame ID: 77C5EA883964CEDAB9CE7BEA4A9369D1
Requests: 9 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: CD9346B46874E2C423E57F60AB2B1CA8
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html
Frame ID: CE0D6177F66DB4F7BE81DFC472415146
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/zrt_lookup.html
Frame ID: 64DA30DAB05472B080D5EF881DA39875
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 8435D20AE97D394E49AB2789A91B1EAA
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: A6189DC858D8B7B097723109CE35FA2F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 2567B8220D3AC463CBB8385F42B9EEF1
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 29150D97C8660DA43E3CA8B7EA5B9163
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 261C28212EA72DAF649D46018736FA40
Requests: 10 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?message_id=576251&consentUUID=a963c492-0c31-468d-b733-d86cd4611a79&requestUUID=8da5345b-8938-49cd-bb7d-1c4b3e91a219&preload_message=true
Frame ID: 2C2019BDBB54E7FDB7D884264B1ACFAF
Requests: 5 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 6065DE55CAEB6B9482EE098681ADF25F
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=0dc06201-3184-4f00-b108-4b76753dd148&gdpr=0&gdpr_consent=
Frame ID: 7A3F863AAE24DE347811D72A37CB55CA
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YgExhQAEcfWcIwBB
Frame ID: B4293AF2B8F203F9212CE23D606FE9C9
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NzllNjk1Yi1kMzlmLTQwZjYtODBkNy0zZGFhZTEwZmMzODc=&gdpr=0&gdpr_consent=&google_tc=
Frame ID: 4C8D812C9B88D890D6059B70E43E8AC6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 1C0A6C54A73AA1DE7FDC70D1E9B78975
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: E02B8BE76B72007FF8062A2E988B38E9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=0710b751-6540-4829-b553-19f3ac610e33&t=1646837380
Frame ID: D8BCA6D4C093079ED587C6E60DC1CCBF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: B0000D8C86047E0D6F0132A2DDEB06BF
Requests: 4 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 459F50DF0C528707FC24D103D316958D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YgExhcCo8YUAAC8YSIkAAAAA
Frame ID: 151ED8C78EA56351AD3B9750E399DCC1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=e8iKZ22KyF5NlGP0S2Rc&pi=gumgum&tc=1
Frame ID: BEC8BDC4906DA57CF01BECCEC0FC7011
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1644245380973-947365533244-006081-012-004056%26biddername%3D1%26key%3D
Frame ID: E324B6E8B3DA1659CDBD992576BF83B6
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1644245380973-947365533244-006081-012-004056%26biddername%3D42%26key%3D
Frame ID: FB0D2E43FD3BF743A859F68C0D00B56C
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: FD8904D3240229F6A9911EE30C00C7C1
Requests: 4 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=376385&3pid=1644245380973-947365533244-006081-012-004056&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1644245380973-947365533244-006081-012-004056%26biddername%3D18%26key%3D%5BSOVRNID%5D
Frame ID: 196B205BBA79AC20BC769EAEF5C2C9F7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F0D101C71ED343C721C3648C658B5B97
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D3BD5C6F656A52658EEB0899869BB3BB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901&us_privacy=1---
Frame ID: EE8BD7A042E5C22F8EC433885C9BE8ED
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPUAmjmPUAmjmAGABCENCBCgAAAAAH_AAAYgAAAQTAIMBAUAAAEEAAAIECIQAAQgiQAAAABBCABQBIAEqgACVwERgIAACAxAQgAAgBAQgwCAAAAAJAAgBACwQCAACAQAAgAEAAAAEIAIDACwEAAAEAJCAAiACECAgiAAg5DAgIACCAFABAAAOJDACAMsoASBAAAAAAAAAAAAAAAAAAAAAABATGQBABHADLAN4AmIaABAXQIgCgBWAGWAQAA1gB1RIAIBdADfwgAIApYDAgkAsABAAVgBlgEAAMUAawA3gCYgEygLQAbeFABACKAF8GgDgBWAGWAQAAgoBrADeAHVDgAgF0AN_FQBQBHADLAN4AmIBuQsACAugdAJACsAWIAuoBigDqALQAXaA0QBt48AIAIoAXwBGQG_kIAwAjgChgGKAOoAu0BohEAEAL4AjJKAQAAgAD4AbQC6gGKAOoAu0Bt5MAEARkBv5SAIAUMBJwC7QG3lQAQAvgG_gAAA.YAAAAAAAAAAA&d=https://justthenews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 23793B0DAAFA4EFE76BEAB5350C4C4CC
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: FCD28E40585643CDA6D47CB1F0A9CD23
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: FDD80027DCD808831765FB8188A91F03
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 91FADDAD4292DBE5F00D0429251029B5
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 9E539CA622D958B9BE1002A3A49EEC20
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D5924C97177BA85A94992C8FA269F2A8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 60252F0185B580785BB8A1ADCFC28A06
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D6CE7EB5C1B7A6FE8A45DDCD62BFB6DF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E79F82EAEB05C12DF91B848826AE1C71
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Biden family received $31 million from businessmen tied to Chinese intelligence, book reveals, | Just The News

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

227
Requests

87 %
HTTPS

22 %
IPv6

83
Domains

124
Subdomains

91
IPs

8
Countries

4313 kB
Transfer

11123 kB
Size

89
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 67
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=4820658710785878206
Request Chain 68
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=4d62000023bb361b3151333a
Request Chain 69
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1644245380614 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5443624994 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5443624994 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0710b751-6540-4829-b553-19f3ac610e33 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-48ba9e82-18fd-4013-aa14-557ab1ef151b-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-48ba9e82-18fd-4013-aa14-557ab1ef151b-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-48ba9e82-18fd-4013-aa14-557ab1ef151b-003
Request Chain 71
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5141210819713131212
Request Chain 73
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=b31ab47e-3c22-4d2b-bdc1-b51f333e2421&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 74
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-oJjabOtE2uEiyjHqJt25A3Ks47lwKtZO3Ii5yvE-~A
Request Chain 91
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=4820658710785878206
Request Chain 92
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_779e695b-d39f-40f6-80d7-3daae10fc387&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_779e695b-d39f-40f6-80d7-3daae10fc387&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=f8c3d737-f922-4081-87e5-6acd8e1b8c7a&ssp=gumgum2 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=2df4b741-9ab0-4f7f-8881-dbad0b8058a7
Request Chain 93
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Dm14RZeZKsUDEDslaiooS64IP9dUYr9EaxoZqp8ca_h92aFhPnN_cs44-o-Mf_w1%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Dm14RZeZKsUDEDslaiooS64IP9dUYr9EaxoZqp8ca_h92aFhPnN_cs44-o-Mf_w1%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_779e695b-d39f-40f6-80d7-3daae10fc387&obuid=ENC(Dm14RZeZKsUDEDslaiooS64IP9dUYr9EaxoZqp8ca_h92aFhPnN_cs44-o-Mf_w1) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=$D HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=$D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=2cd49f8b-4fd5-4fa9-8ed1-2a14da2351a8
Request Chain 94
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=97104fd0-1a9a-482b-b803-e4d0e0940387
Request Chain 95
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-f48fa236-a52d-4553-631d-b1943de0ce89$ip$217.64.151.5
Request Chain 96
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-NOFexzhE2pdIS5iTZ87lKsIRJOmOam0T_qqq~A
Request Chain 97
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=2e442d4a-8825-11ec-9dac-e19a0e84bc3f
Request Chain 100
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_779e695b-d39f-40f6-80d7-3daae10fc387&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=bN4y76HcspodnsQZicye&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YSOGR4TONSIMNZXA33ENZZVCWTJMN4WKJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YSOGR4TONSIMNZXA33ENZZVCWTJMN4WKJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=bN4y76HcspodnsQZicye&us_privacy=1---
Request Chain 101
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=4a707b97-17a7-4863-b377-6cf6bad09773
Request Chain 102
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6076701345 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0710b751-6540-4829-b553-19f3ac610e33 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-48ba9e82-18fd-4013-aa14-557ab1ef151b-003
Request Chain 103
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=BRk6xak6ThBg&ev=1&pid=558355
Request Chain 107
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGdqE7EAmMAAHB-dHKLtQ&gdpr=0
Request Chain 108
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=f8c3d737-f922-4081-87e5-6acd8e1b8c7a&ssp=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=2df4b741-9ab0-4f7f-8881-dbad0b8058a7&gdpr=&gdpr_consent=
Request Chain 110
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=856ZbPadkWnoyctp9ZqEOfzNmm7olZ9soZ_eXVLq
Request Chain 113
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgExhMOCL5RgFggK24zkFQAABMQAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgExhMOCL5RgFggK24zkFQAABMQAAAAB&dcc=t
Request Chain 116
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgExhMOCL5RgFggK24zkFQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIcDAwdUhiKJdFOutBY4FF0&google_cver=1&gdpr=1
Request Chain 117
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1646837381
Request Chain 119
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YgExhQAEcdicKABB HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgExhQAEcdicKABB&gdpr=1&_test=YgExhQAEcdicKABB
Request Chain 120
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6975317812142490646&uid=Q6975317812142490646&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 126
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=0dc06201-3184-4f00-b108-4b76753dd148&gdpr=0&gdpr_consent=
Request Chain 127
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YgExhQAEcfWcIwBB
Request Chain 128
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NzllNjk1Yi1kMzlmLTQwZjYtODBkNy0zZGFhZTEwZmMzODc=&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NzllNjk1Yi1kMzlmLTQwZjYtODBkNy0zZGFhZTEwZmMzODc=&gdpr=0&gdpr_consent=&google_tc=
Request Chain 131
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=0710b751-6540-4829-b553-19f3ac610e33&t=1646837380
Request Chain 132
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 134
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YgExhcCo8YUAAC8YSIkAAAAA
Request Chain 135
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=e8iKZ22KyF5NlGP0S2Rc&pi=gumgum&tc=1
Request Chain 153
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 183
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGdqE7EAmMAAHB-dHKLtQ&expiration=1645454981&gdpr=1
Request Chain 184
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4082362253880754577
Request Chain 187
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ca330865-f6ac-480f-947c-2fa3473e87fc

227 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
justthenews.com/world/asia/ 		78 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b62cb4364fecceac51226e42b82a437dcb1939e5b030dd7ff27802f64ef7eafd
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
max-age=900, public
content-encoding
gzip
content-language
en
content-type
text/html; charset=UTF-8
etag
W/"1644245071"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Mon, 07 Feb 2022 14:44:31 GMT
link
<https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america>; rel="canonical" <https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america>; rel="revision"
server
nginx
strict-transport-security
max-age=31622400
traceparent
00-dc41ba1f63e945988a92e2cc340373f4-2130e50c901f2ed2-00
x-cloud-trace-context
dc41ba1f63e945988a92e2cc340373f4/2391663244254064338;o=0
x-content-type-options
nosniff
x-drupal-cache
HIT
x-drupal-dynamic-cache
MISS
x-frame-options
SAMEORIGIN
x-generator
Drupal 8 (https://www.drupal.org)
x-pantheon-styx-hostname
styx-fe3-a-b5f76b597-wlppd
x-styx-req-id
78a670f8-8824-11ec-bb5c-7ace565001a3
x-ua-compatible
IE=edge
date
Mon, 07 Feb 2022 14:49:39 GMT
x-served-by
cache-mdw17333-MDW, cache-mxp6971-MXP
x-cache
HIT, MISS
x-cache-hits
1, 0
x-timer
S1644245380.824980,VS0,VE119
vary
Accept-Encoding, Cookie, Cookie, Cookie
age
303
accept-ranges
bytes
via
1.1 varnish, 1.1 varnish
content-length
24405
AvenirNextLTPro-Cn.woff2
justthenews.com/themes/custom/jtn/fonts/avenirnext/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://justthenews.com/themes/custom/jtn/fonts/avenirnext/AvenirNextLTPro-Cn.woff2
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3f8ef77b9c7c01d65e053ff64f9aa00fbd5faa19b1e13d1a195a1230a72c5ec9
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

Referer
https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Origin
https://justthenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
via
1.1 varnish, 1.1 varnish
etag
"61f2c43e-5928"
age
830825
x-pantheon-styx-hostname
styx-fe3-a-b5f76b597-rtr7j
x-cache
HIT, HIT
x-cloud-trace-context
61d86f16d1d94c4bbc7fddc631b51a1f/2215397481243008124;o=0
content-length
22824
x-served-by
cache-mdw17328-MDW, cache-mxp6971-MXP
last-modified
Thu, 27 Jan 2022 16:11:42 GMT
server
nginx
traceparent
00-61d86f16d1d94c4bbc7fddc631b51a1f-1ebeac4581c8dc7c-00
x-timer
S1644245380.980114,VS0,VE2
date
Mon, 07 Feb 2022 14:49:39 GMT
content-type
font/woff2
access-control-allow-origin
*
expires
Sat, 28 Jan 2023 16:13:41 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
180633b1-7f8c-11ec-9dcb-da8eaa1a70db
x-cache-hits
1, 1
AvenirNextLTPro-DemiCn.woff2
justthenews.com/themes/custom/jtn/fonts/avenirnext/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://justthenews.com/themes/custom/jtn/fonts/avenirnext/AvenirNextLTPro-DemiCn.woff2
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1a7fa05e87ccf58cfb7cd25e642144c196f16b989b574d304332bab025bb48b7
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

Referer
https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Origin
https://justthenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
via
1.1 varnish, 1.1 varnish
etag
"61f2c440-5998"
age
830823
x-pantheon-styx-hostname
styx-fe3-a-b5f76b597-wlppd
x-cache
HIT, HIT
x-cloud-trace-context
a3df0e1a180849ec9287ab07d5d4de12/17729563512208528819;o=0
content-length
22936
x-served-by
cache-mdw17364-MDW, cache-mxp6971-MXP
last-modified
Thu, 27 Jan 2022 16:11:44 GMT
server
nginx
traceparent
00-a3df0e1a180849ec9287ab07d5d4de12-f60c10143fea95b3-00
x-timer
S1644245380.980297,VS0,VE1
date
Mon, 07 Feb 2022 14:49:39 GMT
content-type
font/woff2
access-control-allow-origin
*
expires
Mon, 30 Jan 2023 00:02:37 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
c4e32388-8096-11ec-bb5c-7ace565001a3
x-cache-hits
1, 1
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/ 		153 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-53.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d858a3dbb03600e19a60079cb0aefd2d3ade061f28bc40d457bb46a3cf0ff84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 02:05:02 GMT
server
AmazonS3
age
2706
etag
W/"128d707f6a1d93162de889b18d32e792"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Mon, 07 Feb 2022 14:04:35 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
OjSScqCNvLX8mZTYAl7yJ03BKJVGeSbCHWdQLIx8sKE6-MqKQmezLw==
ccpa.js
ccpa.sp-prod.net/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccpa.sp-prod.net/ccpa.js
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc0fbadd0003a518363a079597843305fcab3a583fc69bb67f352c98e57b68a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:31:14 GMT
content-encoding
gzip
last-modified
Wed, 26 May 2021 19:16:01 GMT
server
AmazonS3
age
1107
etag
W/"7e503d9d7f98c42383dd12185af4fa97"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
HNgGn_2uzcjkyaUVKi2z0b60ForSMORA2vJoIwDiLM3EKLUXz-RLIw==
css_oKbul3uvS-gmWBfok_4_hJ3v1hUpjWJseqNb_ZP3bLY.css
justthenews.com/sites/default/files/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://justthenews.com/sites/default/files/css/css_oKbul3uvS-gmWBfok_4_hJ3v1hUpjWJseqNb_ZP3bLY.css
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a0a6ee977baf4be8265817e893fe3f849defd615298d626c7aa35bfd93f76cb6
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"61e5f1b8-2498"
age
830826
x-pantheon-styx-hostname
styx-fe3-a-58f8d96898-jvnbt
x-cache
HIT, HIT
x-cloud-trace-context
0859f668f3ac493dbf88ea0cf67a837f/7186620978291465722;o=0
content-length
2634
x-served-by
cache-mdw17374-MDW, cache-mxp6971-MXP
last-modified
Mon, 17 Jan 2022 22:46:16 GMT
server
nginx
traceparent
00-0859f668f3ac493dbf88ea0cf67a837f-63bc01b4126eddfa-00
x-timer
S1644245380.981335,VS0,VE2
date
Mon, 07 Feb 2022 14:49:39 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Wed, 18 Jan 2023 22:46:19 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
494c89d1-77e7-11ec-b60a-923608c800f4
x-cache-hits
1, 1
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
417861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10391
timing-allow-origin
*
last-modified
Wed, 15 Jul 2020 18:15:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f0f47d3-e637"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgFL7tXak19AsARTmv%2B7V%2FR4qS8HBjxPaLk01cRY%2BM8qRnrsviu31wkLlHK18LH8ZG%2BzJWrDhgWqTAr5nk%2BeeEo7%2Fk6c4kBLpASsb3kr9bXyPTWUnc4qOyaFC7M2lGc0YELkEsH8iVgDIGAnrtRZRqFo"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d9d6d192a3b3746-MXP
expires
Sat, 28 Jan 2023 14:49:40 GMT
css_fGK6fjh9hoMw1vNt2civyL1nd3nckXyqKky94gQZoOg.css
justthenews.com/sites/default/files/css/ 		169 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://justthenews.com/sites/default/files/css/css_fGK6fjh9hoMw1vNt2civyL1nd3nckXyqKky94gQZoOg.css
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7c62ba7e387d868330d6f36dd9c8afc8bd677779dc917caa2a4cbde20419a0e8
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"61f2c4ab-2a37d"
age
830825
x-pantheon-styx-hostname
styx-fe3-a-b5f76b597-xpgjl
x-cache
HIT, HIT
x-cloud-trace-context
cf69a2cade034c2993a46b9d3bbfe441/8710182831617011833;o=0
content-length
28072
x-served-by
cache-mdw17323-MDW, cache-mxp6971-MXP
last-modified
Thu, 27 Jan 2022 16:13:31 GMT
server
nginx
traceparent
00-cf69a2cade034c2993a46b9d3bbfe441-78e0c923073cf079-00
x-timer
S1644245380.981479,VS0,VE1
date
Mon, 07 Feb 2022 14:49:39 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
expires
Sat, 28 Jan 2023 16:13:32 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
127f7492-7f8c-11ec-b46f-4e8bb7a7d8f6
x-cache-hits
1, 1
main.css
01.cdn.mediatradecraft.com/just-the-news/ 		2 KB
1013 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://01.cdn.mediatradecraft.com/just-the-news/main.css
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:2600:0:bed9:b980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2588cd8f2cb9219821b0221c97f954e299b9dbfdc4e6cd1039d54240733b9192

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
Mov6v8NsbSvTkQNTyWwOgjym1kmelI1J
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 19:12:13 GMT
server
AmazonS3
age
16665
etag
W/"7c2b0af8be91c7b9f2b004cad50e584b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
cache-control
max-age=172800
date
Mon, 07 Feb 2022 10:12:21 GMT
x-amz-replication-status
FAILED
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
I6ydzfA2OdSMfkbOPNoR4UuhhhOMEOATiCx2wJZRaMUcF5jz2kYv_w==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2027177744943203
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5c106d4fd248a7f3adbabda82caa0329ae5761cea17d90b8501745e0369e178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://justthenews.com/
Origin
https://justthenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53618
x-xss-protection
0
server
cafe
etag
11039402549493605866
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 14:49:40 GMT
a9d47bdf-2cb2-412d-8e40-08f3ea1f7df6
player.ex.co/player/ 		753 KB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/a9d47bdf-2cb2-412d-8e40-08f3ea1f7df6
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
60e5ea2c2766b7b575258e3fcff44679285dd3467f199a0fc315d9182aac3dd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-encoding
gzip
age
9931
x-cache
MISS, HIT
access-control-max-age
600
content-length
223898
x-served-by
cache-iad-kcgs7200061-IAD, cache-hhn4073-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1644245380.015343,VS0,VE1
etag
W/"bc205-hxmwWKYmyCvJn1CvAZPlUHsLsyw"
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 1
main.js
01.cdn.mediatradecraft.com/just-the-news/ 		174 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://01.cdn.mediatradecraft.com/just-the-news/main.js?article
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:2600:0:bed9:b980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37d608999440e6d337098883ba786027ed5a8cd27a4182997a4441853606941f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
8JkO617N4Cy1RG6DK.4ejjDZjED3dENn
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 19:12:13 GMT
server
AmazonS3
age
14461
etag
W/"0b1fb4934738004971251ce5746d2706"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
cache-control
max-age=172800
date
Mon, 07 Feb 2022 10:50:14 GMT
x-amz-replication-status
FAILED
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
bHe5QfjtUvhb5tzIyOI89MYQaEjUHqgoz_ujBPuaDjfi_7lsNHzl7w==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
70385f98221f89859dbfe0cc01afa83c0391fcfb7abd14d78bef1027155d7b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27248
x-xss-protection
0
server
sffe
etag
"1124 / 363 of 1000 / last-modified: 1644235574"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 07 Feb 2022 14:49:40 GMT
js_GGZfDjqn7QfC4LbrRm5FZSs9kN2Iu4nmjoi84wJPKx4.js
justthenews.com/sites/default/files/js/ 		692 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://justthenews.com/sites/default/files/js/js_GGZfDjqn7QfC4LbrRm5FZSs9kN2Iu4nmjoi84wJPKx4.js
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
18665f0e3aa7ed07c2e0b6eb466e45652b3d90dd88bb89e68e88bce3024f2b1e
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"61f03d24-2b4"
age
830825
x-pantheon-styx-hostname
styx-fe3-a-844776b484-62cbk
x-cache
HIT, HIT
x-cloud-trace-context
b5ea840d88f94532bb28bf69901ee179/6209468234029790117;o=0
content-length
298
x-served-by
cache-mdw17320-MDW, cache-mxp6971-MXP
last-modified
Tue, 25 Jan 2022 18:10:44 GMT
server
nginx
traceparent
00-b5ea840d88f94532bb28bf69901ee179-562c7675ad6af3a5-00
x-timer
S1644245380.981668,VS0,VE1
date
Mon, 07 Feb 2022 14:49:39 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Thu, 26 Jan 2023 18:10:46 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
1e1b1920-7e0a-11ec-9d4a-a2cf7902b930
x-cache-hits
2, 1
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
HFEsVPyG2xdk9_FYeN9qMCR4YggSwnaH
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
64
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0XRZWGTB8PYEECMRJZ8F
date
Mon, 07 Feb 2022 14:48:36 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Nbk4caz4N7QjE4yIuctU53qhID6MfdKRO373-oRjIaoGthe_Bj_Scg==
logo.svg
justthenews.com/themes/custom/jtn/ 		22 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://justthenews.com/themes/custom/jtn/logo.svg
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6fd5d08d59e73754e87baf8ca95ac95fce4d5f07dfd8482de957bf202b975b85
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"61f2c43e-590c"
age
830824
x-pantheon-styx-hostname
styx-fe3-b-7766ff95df-h9b8f
x-cache
HIT, HIT
x-cloud-trace-context
d61b09fe764f4fd78d7b0d69ef83a9a7/17721188410362818014;o=0
content-length
10203
x-served-by
cache-mdw17333-MDW, cache-mxp6971-MXP
access-control-allow-origin
*
last-modified
Thu, 27 Jan 2022 16:11:42 GMT
server
nginx
traceparent
00-d61b09fe764f4fd78d7b0d69ef83a9a7-f5ee4ef7e571edde-00
x-timer
S1644245380.180818,VS0,VE1
date
Mon, 07 Feb 2022 14:49:40 GMT
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish, 1.1 varnish
expires
Sat, 28 Jan 2023 16:13:39 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
1678ed38-7f8c-11ec-a554-eeb185e110ef
x-cache-hits
2, 1
js_pxYR9OIdevMP5PMmVpSmlGtJ9XrhIGyc5-yRJuRVvQQ.js
justthenews.com/sites/default/files/js/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://justthenews.com/sites/default/files/js/js_pxYR9OIdevMP5PMmVpSmlGtJ9XrhIGyc5-yRJuRVvQQ.js
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a71611f4e21d7af30fe4f3265694a6946b49f57ae1206c9ce7ec9126e455bd04
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"61e5f1ba-18cfb"
age
830825
x-pantheon-styx-hostname
styx-fe3-b-775bf576fd-6scrz
x-cache
HIT, HIT
x-cloud-trace-context
ed67d0e1f9de4e0faab29c789fad82ed/9582348222169787077;o=0
content-length
39990
x-served-by
cache-mdw17348-MDW, cache-mxp6971-MXP
last-modified
Mon, 17 Jan 2022 22:46:18 GMT
server
nginx
traceparent
00-ed67d0e1f9de4e0faab29c789fad82ed-84fb56f04886aac5-00
x-timer
S1644245380.113793,VS0,VE1
date
Mon, 07 Feb 2022 14:49:40 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Wed, 18 Jan 2023 22:46:18 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
48d2ba8d-77e7-11ec-8538-96b27eb0aa6f
x-cache-hits
1, 1
/
js.stripe.com/v3/ 		276 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-111.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1bbd7775b4648a4c247825d3f5520d8d58f7447815688fda7bc42a78ab5b7c24
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
45
x-cache
Hit from cloudfront
date
Mon, 07 Feb 2022 14:48:55 GMT
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
last-modified
Fri, 04 Feb 2022 22:48:29 GMT
server
Cloudfront
etag
W/"41c472a5d36507b361c3eeb20f9fb7f0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA56-P5
timing-allow-origin
*
x-amz-cf-id
pSU81D-bVnBDhNLURxQ0dfTVhCSRimNOnf_9Nju4X-9WCMqItytcdg==
js_UypujAb9f6muDzJcD9A5C_5Jex0Kpa-JRjC13nKsf6k.js
justthenews.com/sites/default/files/js/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://justthenews.com/sites/default/files/js/js_UypujAb9f6muDzJcD9A5C_5Jex0Kpa-JRjC13nKsf6k.js
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
532a6e8c06fd7fa9ae0f325c0fd0390bfe497b1d0aa5af894630b5de72ac7fa9
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"61e5f1bb-d09b"
age
830825
x-pantheon-styx-hostname
styx-fe3-b-775bf576fd-6scrz
x-cache
HIT, HIT
x-cloud-trace-context
ba9d9d362f7140f99ff480570760ee7d/2649311340268628516;o=0
content-length
16302
x-served-by
cache-mdw17344-MDW, cache-mxp6971-MXP
last-modified
Mon, 17 Jan 2022 22:46:19 GMT
server
nginx
traceparent
00-ba9d9d362f7140f99ff480570760ee7d-24c43ea098202a24-00
x-timer
S1644245380.180454,VS0,VE1
date
Mon, 07 Feb 2022 14:49:40 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Wed, 18 Jan 2023 22:46:19 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
494d9a1b-77e7-11ec-8538-96b27eb0aa6f
x-cache-hits
1, 1
commentPlatform.js
01.cdn.mediatradecraft.com/just-the-news/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://01.cdn.mediatradecraft.com/just-the-news/commentPlatform.js
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:2600:0:bed9:b980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca38463c8d6565b7ee354a1c1eed60b93dce41db930ab618d521f17e61dee3b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
02O9_YFa1vUWB28CPCCLG.tH3w4bcJ5n
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 18:54:04 GMT
server
AmazonS3
age
2104
etag
W/"9d842949861f5a674189e44b83b8f1eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
cache-control
max-age=7600
date
Mon, 07 Feb 2022 14:15:33 GMT
x-amz-replication-status
FAILED
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
1vTfXGbrd4zWp1M7rl5GnrwJMH5Cmm0priTF-1d0qEFZBj11DlqHMg==
outbrain.js
widgets.outbrain.com/ 		195 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b2570d4eded76dc46cf65ba2dfe2d32ec426c01e617d12772427740948b02fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 08:08:59 GMT
etag
"31-szYcU8SMZJPrrKQ2uVFavITUvrs"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
7b85109cbec6b9d20fcefcd9f5f77c04
timing-allow-origin
*, *
content-length
68884
events
prd-collector-anon.ex.co/main/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/a9d47bdf-2cb2-412d-8e40-08f3ea1f7df6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-17-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://justthenews.com
date
Mon, 07 Feb 2022 14:49:40 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=8da5345b-8938-49cd-bb7d-1c4b3e91a219&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1247%2C%22requestUUID%22%3A%228da5345b-8938-49cd-bb7d-1c4b3e91a219%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-53.dus51.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://justthenews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
content-length
2
date
Mon, 07 Feb 2022 14:49:40 GMT
x-powered-by
Express
access-control-allow-origin
https://justthenews.com
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache, no-store
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
mG_Kw8SbbZnSjgFfoWwdUd1CMNGmIKfXFxlmGcmT7nUPEIdtWoqx2g==
native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ 		520 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=8da5345b-8938-49cd-bb7d-1c4b3e91a219&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1247%2C%22requestUUID%22%3A%228da5345b-8938-49cd-bb7d-1c4b3e91a219%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-53.dus51.r.cloudfront.net
Software
/ Express
Resource Hash
967b53818317f72baeeabdcd4f4142cf946fc738fa7b493483dc5e494c819f15
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://justthenews.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
44JDyS3Fa3qXl02ifLXVsDQ97oOQ4ZlkHCBt6d9PH3pvIOXVYL_fQA==
via
1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
get_site_data
message.sp-prod.net/mms/ 		198 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://message.sp-prod.net/mms/get_site_data?requestUUID=3ed760ee-2866-4a92-b91e-2920fa0fb54f&account_id=1247&href=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Requested by
Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.192.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-192-100.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
0de9c60981a1f89aed3323c4650be5152f6303e5c354446cc20e40fa2ff12b47
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
x-sp-mms-node
ip-10-128-33-20
server
Jetty(9.4.2.v20170220)
strict-transport-security
max-age=15552000; includeSubdomains
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://justthenews.com
cache-control
max-age=2592000
access-control-allow-credentials
true
gtm.js
www.googletagmanager.com/ 		144 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KC8VTBP
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3316dd89404c16901728f6fbf9fb3cdb4a2060501542037cecbdb1cfe412dd26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53434
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 07 Feb 2022 14:49:40 GMT
sync.html
public.servenobid.com/ Frame 77C5 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&usp_consent=${US_PRIVACY}&redirect=https%3A%2F%2FSSP_DOMAIN.COM%3Fuid%3D%24UID
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::69 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/

Response headers

cache-control
max-age=86400
content-type
text/html
content-encoding
br
last-modified
Wed, 15 Dec 2021 19:31:35 GMT
accept-ranges
bytes
etag
"32347ab14bd5257f1f3d2e210ba82276"
server
AmazonS3
x-cache
TCP_HIT
x-amz-id-2
M37oFTyp7CY+Nyzy36WXT84IOmvwWGHKskKyvlirkdXBH370MelWIVLQWQsvyHk0yvHLevgIQEo=
x-amz-request-id
4BXRZXVVDQT9JPKJ
x-amz-meta-codebuild-content-sha256
8644b4f52d5a37b8f0b84f0bbcfa66f9e0f7f97407e4d25c13a055f86b22baed
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0897103a-6355-4b89-92f6-53a82b1da700
x-amz-meta-codebuild-content-md5
276cf0a41034befc9a603617ae1a1731
x-azure-ref-originshield
0UhMBYgAAAAD0+oW/wIGRTp1EmvNJyfgVQU1TMDRFREdFMTkxMAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref
0hDEBYgAAAADImP+h2P4OSpPlk16DZf6KRlJBRURHRTEwMTgAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date
Mon, 07 Feb 2022 14:49:39 GMT
truncated
/ 		51 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b279229c2eb8024708a5f4748914bb9c7fefee3c2fad50e18a64ff118ad5a32e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 13:58:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Feb 2022 14:49:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Feb 2022 14:49:40 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Origin
https://justthenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2838968
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80148
timing-allow-origin
*
last-modified
Wed, 15 Jul 2020 18:15:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f0f47d3-13914"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cSbwbF0nVy%2BXKLpiXJp1XeMjrxp3GW864w9KQ6Gawrr2mq8quJKzKz8ZrIQqv8yptpJzUXnEKMmam532i1C5MwgqkyNQzfDIyI81TeZqRm0xmbCGd6uFk2LvjtKc8x8xwjWJxAUne%2FAJ9IcLWZlXG4U"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d9d6d1a6d373749-MXP
expires
Sat, 28 Jan 2023 14:49:40 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Origin
https://justthenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
414566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77400
timing-allow-origin
*
last-modified
Wed, 15 Jul 2020 18:15:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f0f47d3-12e58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nb94fvrPDGaguMDEvFWoiWqJPcIcyo%2FrKu9HcYzM%2FuI%2B5QL9lDV1B24T7eBwS%2F1fKgiTSu%2FHm7zCR6n1pJRuOYCNwykoLVV6s0aM2X%2B8GxzKDuCb9kusuPTxlIWJIJamvi%2BNOOjz3m79UNs87qaVDrC3"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d9d6d1a6d3e3749-MXP
expires
Sat, 28 Jan 2023 14:49:40 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bdf51fbeabbc9aa8651d2b9e8e2c666c8a62683a5296545b2c70ac2cde9e85
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Origin
https://justthenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
415183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13600
timing-allow-origin
*
last-modified
Wed, 15 Jul 2020 18:15:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f0f47d3-3520"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPLVqEWkSWtWFehuCP6XmCm1jCCWXGjxphag%2FW8NTIUz86pzLGnzNjIvexG0qrOkBFkdrEQh%2FX3IllbEgB7ZkPVwfOgqR60arB14VB%2BaUwnUQ8z8st9%2FiMRBeZQPaj9aJb0%2FFohiKZQ9oo%2BubLHGfuj9"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d9d6d1a6d413749-MXP
expires
Sat, 28 Jan 2023 14:49:40 GMT
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/a9d47bdf-2cb2-412d-8e40-08f3ea1f7df6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 07 Feb 2022 14:54:40 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
a9d47bdf-2cb2-412d-8e40-08f3ea1f7df6_1643397854592.png
cdn.playbuzz.com/logos/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.playbuzz.com/logos/a9d47bdf-2cb2-412d-8e40-08f3ea1f7df6_1643397854592.png
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-56.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b2b04f26edbc4e925b1fab265413e2f047d023a7caf831a82f555d7ad69aeb5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-encoding
gzip
last-modified
Fri, 28 Jan 2022 19:24:15 GMT
server
AmazonS3
etag
"4c0326f7ee3fb123aa5019947d9a965d"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
47186
AVmanager.js
player.aniview.com/script/6.1/ Frame CD93 		347 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/a9d47bdf-2cb2-412d-8e40-08f3ea1f7df6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:12d:4ab::2c79 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e6829f7ef99a4e9f890ff3d02d733e89968f7d8e9151f59ac9e979e0c35bdd68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvkLmLpwrm-aQk58Uuv8sctVg84XGN09RrmanCm7lkZS-7nMfwQ1S4hjR6yT8f4OFVeTKDzgUECXxdCpAOuA_lorWRVkw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99198
last-modified
Thu, 03 Feb 2022 08:53:29 GMT
server
UploadServer
etag
"4b2afbbc0f55a184e5040024bff9a702"
vary
Accept-Encoding
x-goog-hash
crc32c=2a7qzQ==, md5=Syr7vA9VoYTlBAAkv/mnAg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1643878409331375
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99198
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 07 Feb 2022 14:54:40 GMT
events
prd-collector-anon.ex.co/main/ 		0
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/a9d47bdf-2cb2-412d-8e40-08f3ea1f7df6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-17-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://justthenews.com
date
Mon, 07 Feb 2022 14:49:40 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M16&cb=1644245380310&cid=609aa2159b1ed0632a75e147&VERSION=4.130.0&AV_PAGE_LOAD_UID=a7fecc3f-f14d-4ae4-9f78-b4284e66936d&AV_CDIM4=a7fecc3f-f14d-4ae4-9f78-b4284e66936d&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.109.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-109-72.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
message_url
message.sp-prod.net/mms/v2/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://message.sp-prod.net/mms/v2/message_url?requestUUID=3ed760ee-2866-4a92-b91e-2920fa0fb54f&account_id=1247&abp=false&href=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&consentUUID=undefined&loadedData=%5B%7B%22id%22%3A%22CONSENT%3Aendpoint%3Ahttps%3A%2F%2Fccpa-service.sp-prod.net%3A9460%22%2C%22result%22%3A%22%7B%5C%22hasConsentData%5C%22%3Afalse%2C%5C%22consentedToAny%5C%22%3Afalse%2C%5C%22consentedToAll%5C%22%3Afalse%2C%5C%22rejectedAny%5C%22%3Afalse%7D%22%7D%5D&stage_campaign=false&cookie=%5B%5D&t[type]=CCPA
Requested by
Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.192.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-192-100.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:40 GMT
x-sp-mms-node
ip-10-128-33-247
server
Jetty(9.4.2.v20170220)
strict-transport-security
max-age=15552000; includeSubdomains
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://justthenews.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-sp-mms-env
1
content-length
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://justthenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 18:59:49 GMT
x-content-type-options
nosniff
age
503391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 18:59:49 GMT
lazysizes.min.js
justthenews.com/libraries/lazysizes/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://justthenews.com/libraries/lazysizes/lazysizes.min.js
Requested by
Host: justthenews.com
URL: https://justthenews.com/sites/default/files/js/js_pxYR9OIdevMP5PMmVpSmlGtJ9XrhIGyc5-yRJuRVvQQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6e61be2f374a0122510025578940baf7ef8dbbcaf3ecc5f5535cfc81bd1cfd39
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"61f3e76f-1ed1"
age
830824
x-pantheon-styx-hostname
styx-fe3-b-7766ff95df-rdj97
x-cache
HIT, HIT
x-cloud-trace-context
87347ab7d6584d0cb13d005201995a9e/9963031763047749819;o=0
content-length
3726
x-served-by
cache-mdw17340-MDW, cache-mxp6971-MXP
last-modified
Fri, 28 Jan 2022 12:54:07 GMT
server
nginx
traceparent
00-87347ab7d6584d0cb13d005201995a9e-8a43cc9a226518bb-00
x-timer
S1644245380.413123,VS0,VE1
date
Mon, 07 Feb 2022 14:49:40 GMT
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
expires
Mon, 30 Jan 2023 00:02:36 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
c3d44f29-8096-11ec-9342-1e243dc0e655
x-cache-hits
2, 1
breaking
justthenews.com/rest/ 		482 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://justthenews.com/rest/breaking
Requested by
Host: justthenews.com
URL: https://justthenews.com/sites/default/files/js/js_pxYR9OIdevMP5PMmVpSmlGtJ9XrhIGyc5-yRJuRVvQQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bb3691c3ea56f61af84a48aef815d4f7540012c14fa60ab40073dd91efd28a7
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
x-content-type-options
nosniff
age
357
x-cache
HIT, MISS
x-drupal-dynamic-cache
MISS
x-cache-hits
4, 0
content-length
319
etag
W/"1644245021"
x-ua-compatible
IE=edge
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Mon, 07 Feb 2022 14:43:41 GMT
server
nginx
traceparent
00-e5290fc62b974778bb54c32f8174d12e-16904a59ffc2655b-00
x-timer
S1644245380.423187,VS0,VE114
x-frame-options
SAMEORIGIN
date
Mon, 07 Feb 2022 14:49:40 GMT
x-served-by
cache-mdw17341-MDW, cache-mxp6971-MXP
vary
Accept-Encoding, Cookie
content-language
en
via
1.1 varnish, 1.1 varnish
x-generator
Drupal 8 (https://www.drupal.org)
x-cloud-trace-context
e5290fc62b974778bb54c32f8174d12e/1625881215884223835;o=0
cache-control
max-age=900, public
accept-ranges
bytes
content-type
application/json
x-styx-req-id
5907d85e-8824-11ec-9aaf-e20ac895149f
x-drupal-cache
HIT
x-pantheon-styx-hostname
styx-fe3-b-7766ff95df-tcdnf
m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html
js.stripe.com/v3/ Frame CE0D 		240 B
962 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-111.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f1870f734a253734a07b0542733fbed3b28ae811a83967deed504d31274407f4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/

Response headers

content-type
text/html; charset=utf-8
content-length
240
last-modified
Thu, 27 Jan 2022 19:43:21 GMT
accept-ranges
bytes
server
Cloudfront
access-control-allow-origin
*
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-security-policy
default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
timing-allow-origin
*
date
Mon, 07 Feb 2022 14:35:21 GMT
cache-control
max-age=31536000
etag
"08a1fefa46cfc8cc94fc477ddcdb0555"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
14-DoVy5fNUrBAxB3WtVsU5Le7eeZY6A7hxxfGIloFVDnvuxEbLo_w==
age
859
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 06 Feb 2022 22:14:02 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
59739
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
ZrNzlceA8W_UqAGwRweJobi43sZoc3PJk6zzbPuzS5fVv2i5tYgsDA==
display-dns
ccpa-service.sp-prod.net/ccpa/consent/9460/ 		652 B
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ccpa-service.sp-prod.net/ccpa/consent/9460/display-dns?requestUUID=3ed760ee-2866-4a92-b91e-2920fa0fb54f
Requested by
Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.0.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-0-153.compute-1.amazonaws.com
Software
/
Resource Hash
a815dc1cc922f2e0b7c4f8b46157c2c65a42aa38757cfd85169a88a4ae9be9f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://justthenews.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
652
display-dns
ccpa-service.sp-prod.net/ccpa/consent/9460/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ccpa-service.sp-prod.net/ccpa/consent/9460/display-dns?requestUUID=3ed760ee-2866-4a92-b91e-2920fa0fb54f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.0.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-0-153.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://justthenews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-type
text/html; charset=utf-8
content-length
4
access-control-allow-origin
https://justthenews.com
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache
strict-transport-security
max-age=15552000; includeSubDomains
allow
POST
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/ 		286 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2027177744943203&plah=justthenews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2027177744943203
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
936a96afcde77875ce1b932be875ad57396d7b54dafdc05a190c994d14112630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105569
x-xss-protection
0
server
cafe
etag
737233414951617841
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 14:49:40 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/ Frame 64DA 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2027177744943203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Sun, 06 Feb 2022 16:33:14 GMT
expires
Sun, 20 Feb 2022 16:33:14 GMT
cache-control
public, max-age=1209600
age
80186
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_2022020101.js
securepubads.g.doubleclick.net/gpt/ 		351 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121756
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:38:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Feb 2023 14:41:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		214 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=justthenews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
eb49b1f5aa2e72fd6975b4a0e65ffce513c6da8cfdaf94566a2751a1b8ff3ae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 14:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126
x-xss-protection
0
expires
Mon, 07 Feb 2022 14:49:40 GMT
anVzdHRoZW5ld3MuY29t
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/anVzdHRoZW5ld3MuY29t
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.58.216.21 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-216-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 14:49:40 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=19782
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
ac00d783078868b44ce7b33b5d40f8d4
Content-Length
15
Expires
Mon, 07 Feb 2022 20:19:22 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=6.657264758211895
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Wed, 09 Mar 2022 14:49:40 GMT
21666.js
micro.rubiconproject.com/prebid/dynamic/ 		433 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/21666.js
Requested by
Host: 01.cdn.mediatradecraft.com
URL: https://01.cdn.mediatradecraft.com/just-the-news/main.js?article
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
968c7a08c066b33c989569fb817d4f6ababcf720f546f4e1c35ff14fc40981d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-encoding
gzip
last-modified
Sat, 05 Feb 2022 12:06:02 GMT
server
Apache
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
edge-cache-tag
prod-prebid-21666_JustTheNews_Desktop.js
content-type
text/javascript
access-control-expose-headers
x-trp-pba
cache-control
public, must-revalidate, max-age=0
content-length
129605
x-trp-pba
{"ruleId":"23","rulePos":0,"ruleName":"JTN - Desktop","wrapperName":"21666_JustTheNews_Desktop","isPrimary":true,"randomProb":3,"account":21666,"device":"desktop","country":"DE","host":"justthenews.com","isMobile":false,"isTablet":false,"reqHost":"micro.rubiconproject.com","referrer":["https://justthenews.com/"],"xForwardedFor":"","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36","query":"","ranAt":"2022-02-07T14:49:40.556Z","runId":"1644245380556-3853","wrapperPath":"/prebid/21666_JustTheNews_Desktop.js","redirectUrl":"/prebid/get-wrapper/JTN%20-%20Desktop/21666_JustTheNews_Desktop.js"}
expires
Mon, 07 Feb 2022 18:02:06 GMT
529.44d6f98e802e1b2cdb38.js
01.cdn.mediatradecraft.com/just-the-news/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://01.cdn.mediatradecraft.com/just-the-news/529.44d6f98e802e1b2cdb38.js
Requested by
Host: 01.cdn.mediatradecraft.com
URL: https://01.cdn.mediatradecraft.com/just-the-news/main.js?article
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:2600:0:bed9:b980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44999230a85ab93722edda59415c5bf08d35691437ec91921438b1284ae098a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
3Wej4DqwnHsS1VmA3zaouU3rZDmveSgt
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 19:12:12 GMT
server
AmazonS3
age
17770
etag
W/"eaf29e4aed604729848fbe969adfe088"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
cache-control
max-age=172800
date
Mon, 07 Feb 2022 09:53:31 GMT
x-amz-replication-status
FAILED
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
PehGbAQuAaBYxw0Blz0a8_Lkev8ONQ809qc0XTL2tuSslnJpIMUaqw==
csp-report
q.stripe.com/ Frame CE0D 		0
356 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
2
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KC8VTBP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2688
date
Mon, 07 Feb 2022 14:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 07 Feb 2022 16:04:52 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KC8VTBP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
CVqon3ZA5BWdqRwsIgGr0X15DMPUN80XHXqMjGnGVMbiP7IMo+E8pRnleffk3HWlfXd0+gZIhaSjurF9MoKzMw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 07 Feb 2022 14:49:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
13926
g2.gumgum.com/usync/ Frame 8435 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&usp_consent=${US_PRIVACY}&redirect=https%3A%2F%2FSSP_DOMAIN.COM%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.130.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
82ebd542079ea66fbee420bfe0925495c3b7c26bab362d1e462660ac2998f16c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-type
text/html;charset=UTF-8
server
nginx
etag
W/"0b2b07dd24625088f53cf593f296d9f53"
timing-allow-origin
*
content-encoding
gzip
ps
pixel.33across.com/ Frame A618 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&usp_consent=${US_PRIVACY}&redirect=https%3A%2F%2FSSP_DOMAIN.COM%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Mon, 07 Feb 2022 14:49:40 GMT
/
onetag-sys.com/usync/ Frame 2567 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&usp_consent=${US_PRIVACY}&redirect=https%3A%2F%2FSSP_DOMAIN.COM%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 2915 		579 B
829 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&usp_consent=${US_PRIVACY}&redirect=https%3A%2F%2FSSP_DOMAIN.COM%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
c971b037378f66f07e4a7a3ee3356c7f9e177f0550dd1b6c72cbed742a9061f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Mon, 07 Feb 2022 14:49:39 GMT
content-type
text/html
content-length
579
usermatch
ssum-sec.casalemedia.com/ Frame 261C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&usp_consent=${US_PRIVACY}&redirect=https%3A%2F%2FSSP_DOMAIN.COM%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1d6ccc8868e042e68108da4db0da8bb4f80136bdc1e6002013a4514d89228036

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|45|64|191|88|31
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 07 Feb 2022 14:49:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:40 GMT
Content-Length
1752
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 07 Feb 2022 14:49:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:40 GMT
Connection
keep-alive
sync
ads.servenobid.com/ Frame 77C5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
  • https://ads.servenobid.com/sync?pid=312&uid=4820658710785878206
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=4820658710785878206
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&usp_consent=${US_PRIVACY}&redirect=https%3A%2F%2FSSP_DOMAIN.COM%3Fuid%3D%24UID
Protocol
H2
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:40 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3f9b3444-edc2-44af-8ff8-018e0f27a9dd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=4820658710785878206
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 77C5
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=4d62000023bb361b3151333a
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=4d62000023bb361b3151333a
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&usp_consent=${US_PRIVACY}&redirect=https%3A%2F%2FSSP_DOMAIN.COM%3Fuid%3D%24UID
Protocol
H2
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=4d62000023bb361b3151333a
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 77C5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1644245380614
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5443624994
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5443624994
  • https://sync.1rx.io/usersync/tradedesk/0710b751-6540-4829-b553-19f3ac610e33
  • https://sync.targeting.unrulymedia.com/csync/RX-48ba9e82-18fd-4013-aa14-557ab1ef151b-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-48ba9e82-18fd-4013-aa14-557ab1ef151b-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-48ba9e82-18fd-4013-aa14-557ab1ef151b-003
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-48ba9e82-18fd-4013-aa14-557ab1ef151b-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&usp_consent=${US_PRIVACY}&redirect=https%3A%2F%2FSSP_DOMAIN.COM%3Fuid%3D%24UID
Protocol
H2
Server
18.203.130.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-48ba9e82-18fd-4013-aa14-557ab1ef151b-003
date
Mon, 07 Feb 2022 14:49:41 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX48ba9e8218fd4013aa14557ab1ef151b003
content-type
text/html
101954
jadserve.postrelease.com/suid/ Frame 77C5 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&usp_consent=${US_PRIVACY}&redirect=https%3A%2F%2FSSP_DOMAIN.COM%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.177.241.193 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-177-241-193.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:40 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ads.servenobid.com/ Frame 77C5
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5141210819713131212
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5141210819713131212
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&usp_consent=${US_PRIVACY}&redirect=https%3A%2F%2FSSP_DOMAIN.COM%3Fuid%3D%24UID
Protocol
H2
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5141210819713131212
Date
Mon, 07 Feb 2022 14:49:40 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 77C5 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&usp_consent=${US_PRIVACY}&redirect=https%3A%2F%2FSSP_DOMAIN.COM%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:40 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 77C5
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=b31ab47e-3c22-4d2b-bdc1-b51f333e2421&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=b31ab47e-3c22-4d2b-bdc1-b51f333e2421&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&usp_consent=${US_PRIVACY}&redirect=https%3A%2F%2FSSP_DOMAIN.COM%3Fuid%3D%24UID
Protocol
H2
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=b31ab47e-3c22-4d2b-bdc1-b51f333e2421&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Mon, 07 Feb 2022 14:49:39 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 77C5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-oJjabOtE2uEiyjHqJt25A3Ks47lwKtZO3Ii5yvE-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-oJjabOtE2uEiyjHqJt25A3Ks47lwKtZO3Ii5yvE-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&usp_consent=${US_PRIVACY}&redirect=https%3A%2F%2FSSP_DOMAIN.COM%3Fuid%3D%24UID
Protocol
H2
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-oJjabOtE2uEiyjHqJt25A3Ks47lwKtZO3Ii5yvE-~A
date
Mon, 07 Feb 2022 14:49:40 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
m-outer-ebb7106827d6c64e55a93b6fe1303341.js
js.stripe.com/v3/fingerprinted/js/ Frame CE0D 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-ebb7106827d6c64e55a93b6fe1303341.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-111.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
7
x-cache
Hit from cloudfront
date
Mon, 07 Feb 2022 14:49:33 GMT
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jan 2022 19:43:06 GMT
server
Cloudfront
etag
W/"5213886b88cd72e6d0aebc89868e5d13"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA56-P5
timing-allow-origin
*
x-amz-cf-id
GkDzE5x1-Uk1lKTGXqjTwVCAdCDCZsDB4bAcmVwmiCVIIvLRI-Cgsw==
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=justthenews.com&sn=&cd4=a7fecc3f-f14d-4ae4-9f78-b4284e66936d&cd5=default&ic=0&tgt=0&app=&wi=945&he=532&test=&d36=6.1.3&apppkg=&fv=1&proto=https&pid=56ea678d181f46c76f8b45fb&cid=609aa2159b1ed0632a75e147&stagid=&stplid=&e=inventory&vi=95&cb=1644245380641
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.109.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-109-72.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
index.html
cdn.privacy-mgmt.com/ Frame 2C20 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/index.html?message_id=576251&consentUUID=a963c492-0c31-468d-b733-d86cd4611a79&requestUUID=8da5345b-8938-49cd-bb7d-1c4b3e91a219&preload_message=true
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-53.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b16e4fdd3534e5df810787df45c2b8441ef95029ca125ab45d99f0bc68da9bc0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/

Response headers

content-type
text/html
last-modified
Thu, 18 Nov 2021 02:51:09 GMT
server
AmazonS3
content-encoding
gzip
date
Mon, 07 Feb 2022 13:50:46 GMT
etag
W/"89b8a4c9183b2e83d76d4204d34d51f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
0wUcw1HywGgwxY8Cp234Mbi2zH1GZeVKs2hbUbZHVVjITcSDWVWQlw==
age
3535
placement_invocation
ob.cheqzone.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-42.fra56.r.cloudfront.net
Software
Caddy /
Resource Hash
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 10:59:24 GMT
content-encoding
gzip
server
Caddy
age
13816
etag
"bf83-flSXooGsmrmYNlxSK09toJAtNHc"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
FRA56-P4
content-length
18458
x-amz-cf-id
MZFZwkKuT5Cl3DMLOCNYYYm4I2iaNTtDwovpXkBlnTBkuqTMRf8MbQ==
expires
Mon, 07 Feb 2022 22:59:24 GMT
ats.js
ats.rlcdn.com/ 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: 01.cdn.mediatradecraft.com
URL: https://01.cdn.mediatradecraft.com/just-the-news/main.js?article
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-74.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding
br
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age
9617
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
date
Mon, 07 Feb 2022 12:09:24 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via
1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
application/x-javascript
x-amz-cf-id
HSHg-y-1LbBNk69yAqWyij0IPG-pCxWD73TkvDN1nYhJWekChkxn-A==
landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.m3u8
mcd.ex.co/video/upload/sp_hd/v1490095101/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
511ab271ab7ef9130a9fe0d1d53613969f3cc9f9f313d59a0555671a81481ffa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 14:49:40 GMT
Cache-Tag
173455578036285356254544881974673795778,394554537382471183304184472313687845759,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Status
200 OK
Connection
keep-alive
Content-Length
1127
X-Request-Id
52db4d6efd700ad9ae3fb2996d1c703d
X-Served-By
cache-dca17767-DCA
Last-Modified
Fri, 04 Feb 2022 20:52:02 GMT
Server
cloudinary
X-Timer
S1644007921.644226,VS0,VE1414
ETag
"96aea67d49a08e67e06f4a6a97e79c21"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31320159
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.52
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
20661
x-xss-protection
0
pragma
public
x-fb-debug
+icDtM5xt81tpMAwdTLGhecAT41VrcUphSTBzW+eL9qEsUcFe3KgIbmEBXoVckC+UKHZYcpLDsGIql/eMftiqQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 07 Feb 2022 14:49:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
217456166125993
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/217456166125993?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
857c53f37d6582d658e62e83aebe4dee7fd21471f3371968e497eff161c0040e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
66WgnSU6t2hWgVmQXn7RLD1tfSUOfg+PpAN+WiiDgxzpm20OzikVvsbAIkQ2WiMrE14Me96I3xJNRrT9KAoaBg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 07 Feb 2022 14:49:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
inner.html
m.stripe.network/ Frame 6065 		932 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-ebb7106827d6c64e55a93b6fe1303341.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:5200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
content-length
932
last-modified
Fri, 28 Jan 2022 20:07:53 GMT
accept-ranges
bytes
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
date
Mon, 07 Feb 2022 14:48:57 GMT
cache-control
max-age=300, public
etag
"f6254e6dd0cb06228801a1c8baf0939f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
QRlUbtp-7J3CHkhr-9WUxvCufF8nB3GbUc6mQ4ZRhQ18D_jhE-ANEg==
age
44
/
premiumsrv.aniview.com/api/adserver/tag/ 		30 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.130.0&AV_PAGE_LOAD_UID=a7fecc3f-f14d-4ae4-9f78-b4284e66936d&AV_CDIM4=a7fecc3f-f14d-4ae4-9f78-b4284e66936d&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=609aa2159b1ed0632a75e147&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=justthenews.com&AV_DADPOS=1&d36=6.1.3&responsive=1&sver=1&avtoken=380640&AV_WIDTH=945&AV_HEIGHT=532&AV_DNT=0&cb=1644245380695
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.96.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-96-140.compute-1.amazonaws.com
Software
/
Resource Hash
ce1203ea708fb6979d9006f0149bfde6c89f08863e8e0b0a225c02bf717146ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://justthenews.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Thu, 27 Jan 2022 01:03:01 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fjustthenews.com&pubid=78a541f2-9748-4ba5-9cda-85fd7a44b234
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
106a9cf1e802e4b4eb79670ac273e521ad3d3df4188772729a308d36573bc6ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:40:00 GMT
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
server
Server
age
11379
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://justthenews.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-P2
content-length
1590
x-amz-cf-id
AUtCiNNjRQO10zBeV9tO68YXjCMx3ZekJIzsXO_vjqr59csGfyvEFQ==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=823419740&t=pageview&_s=1&dl=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&ul=en-us&de=UTF-8&dt=Biden%20family%20received%20%2431%20million%20from%20businessmen%20tied%20to%20Chinese%20intelligence%2C%20book%20reveals%2C%20%7C%20Just%20The%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=232007242&gjid=390387287&cid=209220356.1644245381&tid=UA-156171718-1&_gid=320934947.1644245381&_r=1&gtm=2wg220KC8VTBP&cd2=Natalia%20Mittelstadt&z=1031102055
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://justthenews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-report
q.stripe.com/ Frame 6065 		0
131 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
x-envoy-upstream-service-time
1
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&pid=a1HGFW0GTsa65&cb=0&ws=1600x1200&v=7.72.0&t=1000&slots=%5B%7B%22sd%22%3A%22topFlex%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21854935662%2C21924249896%2FJustTheNews_Desktop%2FJustTheNews_Top_970xFlex%22%7D%5D&schain=1.0%2C1!mediatradecraft.com%2C111115%2C1%2C%2C%2C&pubid=78a541f2-9748-4ba5-9cda-85fd7a44b234&gdpre=1&gdprc=CPUAmjmPUAmjmAGABCENCBCgAAAAAH_AAAYgAAAQTAIMBAUAAAEEAAAIECIQAAQgiQAAAABBCABQBIAEqgACVwERgIAACAxAQgAAgBAQgwCAAAAAJAAgBACwQCAACAQAAgAEAAAAEIAIDACwEAAAEAJCAAiACECAgiAAg5DAgIACCAFABAAAOJDACAMsoASBAAAAAAAAAAAAAAAAAAAAAABATGQBABHADLAN4AmIaABAXQIgCgBWAGWAQAA1gB1RIAIBdADfwgAIApYDAgkAsABAAVgBlgEAAMUAawA3gCYgEygLQAbeFABACKAF8GgDgBWAGWAQAAgoBrADeAHVDgAgF0AN_FQBQBHADLAN4AmIBuQsACAugdAJACsAWIAuoBigDqALQAXaA0QBt48AIAIoAXwBGQG_kIAwAjgChgGKAOoAu0BohEAEAL4AjJKAQAAgAD4AbQC6gGKAOoAu0Bt5MAEARkBv5SAIAUMBJwC7QG3lQAQAvgG_gAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P2
x-amz-rid
2C22MPDPHSTV3R59R4GG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://justthenews.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
F6YBobekVPZGTW1c6hOPEkP1L29FdrtSp0MBr5nKrhOxfex0erfp9g==
landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1644007300/ 		774 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1644007300/landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
c9ac88b6f5aa138441daeeb2d381a76f3b56723b7aaeb3ebbc8b628e84117fde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 14:49:40 GMT
Cache-Tag
173455578036285356254544881974673795778,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
774
X-Served-By
cache-dca17767-DCA
Last-Modified
Fri, 04 Feb 2022 20:41:54 GMT
Server
cloudinary
X-Timer
S1644007922.342092,VS0,VE51
ETag
"26ad41ef79c90901618bc304a5a6db99"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31320232
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-156171718-1&cid=209220356.1644245381&jid=232007242&gjid=390387287&_gid=320934947.1644245381&_u=YEBAAEAAAAAAAC~&z=1992614360
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 07 Feb 2022 14:49:40 GMT
content-type
text/plain
access-control-allow-origin
https://justthenews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 8435
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=4820658710785878206
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=4820658710785878206
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.203.130.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:40 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7a887f37-c3da-4daf-9bc9-ea96284c53ef
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=4820658710785878206
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 8435
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_779e695b-d39f-40f6-80d7-3daae10fc387&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_779e695b-d39f-40f6-80d7-3daae10fc387&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=f8c3d737-f922-4081-87e5-6acd8e1b8c7a&ssp=gumgum2
  • https://rtb.gumgum.com/usersync?b=bsw&i=2df4b741-9ab0-4f7f-8881-dbad0b8058a7
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=2df4b741-9ab0-4f7f-8881-dbad0b8058a7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.203.130.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=2df4b741-9ab0-4f7f-8881-dbad0b8058a7
Date
Mon, 07 Feb 2022 14:49:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 8435
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Dm14RZeZKsUDEDslaiooS64IP9dUYr9EaxoZqp8ca_h92aFhPnN_cs44-o-Mf_w1%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_779e695b-d39f-40f6-80d7-3daae10fc387&obuid=ENC(Dm14RZeZKsUDEDslaiooS64IP9dUYr9EaxoZqp8ca_h92aFhPnN_cs44-o-Mf_w1)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=$D
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=$D
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=2cd49f8b-4fd5-4fa9-8ed1-2a14da2351a8
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=2cd49f8b-4fd5-4fa9-8ed1-2a14da2351a8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 14:49:42 GMT
Cache-Control
no-cache
X-TraceId
15efdfc7e0d588c647ba287f405b22bd
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=mediaforce&uid=2cd49f8b-4fd5-4fa9-8ed1-2a14da2351a8
Date
Mon, 07 Feb 2022 14:49:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
rtb.gumgum.com/ Frame 8435
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=97104fd0-1a9a-482b-b803-e4d0e0940387
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=97104fd0-1a9a-482b-b803-e4d0e0940387
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.203.130.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 07 Feb 2022 14:49:41 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=97104fd0-1a9a-482b-b803-e4d0e0940387
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 8435
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-f48fa236-a52d-4553-631d-b1943de0ce89$ip$217.64.151.5
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-f48fa236-a52d-4553-631d-b1943de0ce89$ip$217.64.151.5
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.203.130.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-f48fa236-a52d-4553-631d-b1943de0ce89$ip$217.64.151.5
Date
Mon, 07 Feb 2022 14:49:41 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 8435
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-NOFexzhE2pdIS5iTZ87lKsIRJOmOam0T_qqq~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-NOFexzhE2pdIS5iTZ87lKsIRJOmOam0T_qqq~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.203.130.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 07 Feb 2022 14:49:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-NOFexzhE2pdIS5iTZ87lKsIRJOmOam0T_qqq~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame 8435
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=2e442d4a-8825-11ec-9dac-e19a0e84bc3f
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=2e442d4a-8825-11ec-9dac-e19a0e84bc3f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.203.130.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=2e442d4a-8825-11ec-9dac-e19a0e84bc3f
Date
Mon, 07 Feb 2022 14:49:40 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
2e442d4b-8825-11ec-9dac-e19a0e84bc3f
services
sync.technoratimedia.com/ Frame 8435 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
294624864
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 8435 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
content-length
0
server
c
usersync
rtb.gumgum.com/ Frame 8435
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_779e695b-d39f-40f6-80d7-3daae10fc387&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=bN4y76HcspodnsQZicye&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YSOGR4TONSIMNZXA33ENZZVCWTJMN4WKJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=bN4y76HcspodnsQZicye&us_privacy=1---
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=bN4y76HcspodnsQZicye&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.203.130.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:41 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=bN4y76HcspodnsQZicye&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 8435
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=4a707b97-17a7-4863-b377-6cf6bad09773
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=4a707b97-17a7-4863-b377-6cf6bad09773
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.203.130.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=4a707b97-17a7-4863-b377-6cf6bad09773
date
Mon, 07 Feb 2022 14:49:41 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
RX-48ba9e82-18fd-4013-aa14-557ab1ef151b-003
sync.targeting.unrulymedia.com/csync/ Frame 8435
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6076701345
  • https://sync.1rx.io/usersync/tradedesk/0710b751-6540-4829-b553-19f3ac610e33
  • https://sync.targeting.unrulymedia.com/csync/RX-48ba9e82-18fd-4013-aa14-557ab1ef151b-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-48ba9e82-18fd-4013-aa14-557ab1ef151b-003
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
213.19.147.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-48ba9e82-18fd-4013-aa14-557ab1ef151b-003
pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
usersync
rtb.gumgum.com/ Frame 8435
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=BRk6xak6ThBg&ev=1&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=BRk6xak6ThBg&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.203.130.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=BRk6xak6ThBg&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-56659f45bd-28dvt
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 8435 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-length
0
sync
ads.servenobid.com/ Frame 8435 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_779e695b-d39f-40f6-80d7-3daae10fc387
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 2915 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=5936013650851756463&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
redir
rtb-csync.smartadserver.com/ Frame 2915
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGdqE7EAmMAAHB-dHKLtQ&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGdqE7EAmMAAHB-dHKLtQ&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:40 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGdqE7EAmMAAHB-dHKLtQ&gdpr=0
Date
Mon, 07 Feb 2022 14:49:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
/
rtb-csync.smartadserver.com/redir/ Frame 2915
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=f8c3d737-f922-4081-87e5-6acd8e1b8c7a&ssp=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=2df4b741-9ab0-4f7f-8881-dbad0b8058a7&gdpr=&gdpr_consent=
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=2df4b741-9ab0-4f7f-8881-dbad0b8058a7&gdpr=&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=2df4b741-9ab0-4f7f-8881-dbad0b8058a7&gdpr=&gdpr_consent=
Date
Mon, 07 Feb 2022 14:49:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
s.ad.smaato.net/c/ Frame 2915 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:1200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
5WRIR5fmtNov9UaPQH5uzYMTf_jLwupIiFT_161a8jLEebOQKH2nmQ==
x-cache
FunctionGeneratedResponse from cloudfront
/
rtb-csync.smartadserver.com/redir/ Frame 2915
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=856ZbPadkWnoyctp9ZqEOfzNmm7olZ9soZ_eXVLq
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=856ZbPadkWnoyctp9ZqEOfzNmm7olZ9soZ_eXVLq
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:40 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=856ZbPadkWnoyctp9ZqEOfzNmm7olZ9soZ_eXVLq
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Mon, 07 Feb 2022 15:04:40 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Mon, 07 Feb 2022 14:16:34 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10638
x-request-id
1053032897
dcm
s.amazon-adsystem.com/ Frame 261C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgExhMOCL5RgFggK24zkFQAABMQAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgExhMOCL5RgFggK24zkFQAABMQAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgExhMOCL5RgFggK24zkFQAABMQAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
H1GQQ2JRSFDMZKJCGJ2A
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Z413W9QB5Z8ER65G52M0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgExhMOCL5RgFggK24zkFQAABMQAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 261C 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 261C 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgExhMOCL5RgFggK24zkFQAABMQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 261C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgExhMOCL5RgFggK24zkFQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIcDAwdUhiKJdFOutBY4FF0&google_cver=1&gdpr=1
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIcDAwdUhiKJdFOutBY4FF0&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 14:49:41 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIcDAwdUhiKJdFOutBY4FF0&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 261C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1646837381
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1646837381
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 14:49:41 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:40 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1646837381
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
index
dmp.brand-display.com/cm/api/ Frame 261C 		43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.135.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-135-153.us-west-2.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
last-modified
Mon, 07 Feb 2022 14:49:41 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 07 Feb 2022 14:49:42 GMT
rum
dsum-sec.casalemedia.com/ Frame 261C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YgExhQAEcdicKABB
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgExhQAEcdicKABB&gdpr=1&_test=YgExhQAEcdicKABB
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgExhQAEcdicKABB&gdpr=1&_test=YgExhQAEcdicKABB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 14:49:41 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644245381.207907,VS0,VE0
x-served-by
cache-hhn4077-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgExhQAEcdicKABB&gdpr=1&_test=YgExhQAEcdicKABB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
noop
px.owneriq.net/ Frame 261C
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6975317812142490646&uid=Q6975317812142490646&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 14:49:41 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Mon, 07 Feb 2022 14:49:41 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame 261C 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YgExhMOCL5RgFggK24zkFQAABMQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.2.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-2-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
Notice.03819.css
cdn.privacy-mgmt.com/ Frame 2C20 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/Notice.03819.css
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=576251&consentUUID=a963c492-0c31-468d-b733-d86cd4611a79&requestUUID=8da5345b-8938-49cd-bb7d-1c4b3e91a219&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-53.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51eb44a48f2ec3bf5ee39395698b49d23ad55ed26f05bcbbccbeb1e128f477ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=576251&consentUUID=a963c492-0c31-468d-b733-d86cd4611a79&requestUUID=8da5345b-8938-49cd-bb7d-1c4b3e91a219&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:14:33 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 02:51:09 GMT
server
AmazonS3
age
2108
etag
W/"894f01a34ee58f1147257366e6a6bde7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
D5jW1PXzPFHXaiuHRQdHlP9QubpfwkXgGoVTO8rto_bFdph6eWf2xw==
polyfills.d36c5.js
cdn.privacy-mgmt.com/ Frame 2C20 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/polyfills.d36c5.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=576251&consentUUID=a963c492-0c31-468d-b733-d86cd4611a79&requestUUID=8da5345b-8938-49cd-bb7d-1c4b3e91a219&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-53.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=576251&consentUUID=a963c492-0c31-468d-b733-d86cd4611a79&requestUUID=8da5345b-8938-49cd-bb7d-1c4b3e91a219&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:33:41 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 02:51:09 GMT
server
AmazonS3
age
960
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
PZWSWfkkEt_8Zhyk9UNZfj4DFPTYB7dAsWVeBDCbK3hSNM1_bB5wDg==
Notice.70828.js
cdn.privacy-mgmt.com/ Frame 2C20 		209 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/Notice.70828.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=576251&consentUUID=a963c492-0c31-468d-b733-d86cd4611a79&requestUUID=8da5345b-8938-49cd-bb7d-1c4b3e91a219&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-53.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
498d017c7df4ed4e2a5945e5502cbd57fd431fa898b4fd3209fdc045c3c34d7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=576251&consentUUID=a963c492-0c31-468d-b733-d86cd4611a79&requestUUID=8da5345b-8938-49cd-bb7d-1c4b3e91a219&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 13:50:49 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 02:51:09 GMT
server
AmazonS3
age
3532
etag
W/"3f789fabb7890dc26d3914692795ffb3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
1vNvkgrIYL9Kso11CI6Ek1qmjRclSm29i8g5-H9buTF7WfHE-qQFiA==
show_pla
obs.cheqzone.com/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=54707767086117820180187535107182732667268918825978821825099264117555&nc=0&tsf=0&tsfmi=&pv=0&cb=1644245380925&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=509528714&at=&bid=e30%3D&di=W1siZWYiLDI1NzJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyLTUu%0D%0AMC4wKVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMu%0D%0AMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1%0D%0AbSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6OSxcIndnbFwiOjEsXCJncmVuXCI6XCJ3%0D%0AZWJraXQgd2ViZ2xcIixcInNlZlwiOjM1Nzc1Njc1NTgsXCJzZWNcIjpcIlwifSJdLFstMSwiLSJd%0D%0ALFstMiwiNyxlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpMODZMMjNBQ0dVaEJJ%0D%0Ad0lTU0VFQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3MHV4cUZ4Il0sWy0z%0D%0ALCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2ll%0D%0AaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYs%0D%0AIntcIndcIjpbXCIwXCIsXCJjaHJvbWVcIixcIk5SRVVNXCIsXCJuZXdyZWxpY1wiLFwiX19ucl9y%0D%0AZXF1aXJlXCIsXCJkYXRhTGF5ZXJcIixcImNvbVwiLFwiU1RSRUFNX0NPTkZJR1NcIixcIlNUUkVB%0D%0ATV9JRFwiLFwiX19FWENPX0lOVEVHUkFUSU9OX1RZUEVcIixcIl9hdmNwXCIsXCJyZWdlbmVyYXRv%0D%0AclJ1bnRpbWVcIixcIl9fRVhDT1wiLFwicGJQYWdlSWRlbnRpZmllclwiLFwiZ29vZ2xldGFnXCIs%0D%0AXCJfX3RjZmFwaVwiLFwiX191c3BhcGlcIixcIl9zcF9cIixcIl9zcF9jY3BhXCIsXCJfX2NvcmUt%0D%0AanNfc2hhcmVkX19cIixcImNvcmVcIixcIiRcIixcImpRdWVyeVwiLFwiZHJ1cGFsU2V0dGluZ3Nc%0D%0AIixcIkRydXBhbFwiLFwiX193ZWJwYWNrU3RyaXBlSlN2M0pzb25wXCIsXCJTdHJpcGVcIixcIkNv%0D%0Ab2tpZXNcIixcImxhenlTaXplc0NvbmZpZ1wiLFwiYXBzdGFnTE9BREVEXCIsXCJhcHN0YWdcIixc%0D%0AImdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWVcIixcImdvb2dsZV9zcnRcIixcImdvb2dsZV9sb2dn%0D%0AaW5nX3F1ZXVlXCIsXCJ0bW9kXCIsXCJnb29nbGVfYWRfbW9kaWZpY2F0aW9uc1wiLFwiZ2dlYWNc%0D%0AIixcImdvb2dsZV9tZWFzdXJlX2pzX3RpbWluZ1wiLFwiZ29vZ2xlX3JlYWN0aXZlX2Fkc19nbG9i%0D%0AYWxfc3RhdGVcIixcImFkc2J5Z29vZ2xlXCIsXCJfZ2ZwX2FfXCIsXCJnb29nbGVfc2FfcXVldWVc%0D%0AIixcImdvb2dsZV9wcm9jZXNzX3Nsb3RzXCIsXCJnb29nbGVfcGVyc2lzdGVudF9zdGF0ZV9hc3lu%0D%0AY1wiLFwiZ29vZ2xlX3NwZmRcIixcImdvb2dsZV91bmlxdWVfaWRcIixcImdvb2dsZV9zdl9tYXBc%0D%0AIixcImdvb2dsZV90YWdfbWFuYWdlclwiLFwiT0JSXCIsXCJPQl9yZWxlYXNlVmVyXCJdLFwiblwi%0D%0AOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTEx%0D%0ALCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwib2c6dGl0bGVcIixcIm9nOmRl%0D%0Ac2NyaXB0aW9uXCIsXCJ0d2l0dGVyOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOnRpdGxlXCJdfSJd%0D%0ALFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwie1wib1wiOjAuMDAzNTA4NzcxOTI5ODI0NTYx%0D%0ANX0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5%0D%0ALCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIw%0D%0AMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIyMDkyMjAzNTYuMTY0NDI0%0D%0ANTM4MSJdLFstMjEsInVPazE3SWgxIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxb%0D%0ALTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6Mzk2MDAwMDAsXCJ1amhzXCI6MzUx%0D%0AMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCwxMCwwLFwiNGdcIixudWxsXSJd%0D%0ALFstMjgsImVuLVVTIl0sWy0yOSwie1widlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAsMiwwLDAs%0D%0AMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIjIiXSxb%0D%0ALTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjQ0MjQ1MzgwOTE1LDBdIl0sWy0zNiwiW1wiNC8z%0D%0AXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDEsMCwwLDAs%0D%0AMTcsNDIsMTQwLDQ0OCwwLDQ4Myw0ODMsMTE1OCwxMTU4Il0sWy0zOSwiW1wiMjAwMzAxMDdcIiww%0D%0ALFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxz%0D%0AZSxudWxsLDBdIl0sWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMs%0D%0AIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIi0iXSxb%0D%0ALTQ2LCIwIl0sWy00NywiRXRjL1Vua25vd24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCww%0D%0AIl0sWy00OSwiLSJdLFsiYm5jaCIsNjRdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A408%2C%22y%22%3A4705%2C%22w%22%3A701%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=1cOlfwyU2j&sdd=%7B%7D&pto=1168
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
4e3910eeaa9318d1b5498b21ecd55429497fb2d128106145f496884f8b48144b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
content-type
text/javascript
content-length
3533
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 7A3F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=0dc06201-3184-4f00-b108-4b76753dd148&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=0dc06201-3184-4f00-b108-4b76753dd148&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.130.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 07 Feb 2022 14:49:40 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x26 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=0dc06201-3184-4f00-b108-4b76753dd148&gdpr=0&gdpr_consent=
Expires
Mon, 07 Feb 2022 14:49:39 GMT
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame B429
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YgExhQAEcfWcIwBB
85 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YgExhQAEcfWcIwBB
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Mon, 07 Feb 2022 14:49:41 GMT
via
1.1 varnish
age
625
x-served-by
cache-hhn4077-HHN
x-cache
HIT
x-cache-hits
9602
x-timer
S1644245381.077308,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
85

Redirect headers

p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YgExhQAEcfWcIwBB
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Mon, 07 Feb 2022 14:49:41 GMT
via
1.1 varnish
x-served-by
cache-hhn4077-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1644245381.979163,VS0,VE89
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4C8D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NzllNjk1Yi1kMzlmLTQwZjYtODBkNy0zZGFhZTEwZmMzODc=&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NzllNjk1Yi1kMzlmLTQwZjYtODBkNy0zZGFhZTEwZmMzODc=&gdpr=0&gdpr_consent=&google_tc=
170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NzllNjk1Yi1kMzlmLTQwZjYtODBkNy0zZGFhZTEwZmMzODc=&gdpr=0&gdpr_consent=&google_tc=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
date
Mon, 07 Feb 2022 14:49:40 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NzllNjk1Yi1kMzlmLTQwZjYtODBkNy0zZGFhZTEwZmMzODc=&gdpr=0&gdpr_consent=&google_tc=
date
Mon, 07 Feb 2022 14:49:40 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
364
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1C0A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=92949
expires
Tue, 08 Feb 2022 16:38:49 GMT
date
Mon, 07 Feb 2022 14:49:40 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame E02B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Mon, 07 Feb 2022 14:49:41 GMT
usersync
rtb.gumgum.com/ Frame D8BC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=0710b751-6540-4829-b553-19f3ac610e33&t=1646837380
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=0710b751-6540-4829-b553-19f3ac610e33&t=1646837380
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.130.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 07 Feb 2022 14:49:41 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=0710b751-6540-4829-b553-19f3ac610e33&t=1646837380
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame B000
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Feb 2022 14:49:40 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=gumgum
date
Mon, 07 Feb 2022 14:49:40 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
um
cs.emxdgt.com/ Frame 459F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
text/html
date
Mon, 07 Feb 2022 14:49:40 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 151E
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YgExhcCo8YUAAC8YSIkAAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YgExhcCo8YUAAC8YSIkAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.130.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 07 Feb 2022 14:49:41 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YgExhcCo8YUAAC8YSIkAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
4
X-SO-HostName
m-ad75.dc4p.scaleout.jp
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":28,"gdpr":true,"ipv4":"0.0.0.0","key":"YgExhcCo8YUAAC8YSIkAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad75"}
X-SO-Key
YgExhcCo8YUAAC8YSIkAAAAA
X-SO-IP
217.64.151.5
X-SO-Cluster-ID
28
X-SO-Upstream-ID
m-ad75
usersync
rtb.gumgum.com/ Frame BEC8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=e8iKZ22KyF5NlGP0S2Rc&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=e8iKZ22KyF5NlGP0S2Rc&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.130.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 07 Feb 2022 14:49:41 GMT Mon, 07 Feb 2022 14:49:41 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=e8iKZ22KyF5NlGP0S2Rc&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1644007300/ 		65 KB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1644007300/landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
cb5cfb266229580366fcdafe2d58e5aba517e6a34d58abcb075d01e8e6ea1a0f

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-66551

Response headers

Date
Mon, 07 Feb 2022 14:49:40 GMT
Cache-Tag
173455578036285356254544881974673795778,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-66551/457968
Connection
keep-alive
Content-Length
66552
X-Served-By
cache-dca17767-DCA
Last-Modified
Fri, 04 Feb 2022 20:41:53 GMT
Server
cloudinary
X-Timer
S1644007923.673416,VS0,VE32
ETag
"8098a5640a1da4ece441c30f3b4c1de7"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31320143
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-156171718-1&cid=209220356.1644245381&jid=232007242&_u=YEBAAEAAAAAAAC~&z=1108844103
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-156171718-1&cid=209220356.1644245381&jid=232007242&_u=YEBAAEAAAAAAAC~&z=1108844103
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2vuvkGkLRglT19yAdVWPei8aLke2l6BXo5xid0Vy9dqcow2ZMdajfCQ
sulkycook.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sulkycook.com/v2vuvkGkLRglT19yAdVWPei8aLke2l6BXo5xid0Vy9dqcow2ZMdajfCQ
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
78af591bb6b6aa18d438897344304c3050d3ea4015e971d77fd7e9af7a857d9c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"87fc5ab4e094effef3c44eb886c705a1c41bfbeb93b24d9a861a7696f5918403"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-dg9q
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 07 Feb 2022 14:49:41 GMT
x-buildnumber
462028888
timing-allow-origin
*
tag.min.js
get.s-onetag.com/b912781d-06d4-4d57-b1f4-062ed152cfeb/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/b912781d-06d4-4d57-b1f4-062ed152cfeb/tag.min.js
Requested by
Host: 01.cdn.mediatradecraft.com
URL: https://01.cdn.mediatradecraft.com/just-the-news/main.js?article
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5423b5d24c0143d3d2d970376986d4518c464c1998b716bd4e6f30d22cd7ffbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 06 Feb 2022 23:09:25 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 19:28:33 GMT
server
AmazonS3
age
56416
etag
W/"2e77d8c490210556f7ee60e8c8cb63f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
piYykufZZ6DvuDsldBvikaklUHpXJROQ
via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P3
content-type
text/javascript
x-amz-cf-id
CTPBQ-hbNE3Zw8M_05h9vwk9ai0_G8flKZAJyITVY9N86Jp_GEJkmA==
out-4.5.41.js
m.stripe.network/ Frame 6065 		85 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.41.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:5200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
236
x-cache
Hit from cloudfront
date
Mon, 07 Feb 2022 14:45:45 GMT
last-modified
Fri, 28 Jan 2022 20:07:53 GMT
server
Cloudfront
etag
W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA56-P4
timing-allow-origin
*
x-amz-cf-id
7ACCnDVLC9SQq1qqJIU21pZxMs1yK6JT6oLbojRLcBxTM0GJH80rrw==
/
geo.privacymanager.io/ 		28 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-26.dus51.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 05:02:46 GMT
via
1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront), 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
age
35215
x-amzn-requestid
6bc710e9-6cc8-4287-b97a-8efb558aaa29
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6200a7f6-113ae77b0f4d84836f54e722;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, DUS51-P1
x-amz-apigw-id
NJ8ufHu2DoEFvyg=
content-length
28
x-amz-cf-id
RJyjfQjqJMPXB8NB8tmCp1qOogFsz8O3hvdHbdo1l403uN9Z7hW6pg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ 		28 B
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-26.dus51.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 05:02:46 GMT
via
1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront), 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
age
35215
x-amzn-requestid
6bc710e9-6cc8-4287-b97a-8efb558aaa29
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6200a7f6-113ae77b0f4d84836f54e722;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, DUS51-P1
x-amz-apigw-id
NJ8ufHu2DoEFvyg=
content-length
28
x-amz-cf-id
kQdOrs7OZiFtBaQdWvnKBRUkAN1pjnkua3OqvMMCKpgW8AaywPDZJQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
www.facebook.com/tr/ 		44 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=217456166125993&ev=PageView&dl=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&rl=&if=false&ts=1644245381006&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644245381005.822890291&it=1644245380686&coo=false&tm=1&rqm=GET
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 07 Feb 2022 14:49:41 GMT
9f01b64e-e02e-4c20-81ef-afb383f3050d
https://justthenews.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://justthenews.com/9f01b64e-e02e-4c20-81ef-afb383f3050d
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&pid=a1HGFW0GTsa65&cb=1&ws=1600x1200&v=7.72.0&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-mid300xFlex%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F21854935662%2C21924249896%2FJustTheNews_Desktop%2FJustTheNews_Mid_300xFlex%22%7D%5D&schain=1.0%2C1!mediatradecraft.com%2C111115%2C1%2C%2C%2C&pubid=78a541f2-9748-4ba5-9cda-85fd7a44b234&gdpre=1&gdprc=CPUAmjmPUAmjmAGABCENCBCgAAAAAH_AAAYgAAAQTAIMBAUAAAEEAAAIECIQAAQgiQAAAABBCABQBIAEqgACVwERgIAACAxAQgAAgBAQgwCAAAAAJAAgBACwQCAACAQAAgAEAAAAEIAIDACwEAAAEAJCAAiACECAgiAAg5DAgIACCAFABAAAOJDACAMsoASBAAAAAAAAAAAAAAAAAAAAAABATGQBABHADLAN4AmIaABAXQIgCgBWAGWAQAA1gB1RIAIBdADfwgAIApYDAgkAsABAAVgBlgEAAMUAawA3gCYgEygLQAbeFABACKAF8GgDgBWAGWAQAAgoBrADeAHVDgAgF0AN_FQBQBHADLAN4AmIBuQsACAugdAJACsAWIAuoBigDqALQAXaA0QBt48AIAIoAXwBGQG_kIAwAjgChgGKAOoAu0BohEAEAL4AjJKAQAAgAD4AbQC6gGKAOoAu0Bt5MAEARkBv5SAIAUMBJwC7QG3lQAQAvgG_gAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P2
x-amz-rid
RTJ0WG0FBMZ40Y1N4MB0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://justthenews.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
ls9V-y2OZ_mhk8EjnpJ9k9xSOWZOeYwVi6hV2nEu-Otd7wmbAYs3RQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&pid=a1HGFW0GTsa65&cb=2&ws=1600x1200&v=7.72.0&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-adhesion%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21854935662%2C21924249896%2FJustTheNews_Desktop%2FJustTheNews_Adhesion%22%7D%5D&schain=1.0%2C1!mediatradecraft.com%2C111115%2C1%2C%2C%2C&pubid=78a541f2-9748-4ba5-9cda-85fd7a44b234&gdpre=1&gdprc=CPUAmjmPUAmjmAGABCENCBCgAAAAAH_AAAYgAAAQTAIMBAUAAAEEAAAIECIQAAQgiQAAAABBCABQBIAEqgACVwERgIAACAxAQgAAgBAQgwCAAAAAJAAgBACwQCAACAQAAgAEAAAAEIAIDACwEAAAEAJCAAiACECAgiAAg5DAgIACCAFABAAAOJDACAMsoASBAAAAAAAAAAAAAAAAAAAAAABATGQBABHADLAN4AmIaABAXQIgCgBWAGWAQAA1gB1RIAIBdADfwgAIApYDAgkAsABAAVgBlgEAAMUAawA3gCYgEygLQAbeFABACKAF8GgDgBWAGWAQAAgoBrADeAHVDgAgF0AN_FQBQBHADLAN4AmIBuQsACAugdAJACsAWIAuoBigDqALQAXaA0QBt48AIAIoAXwBGQG_kIAwAjgChgGKAOoAu0BohEAEAL4AjJKAQAAgAD4AbQC6gGKAOoAu0Bt5MAEARkBv5SAIAUMBJwC7QG3lQAQAvgG_gAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P2
x-amz-rid
8J13M974C9W5JA9Z6GSJ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://justthenews.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
OHwD9i7mAPRUt8Ag_Y8ytkYdR8BLPI2SsenB2Hw2BwJ6xxIWc9YdJg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&pid=a1HGFW0GTsa65&cb=3&ws=1600x1200&v=7.72.0&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-inContent1%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F21854935662%2C21924249896%2FJustTheNews_Desktop%2FJustTheNews_InContent1%22%7D%5D&schain=1.0%2C1!mediatradecraft.com%2C111115%2C1%2C%2C%2C&pubid=78a541f2-9748-4ba5-9cda-85fd7a44b234&gdpre=1&gdprc=CPUAmjmPUAmjmAGABCENCBCgAAAAAH_AAAYgAAAQTAIMBAUAAAEEAAAIECIQAAQgiQAAAABBCABQBIAEqgACVwERgIAACAxAQgAAgBAQgwCAAAAAJAAgBACwQCAACAQAAgAEAAAAEIAIDACwEAAAEAJCAAiACECAgiAAg5DAgIACCAFABAAAOJDACAMsoASBAAAAAAAAAAAAAAAAAAAAAABATGQBABHADLAN4AmIaABAXQIgCgBWAGWAQAA1gB1RIAIBdADfwgAIApYDAgkAsABAAVgBlgEAAMUAawA3gCYgEygLQAbeFABACKAF8GgDgBWAGWAQAAgoBrADeAHVDgAgF0AN_FQBQBHADLAN4AmIBuQsACAugdAJACsAWIAuoBigDqALQAXaA0QBt48AIAIoAXwBGQG_kIAwAjgChgGKAOoAu0BohEAEAL4AjJKAQAAgAD4AbQC6gGKAOoAu0Bt5MAEARkBv5SAIAUMBJwC7QG3lQAQAvgG_gAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P2
x-amz-rid
YNW6BJEBMWEFKXEQMAZF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://justthenews.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
1VcidCiW8PCamfYDzU1FQEK1BoBQRYHmbZ3d9XePJExmTrV0QBRAEg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&pid=a1HGFW0GTsa65&cb=4&ws=1600x1200&v=7.72.0&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-top300x250%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21854935662%2C21924249896%2FJustTheNews_Desktop%2FJustTheNews_Top_300x250%22%7D%5D&schain=1.0%2C1!mediatradecraft.com%2C111115%2C1%2C%2C%2C&pubid=78a541f2-9748-4ba5-9cda-85fd7a44b234&gdpre=1&gdprc=CPUAmjmPUAmjmAGABCENCBCgAAAAAH_AAAYgAAAQTAIMBAUAAAEEAAAIECIQAAQgiQAAAABBCABQBIAEqgACVwERgIAACAxAQgAAgBAQgwCAAAAAJAAgBACwQCAACAQAAgAEAAAAEIAIDACwEAAAEAJCAAiACECAgiAAg5DAgIACCAFABAAAOJDACAMsoASBAAAAAAAAAAAAAAAAAAAAAABATGQBABHADLAN4AmIaABAXQIgCgBWAGWAQAA1gB1RIAIBdADfwgAIApYDAgkAsABAAVgBlgEAAMUAawA3gCYgEygLQAbeFABACKAF8GgDgBWAGWAQAAgoBrADeAHVDgAgF0AN_FQBQBHADLAN4AmIBuQsACAugdAJACsAWIAuoBigDqALQAXaA0QBt48AIAIoAXwBGQG_kIAwAjgChgGKAOoAu0BohEAEAL4AjJKAQAAgAD4AbQC6gGKAOoAu0Bt5MAEARkBv5SAIAUMBJwC7QG3lQAQAvgG_gAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P2
x-amz-rid
EBHHT98XRJDTNP6RCRA4
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://justthenews.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
4xoiX_lvN78_7a5DSbrbi0CrbemaCCz0AkvpWJmooust0uBwKeTyjg==
landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1644007300/ 		777 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1644007300/landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
6133a2d71bc42036919fa9ae7f75621a1fe7d5c04a932554230366d5afbaa197

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 14:49:41 GMT
Cache-Tag
173455578036285356254544881974673795778,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
777
X-Served-By
cache-bwi5040-BWI
Last-Modified
Fri, 04 Feb 2022 20:51:50 GMT
Server
cloudinary
X-Timer
S1644008034.580499,VS0,VE1
ETag
"695560c56d7e35c129213696aaeb6647"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31320299
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E324 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1644245380973-947365533244-006081-012-004056%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=92948
expires
Tue, 08 Feb 2022 16:38:49 GMT
date
Mon, 07 Feb 2022 14:49:41 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame FB0D 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1644245380973-947365533244-006081-012-004056%26biddername%3D42%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
32af604ef561433e035417383a50be2b0377d64457ccf7b1beae76917d79dab7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|130|4|188|218|152|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 07 Feb 2022 14:49:41 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:41 GMT
Content-Length
1414
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame FD89
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Feb 2022 14:49:41 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
date
Mon, 07 Feb 2022 14:49:41 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
merge
ce.lijit.com/ Frame 196B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=376385&3pid=1644245380973-947365533244-006081-012-004056&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1644245380973-947365533244-006081-012-004056%26biddername%3D18%26key%3D%5BSOVRNID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/

Response headers

Server
nginx
Date
Mon, 07 Feb 2022 14:49:41 GMT
X-MERGE
GDPR Optout true
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap5ams1
events
prd-collector-anon.ex.co/main/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/a9d47bdf-2cb2-412d-8e40-08f3ea1f7df6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-17-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://justthenews.com
date
Mon, 07 Feb 2022 14:49:41 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
avpb3.js
player.aniview.com/script/6.1/ Frame CD93 		314 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:12d:4ab::2c79 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8735488fb8664ebbdb4498dbbb9f08794dcf70c11d82a406d4feb20d56a7aaf4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycds18W3PMF2-RWcddDbesIhl82xefrPaHBumULBFqnwYISKY3QKue7ROfKn2BkcDOGzc5b13G0Jn4PPjerkidz2oN1wsIg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99490
last-modified
Thu, 03 Feb 2022 08:52:21 GMT
server
UploadServer
etag
"c25850fe78ae42eb3868dd802a1d8f85"
vary
Accept-Encoding
x-goog-hash
crc32c=b8VW8Q==, md5=wlhQ/niuQus4aN2AKh2PhQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1643878340978598
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99490
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 07 Feb 2022 14:54:41 GMT
vast2
tag.targeting.unrulymedia.com/rmp/236691/0/ 		168 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/236691/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&w=945&h=532&cbb=4245381181
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://justthenews.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/ 		168 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&w=945&h=532&cbb=4245381182
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://justthenews.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/243572/0/ 		168 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/243572/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&w=945&h=532&cbb=4245381182
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://justthenews.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/234705/0/ 		168 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&w=945&h=532&cbb=4245381183
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://justthenews.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=justthenews.com&rs=justthenews.com&sid=98810&t=1644245380&cip=217.64.151.5&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=945&he=532&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1644245380973-947365533244-006081-012-004056&cha=0.7&stagid=&stplid=&d35=&d36=6.1.3&cb=16079844809&cd1=4.130.0&cd4=a7fecc3f-f14d-4ae4-9f78-b4284e66936d&cd5=default&d9=1000&d37=realtime&AV_WIDTH=945&AV_HEIGHT=532&nid=56ea678d181f46c76f8b45fb&ncid=609aa2159b1ed0632a75e147&e=request&cb=1644245381184&asid=609aa2124fea5b3a68425f59%2C5ee3d57071193a26344a4076%2C60ebfe94ebe867570438e997%2C61129c5f0e70e663bd7c5b71%2C5e1b272e28a06142643c20cd%2C5ddfcaee28a06109914a6e5c%2C5fc4ee1ef674bd4e663d49dc%2C5fbe5add3443ef680f0480d7%2C609aa212d4b96668797082fa%2C61b754ed61c198758737a774%2C5fa2711a54dbb238c9289f7d%2C5fd1f2cc9772f87a350a855b%2C5fbe5d4370a94c4b696b7ccc%2C60c60c3b1731ed2b383f0908&ofpr=%2C%2C%2C%2C3%2C2%2C3.5%2C%2C%2C%2C2%2C1.5%2C2.8%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.109.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-109-72.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
usync.js
eus.rubiconproject.com/ Frame B000 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b161a452760e628e5d4e19573320eff7833f5da41a399d8fe332dcf191a49afa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 14:49:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48978
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9705
Expires
Tue, 08 Feb 2022 04:25:59 GMT
/
onetag-geo.s-onetag.com/ 		555 B
968 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/b912781d-06d4-4d57-b1f4-062ed152cfeb/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-41.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 00:18:52 GMT
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront), 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
age
52249
x-amzn-requestid
60d90c4a-81eb-471b-aa20-e9b36a551b02
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P3, FRA56-P5
x-amz-apigw-id
NJTJCHY6iYcF7TA=
content-length
555
x-amz-cf-id
wOJEA2cduHnPI4MYFudJSXH1axKSH-9BsNAED26bdBtXQv-sRu5Z8Q==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/b912781d-06d4-4d57-b1f4-062ed152cfeb/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.188.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-188-32.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03019ccf62b2bc924f2ff0be6fd1b8757e9d957dd3f704edfd792fe9e7d8b22c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 07 Feb 2022 10:51:38 GMT
content-encoding
gzip
last-modified
Mon, 07 Feb 2022 10:51:30 GMT
server
AmazonS3
age
14284
etag
W/"3835fd1b56b3844068b57efa6650428e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Ii2jhxmjfv9mSegAdGfXOVYZ4_KRreLt
via
1.1 84465451fc5898ca8155a82c8976074e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C2
content-type
application/javascript
x-amz-cf-id
g5r_JnXO1F_m75Q7wK4h2zu8L-FZf6cfR0WXOYGdwDljLk1tuwUvyg==
landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1644007300/ 		90 KB
90 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1644007300/landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
c6f411711cb8cb582b42f6d68ecd641759f0739778d2423d7b40a6cafe35f9a2

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-91931

Response headers

Date
Mon, 07 Feb 2022 14:49:41 GMT
Cache-Tag
173455578036285356254544881974673795778,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-91931/924772
Connection
keep-alive
Content-Length
91932
X-Served-By
cache-dca17759-DCA
Last-Modified
Fri, 04 Feb 2022 20:51:50 GMT
Server
cloudinary
X-Timer
S1644008034.752217,VS0,VE69
ETag
"9913b93ad4bd82b55017bbcbc49c1c3e"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31320269
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1644245381241&sessionId=243783d5-f625-0725-43f9-b79da92065ec&url=justthenews.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:41 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
06641460be417c4859887954138f0280
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ 		43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&idx=0&rand=45360&key=NANOWDGT01&widgetJSId=GS_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=243783d5-f625-0725-43f9-b79da92065ec&fdu=justthenews.com&px=408&py=5005&vpd=3805&cw=701&activeTab=true&darkMode=false&settings=true&recs=true&version=2000582&sig=uOk17Ih1&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPUAmjmPUAmjmAGABCENCBCgAAAAAH_AAAYgAAAQTAIMBAUAAAEEAAAIECIQAAQgiQAAAABBCABQBIAEqgACVwERgIAACAxAQgAAgBAQgwCAAAAAJAAgBACwQCAACAQAAgAEAAAAEIAIDACwEAAAEAJCAAiACECAgiAAg5DAgIACCAFABAAAOJDACAMsoASBAAAAAAAAAAAAAAAAAAAAAABATGQBABHADLAN4AmIaABAXQIgCgBWAGWAQAA1gB1RIAIBdADfwgAIApYDAgkAsABAAVgBlgEAAMUAawA3gCYgEygLQAbeFABACKAF8GgDgBWAGWAQAAgoBrADeAHVDgAgF0AN_FQBQBHADLAN4AmIBuQsACAugdAJACsAWIAuoBigDqALQAXaA0QBt48AIAIoAXwBGQG_kIAwAjgChgGKAOoAu0BohEAEAL4AjJKAQAAgAD4AbQC6gGKAOoAu0Bt5MAEARkBv5SAIAUMBJwC7QG3lQAQAvgG_gAAA.YAAAAAAAAAAA&cmpStat=1&ccpa=1---&ccpaStat=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
14ee731c3ac8b15c2d268050a9ad9ff660e34042b614b70fe72c5013032e2b49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1644245381.275931,VS0,VE246
accept-ranges
bytes
x-served-by
cache-lga21929-LGA, cache-hhn4031-HHN
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
b392b70649a1998e5be077576fcff74a
content-encoding
gzip
content-length
17642
expires
Thu, 01 Jan 1970 00:00:00 GMT
6
m.stripe.com/ Frame 6065 		156 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.63.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-63-192.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
069255395e6d128d19df5114fe35bdefb24ebf3f4b08dbe85ff0019629ad9bb9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
logo.svg
justthenews.com/themes/custom/jtn/ Frame 2C20 		22 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://justthenews.com/themes/custom/jtn/logo.svg
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/Notice.70828.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6fd5d08d59e73754e87baf8ca95ac95fce4d5f07dfd8482de957bf202b975b85
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
content-encoding
gzip
etag
W/"61f2c43e-590c"
age
830825
x-pantheon-styx-hostname
styx-fe3-b-7766ff95df-h9b8f
x-cache
HIT, HIT
x-cloud-trace-context
d61b09fe764f4fd78d7b0d69ef83a9a7/17721188410362818014;o=0
content-length
10203
x-served-by
cache-mdw17333-MDW, cache-mxp6971-MXP
access-control-allow-origin
*
last-modified
Thu, 27 Jan 2022 16:11:42 GMT
server
nginx
traceparent
00-d61b09fe764f4fd78d7b0d69ef83a9a7-f5ee4ef7e571edde-00
x-timer
S1644245381.273252,VS0,VE0
date
Mon, 07 Feb 2022 14:49:41 GMT
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish, 1.1 varnish
expires
Sat, 28 Jan 2023 16:13:39 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
1678ed38-7f8c-11ec-a554-eeb185e110ef
x-cache-hits
2, 2
usync.js
eus.rubiconproject.com/ Frame FD89 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b161a452760e628e5d4e19573320eff7833f5da41a399d8fe332dcf191a49afa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 14:49:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48978
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9705
Expires
Tue, 08 Feb 2022 04:25:59 GMT
m.js
cheqzone.b-cdn.net/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheqzone.b-cdn.net/m.js?v=30
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
b14463d5ba2d89151d1e1c0913eae5f190f4b64703726e682d43d1ac2b97edde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
56
cdn-storageserver
DE-169
cdn-cachedat
01/28/2022 22:32:07
cdn-pullzone
47782
server
BunnyCDN-DE1-756
last-modified
Sun, 01 Mar 2020 11:55:08 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"5e5ba29c-2970"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control
public, max-age=43200
cdn-requestid
b50007d976b33dab510e8e680a726de1
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1644245381360&sessionId=243783d5-f625-0725-43f9-b79da92065ec&url=justthenews.com&cheqSource=1&cheqEvent=2&responseTime=689
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:41 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
f0853d9b36d66f5907335c87bcb14bd8
Content-Length
4
Expires
0
imp.gif
obs.cheqzone.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136eeac531ef44829c9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d65337fd78afe6d4e3474cef498fbd38e820db61c35286572aff2c03fc1e145129ca5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c02b0616e96569a1920a63efc89825d957bd1fad811bc551c8c96dd82a77c3d835d2779681efa286bee71d7bf57bb4b8ae7c003dbcd16b99b043bb471553860f5e81d6c38681eb923bce6a88de93a349cd5c5513a2377c94c1924a7080bf20f15bbdc14ac620fb79144a07cc67eb0d8693a829bed3698752a798ccd527d6194c7aec480259794579d2bd2fb548db819229b59063b0933dd181a4ec7a99b7f710777f82fc594fc3b0194b4de4ebe47bfc6bc4be09bbfd76ed3bbd62cd0a8a45caf962930762a7b3c73a667b3540375a1e42b7a1ce33845bf31c101434adfc0f8ac65b59e3e982effe3591bcf6e094acfae3414e20e905d3e71a31dd516f1acb711f2d7efc10ae6a1ac2e2dd608866cb268ea330ceb90e85660921211e61159cc4f8c63f7d5586054395d1b4a7a299410f8cc4c86f8add2169d2d30e2e2ca883d3523da564d01dd94fa14cc457858c4aa6ed20e8dfca97cd5b70aca02969823b&cb=1644245381359&cri=1cOlfwyU2j
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
cache-control
no-cache, no-store, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
content-length
43
content-type
image/gif
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:a400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 0335d8a6e5dbedaa3f85a6ff68c7805a.cloudfront.net (CloudFront)
age
15978907
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
8vplyY-K1qlLNtpoSDfrCDKUrnXD6W0n-VTFEastQR38B3bHOEy4gw==
cygnus
htlb.casalemedia.com/ 		36 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=373647&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2213adbfd14fc97f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222ad347419b3db1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22373647%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B945%2C532%5D%5D%2C%22w%22%3A945%2C%22h%22%3A532%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22playbuzz.com%22%2C%22sid%22%3A%220016M00002IehyBQAR%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e8ee962b40c7092069f54d742c03a6a40817e55ad6121deb0aae97e5bb66513a

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.5], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://justthenews.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Mon, 07 Feb 2022 14:49:41 GMT
mvo
tag.1rx.io/rmp/203144/0/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://justthenews.com
pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/216551/0/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216551/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://justthenews.com
pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 Philadelphia, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://justthenews.com
date
Mon, 07 Feb 2022 14:49:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 Philadelphia, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://justthenews.com
date
Mon, 07 Feb 2022 14:49:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		36 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=373648&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221140b61220b962%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22122ec85420b02c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22373648%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B945%2C532%5D%5D%2C%22w%22%3A945%2C%22h%22%3A532%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22playbuzz.com%22%2C%22sid%22%3A%220016M00002IehyBQAR%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a08f235f8d846d2d6f5455b94acb77aec9368b42987f9c72d9a0bad03b6ff8bf

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:49:41 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.5], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://justthenews.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Mon, 07 Feb 2022 14:49:41 GMT
YgExhMOCL5RgFggK24zkFQAABMQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FB0D 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YgExhMOCL5RgFggK24zkFQAABMQAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1644245380973-947365533244-006081-012-004056%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:5da:b029:1b25:7ea6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
getuid
secure.adnxs.com/ Frame FB0D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1644245380973-947365533244-006081-012-004056%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame FB0D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGdqE7EAmMAAHB-dHKLtQ&expiration=1645454981&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGdqE7EAmMAAHB-dHKLtQ&expiration=1645454981&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1644245380973-947365533244-006081-012-004056%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 14:49:41 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGdqE7EAmMAAHB-dHKLtQ&expiration=1645454981&gdpr=1
Date
Mon, 07 Feb 2022 14:49:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame FB0D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4082362253880754577
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4082362253880754577
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1644245380973-947365533244-006081-012-004056%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 14:49:41 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4082362253880754577
pragma
no-cache
date
Mon, 07 Feb 2022 14:49:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
CookieIndex
rtb.adentifi.com/ Frame FB0D 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1644245380973-947365533244-006081-012-004056%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.197.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-197-238.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
ibs:dpid=23728&dpuuid=YgExhMOCL5RgFggK24zkFQAA%261220
dpm.demdex.net/ Frame FB0D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YgExhMOCL5RgFggK24zkFQAA%261220?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1644245380973-947365533244-006081-012-004056%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.176.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-176-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame FB0D
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ca330865-f6ac-480f-947c-2fa3473e87fc
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ca330865-f6ac-480f-947c-2fa3473e87fc
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1644245380973-947365533244-006081-012-004056%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 14:49:41 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:41 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ca330865-f6ac-480f-947c-2fa3473e87fc
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
bridge
cm.adgrx.com/ Frame FB0D 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1644245380973-947365533244-006081-012-004056%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:41 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-5
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
cookiesyncendpoint
sync.aniview.com/ Frame FB0D 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1644245380973-947365533244-006081-012-004056&biddername=42&key=YgExhMOCL5RgFggK24zkFQAA%261220
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1644245380973-947365533244-006081-012-004056%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.85.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-85-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
content-length
0
landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1644007300/ 		193 KB
193 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1644007300/landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
dd69588ec05b39d041d9680897be251899eb05ad7a531b3726d4c4b2bde70ed2

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=91932-289331

Response headers

Date
Mon, 07 Feb 2022 14:49:41 GMT
Cache-Tag
173455578036285356254544881974673795778,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 91932-289331/924772
Connection
keep-alive
Content-Length
197400
X-Served-By
cache-dca17759-DCA
Last-Modified
Fri, 04 Feb 2022 20:51:50 GMT
Server
cloudinary
X-Timer
S1644008034.752217,VS0,VE69
ETag
"9913b93ad4bd82b55017bbcbc49c1c3e"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31320269
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
prd-collector-anon.ex.co/main/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/a9d47bdf-2cb2-412d-8e40-08f3ea1f7df6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-17-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://justthenews.com
date
Mon, 07 Feb 2022 14:49:41 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1644007300/ 		146 KB
146 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1644007300/landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
fa24aff727aa417d59029a13d5e0b9c7bc16af53d408087f683baf66b304ce80

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=289332-438415

Response headers

Date
Mon, 07 Feb 2022 14:49:41 GMT
Cache-Tag
173455578036285356254544881974673795778,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 289332-438415/924772
Connection
keep-alive
Content-Length
149084
X-Served-By
cache-dca17759-DCA
Last-Modified
Fri, 04 Feb 2022 20:51:50 GMT
Server
cloudinary
X-Timer
S1644008034.752217,VS0,VE69
ETag
"9913b93ad4bd82b55017bbcbc49c1c3e"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31320269
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
/
www.facebook.com/tr/ Frame F0D1 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://justthenews.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://justthenews.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Mon, 07 Feb 2022 14:49:41 GMT
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
last-modified
Mon, 20 Dec 2021 10:37:08 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1639997226.754678"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Wed, 09 Mar 2022 14:49:41 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
last-modified
Mon, 20 Dec 2021 10:37:08 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1639997209.278109"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Wed, 09 Mar 2022 14:49:41 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=d241d6588c3459fdb4b9f1caee904ae8_39627_1644245381468&tm=1020&eT=0&widgetWidth=701&widgetHeight=574&widgetX=409&widgetY=5005&wRV=2000582&pVis=1&lsd=-1&eIdx=&ccpa=1---&cnsntV2=CPUAmjmPUAmjmAGABCENCBCgAAAAAH_AAAYgAAAQTAIMBAUAAAEEAAAIECIQAAQgiQAAAABBCABQBIAEqgACVwERgIAACAxAQgAAgBAQgwCAAAAAJAAgBACwQCAACAQAAgAEAAAAEIAIDACwEAAAEAJCAAiACECAgiAAg5DAgIACCAFABAAAOJDACAMsoASBAAAAAAAAAAAAAAAAAAAAAABATGQBABHADLAN4AmIaABAXQIgCgBWAGWAQAA1gB1RIAIBdADfwgAIApYDAgkAsABAAVgBlgEAAMUAawA3gCYgEygLQAbeFABACKAF8GgDgBWAGWAQAAgoBrADeAHVDgAgF0AN_FQBQBHADLAN4AmIBuQsACAugdAJACsAWIAuoBigDqALQAXaA0QBt48AIAIoAXwBGQG_kIAwAjgChgGKAOoAu0BohEAEAL4AjJKAQAAgAD4AbQC6gGKAOoAu0Bt5MAEARkBv5SAIAUMBJwC7QG3lQAQAvgG_gAAA.YAAAAAAAAAAA&cheq=2&rtt=290&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Mon, 07 Feb 2022 14:49:41 GMT
content-encoding
gzip
X-TraceId
5f4ea94fe3d220ad4b124d1b83ee59ab
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1644007300/ 		274 KB
275 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1644007300/landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
f647f8ac25634ecb113a505d3b3291e18f1fe55c5a06cfec1dcd7bcfc812fa91

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=438416-719099

Response headers

Date
Mon, 07 Feb 2022 14:49:41 GMT
Cache-Tag
173455578036285356254544881974673795778,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 438416-719099/924772
Connection
keep-alive
Content-Length
280684
X-Served-By
cache-dca17759-DCA
Last-Modified
Fri, 04 Feb 2022 20:51:50 GMT
Server
cloudinary
X-Timer
S1644008034.752217,VS0,VE69
ETag
"9913b93ad4bd82b55017bbcbc49c1c3e"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31320269
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1644007300/ 		176 KB
177 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1644007300/landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
1fd12395504c982c182468c7c428a91caae2ce58ba794615401e563e3aea0714

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=719100-899579

Response headers

Date
Mon, 07 Feb 2022 14:49:41 GMT
Cache-Tag
173455578036285356254544881974673795778,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 719100-899579/924772
Connection
keep-alive
Content-Length
180480
X-Served-By
cache-dca17759-DCA
Last-Modified
Fri, 04 Feb 2022 20:51:50 GMT
Server
cloudinary
X-Timer
S1644008034.752217,VS0,VE69
ETag
"9913b93ad4bd82b55017bbcbc49c1c3e"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31320269
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1644007300/ 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1644007300/landscapea616464c-18bb-4457-b5bf-c2d9bf01db49_1644007300466.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
51a9f4c4a71b499acc543c69db898b7c65c8588f4981bcd0734f56e171eb2e9b

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=899580-924771

Response headers

Date
Mon, 07 Feb 2022 14:49:41 GMT
Cache-Tag
173455578036285356254544881974673795778,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 899580-924771/924772
Connection
keep-alive
Content-Length
25192
X-Served-By
cache-dca17759-DCA
Last-Modified
Fri, 04 Feb 2022 20:51:50 GMT
Server
cloudinary
X-Timer
S1644008034.752217,VS0,VE69
ETag
"9913b93ad4bd82b55017bbcbc49c1c3e"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31320269
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
v2isci8ZVJaOH8F3J0EJfkOlDkjw3Cs-vE94tCr4jC009RLDYqRW9T4z7UO2eF88xvfc2mGTN
sulkycook.com/ 		209 B
645 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sulkycook.com/v2isci8ZVJaOH8F3J0EJfkOlDkjw3Cs-vE94tCr4jC009RLDYqRW9T4z7UO2eF88xvfc2mGTN
Requested by
Host: sulkycook.com
URL: https://sulkycook.com/v2vuvkGkLRglT19yAdVWPei8aLke2l6BXo5xid0Vy9dqcow2ZMdajfCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
9d90d8258602548bcdbbe3d660e017ee63403bad5559f046e765f39c3fc20a03
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Mon, 07 Feb 2022 14:49:41 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-dg9q
content-type
application/json; charset=utf-8
access-control-allow-origin
https://justthenews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
462028888
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Mon, 07 Feb 2022 14:49:40 GMT
khaos.jpg
token.rubiconproject.com/ Frame B000 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
v2ctss7thGPdr6eh4NpzkbX2DeYfV6BLbxFK2Fur42lFfslovFQa-jJuBEoBVQ9e8_VszmOe9
sulkycook.com/ 		3 B
37 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sulkycook.com/v2ctss7thGPdr6eh4NpzkbX2DeYfV6BLbxFK2Fur42lFfslovFQa-jJuBEoBVQ9e8_VszmOe9
Requested by
Host: sulkycook.com
URL: https://sulkycook.com/v2vuvkGkLRglT19yAdVWPei8aLke2l6BXo5xid0Vy9dqcow2ZMdajfCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Mon, 07 Feb 2022 14:49:41 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-dg9q
content-type
application/json; charset=utf-8
access-control-allow-origin
https://justthenews.com
access-control-allow-credentials
true
x-buildnumber
462028888
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
sync.php
pixel.rubiconproject.com/exchange/ Frame B000 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=justthenews.com&rs=justthenews.com&sid=98810&t=1644245380&cip=217.64.151.5&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=945&he=532&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1644245380973-947365533244-006081-012-004056&cha=0.7&stagid=&stplid=&d35=&d36=6.1.3&cb=16079844809&cd1=4.130.0&cd4=a7fecc3f-f14d-4ae4-9f78-b4284e66936d&cd5=default&d9=1000&d37=realtime&AV_WIDTH=945&AV_HEIGHT=532&nid=56ea678d181f46c76f8b45fb&ncid=609aa2159b1ed0632a75e147&e=bid&cb=1644245381884&asid=609aa2124fea5b3a68425f59%2C5ee3d57071193a26344a4076%2C60ebfe94ebe867570438e997%2C609aa212d4b96668797082fa&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.109.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-109-72.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
khaos.jpg
token.rubiconproject.com/ Frame FD89 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame CD93 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127061
x-xss-protection
0
expires
Mon, 07 Feb 2022 14:49:42 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame FD89 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17136
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Content-Type
image/gif
nr-1215.min.js
js-agent.newrelic.com/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1215.min.js
Requested by
Host: justthenews.com
URL: https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF
content-encoding
gzip
etag
"615035bb6557b191e767e19087efabaf"
x-amz-request-id
Q3HY1PNXY8TR1JKC
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
13666
x-amz-id-2
vufw9riA1/AZuDRdL2YM0H7A49KcGNwlGDUuSDYJ2ktT+9HT9gECAeZa/fHF13NGGalFATZWX8c=
x-served-by
cache-hhn4030-HHN
last-modified
Mon, 24 Jan 2022 22:13:53 GMT
server
AmazonS3
x-timer
S1644245382.288169,VS0,VE0
date
Mon, 07 Feb 2022 14:49:42 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
473
NRJS-15a968d5fbd6dc57745
bam-cell.nr-data.net/1/ 		49 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/NRJS-15a968d5fbd6dc57745?a=472043694&v=1215.1253ab8&to=NQBWNURUCEJRWkFYWAxKdQJCXAlfH0lUVlI9BlUCXlA%3D&rst=2547&ck=1&ref=https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&ap=13&be=219&fe=2497&dc=647&perf=%7B%22timing%22:%7B%22of%22:1644245379758,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:18,%22c%22:18,%22s%22:33,%22ce%22:60,%22rq%22:60,%22rp%22:195,%22rpe%22:200,%22dl%22:198,%22di%22:648,%22ds%22:648,%22de%22:657,%22dc%22:2497,%22l%22:2497,%22le%22:2498%7D,%22navigation%22:%7B%7D%7D&fp=483&fcp=483&at=GUdVQwxOG0w%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1215.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 14:49:43 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
6d9d6d279ad6692d-FRA
events
prd-collector-anon.ex.co/main/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/a9d47bdf-2cb2-412d-8e40-08f3ea1f7df6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-17-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://justthenews.com
date
Mon, 07 Feb 2022 14:49:42 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M20&cb=1644245382350&cid=609aa2159b1ed0632a75e147&VERSION=4.130.0&AV_PAGE_LOAD_UID=a7fecc3f-f14d-4ae4-9f78-b4284e66936d&AV_CDIM4=a7fecc3f-f14d-4ae4-9f78-b4284e66936d&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.109.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-109-72.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
371.json
id5-sync.com/g/v2/ 		213 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p13.id5-sync.com
Software
/
Resource Hash
3692e10530b291798a245cf35c7ba982a680a6492af11ff55b42e3b426a2efec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://justthenews.com
Date
Mon, 07 Feb 2022 14:49:42 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
ixmatch.html
js-sec.indexww.com/um/ Frame D3BD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 07 Feb 2022 14:49:42 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EE8B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=92947
expires
Tue, 08 Feb 2022 16:38:49 GMT
date
Mon, 07 Feb 2022 14:49:42 GMT
vary
Accept-Encoding
7BEB305D-64BB-41C8-B1AC-34D28674217C.jpeg
justthenews.com/sites/default/files/styles/square/public/2022-02/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://justthenews.com/sites/default/files/styles/square/public/2022-02/7BEB305D-64BB-41C8-B1AC-34D28674217C.jpeg?h=279670ce&itok=q4d_DbNL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa2efb5ea40ddbc19a7b5cecf2410f5e34484fe7d56f413ab3718ca60cac4736
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
via
1.1 varnish, 1.1 varnish
etag
"62008f9c-5aaa"
age
41450
x-pantheon-styx-hostname
styx-fe3-a-b5f76b597-pgdbp
x-cache
HIT, HIT
x-cloud-trace-context
6a3bfe0ab1a64b9fa3aa4b0edef7491b/17197959948251412161;o=0
content-length
23210
x-served-by
cache-mdw17361-MDW, cache-mxp6971-MXP
last-modified
Mon, 07 Feb 2022 03:18:52 GMT
server
nginx
traceparent
00-6a3bfe0ab1a64b9fa3aa4b0edef7491b-eeab6d7448ebb6c1-00
x-timer
S1644245382.400470,VS0,VE1
date
Mon, 07 Feb 2022 14:49:42 GMT
content-type
image/jpeg
x-styx-req-id
ad271012-87c4-11ec-9b14-723439186d04
expires
Wed, 08 Feb 2023 03:18:53 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
2, 1
GettyImages-1368622893.jpg
justthenews.com/sites/default/files/styles/square/public/2022-02/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://justthenews.com/sites/default/files/styles/square/public/2022-02/GettyImages-1368622893.jpg?h=199d8c1f&itok=48rrTu9_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a39346e807b5eee270ff07047bd57e8f9962fb6d8b2d4e59a36e8e7a692da81b
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
via
1.1 varnish, 1.1 varnish
etag
"61fd7e98-974b"
age
242411
x-pantheon-styx-hostname
styx-fe3-b-7766ff95df-rdj97
x-cache
HIT, HIT
x-cloud-trace-context
6ffe93df79664323b085284f7271a408/7327427840610751502;o=0
content-length
38731
x-served-by
cache-mdw17365-MDW, cache-mxp6971-MXP
last-modified
Fri, 04 Feb 2022 19:29:28 GMT
server
nginx
traceparent
00-6ffe93df79664323b085284f7271a408-65b040cc74e9540e-00
x-timer
S1644245382.400658,VS0,VE1
date
Mon, 07 Feb 2022 14:49:42 GMT
content-type
image/jpeg
x-styx-req-id
c6d52f8d-85f0-11ec-9342-1e243dc0e655
expires
Sun, 05 Feb 2023 19:29:31 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
GettyImages-1361905307.jpg
justthenews.com/sites/default/files/styles/square/public/2021-12/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://justthenews.com/sites/default/files/styles/square/public/2021-12/GettyImages-1361905307.jpg?h=87593250&itok=4qZBBVIb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b81c0fc346edff68a5e7eebac1ac6163f732bd2a0e071757e005d9e0fe7a60a8
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
via
1.1 varnish, 1.1 varnish
etag
"61d06d7b-9d27"
age
828975
x-pantheon-styx-hostname
styx-fe3-a-58f8d96898-gqdmn
x-cache
HIT, HIT
x-cloud-trace-context
b033fcef975f44569af5af39ac66d89c/28760881811738788;o=0
content-length
40231
x-served-by
cache-mdw17344-MDW, cache-mxp6971-MXP
last-modified
Sat, 01 Jan 2022 15:04:27 GMT
server
nginx
traceparent
00-b033fcef975f44569af5af39ac66d89c-00662dde9fd0d0a4-00
x-timer
S1644245382.400742,VS0,VE1
date
Mon, 07 Feb 2022 14:49:42 GMT
content-type
image/jpeg
x-styx-req-id
ddfdebab-76ce-11ec-b151-9a91cfbce423
expires
Tue, 17 Jan 2023 13:19:00 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
usermatch
ssum-sec.casalemedia.com/ Frame 2379 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPUAmjmPUAmjmAGABCENCBCgAAAAAH_AAAYgAAAQTAIMBAUAAAEEAAAIECIQAAQgiQAAAABBCABQBIAEqgACVwERgIAACAxAQgAAgBAQgwCAAAAAJAAgBACwQCAACAQAAgAEAAAAEIAIDACwEAAAEAJCAAiACECAgiAAg5DAgIACCAFABAAAOJDACAMsoASBAAAAAAAAAAAAAAAAAAAAAABATGQBABHADLAN4AmIaABAXQIgCgBWAGWAQAA1gB1RIAIBdADfwgAIApYDAgkAsABAAVgBlgEAAMUAawA3gCYgEygLQAbeFABACKAF8GgDgBWAGWAQAAgoBrADeAHVDgAgF0AN_FQBQBHADLAN4AmIBuQsACAugdAJACsAWIAuoBigDqALQAXaA0QBt48AIAIoAXwBGQG_kIAwAjgChgGKAOoAu0BohEAEAL4AjJKAQAAgAD4AbQC6gGKAOoAu0Bt5MAEARkBv5SAIAUMBJwC7QG3lQAQAvgG_gAAA.YAAAAAAAAAAA&d=https://justthenews.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Expires
Mon, 07 Feb 2022 14:49:42 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 07 Feb 2022 14:49:42 GMT
Content-Length
54
Connection
keep-alive
GettyImages-1275835901.jpg
justthenews.com/sites/default/files/styles/square/public/2022-02/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://justthenews.com/sites/default/files/styles/square/public/2022-02/GettyImages-1275835901.jpg?h=2227c10e&itok=tetw9xOu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c9fb4ef4005f9eeea89fc6566ea2c90c642334649e3889a012ea53d90932289f
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/world/asia/peter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31622400
via
1.1 varnish, 1.1 varnish
etag
"61ff4627-b9e7"
age
125790
x-pantheon-styx-hostname
styx-fe3-a-b5f76b597-pgdbp
x-cache
HIT, HIT
x-cloud-trace-context
b12fa6dcc0614f06b055fffb82b9b4e5/16604561592288124772;o=0
content-length
47591
x-served-by
cache-mdw17331-MDW, cache-mxp6971-MXP
last-modified
Sun, 06 Feb 2022 03:53:11 GMT
server
nginx
traceparent
00-b12fa6dcc0614f06b055fffb82b9b4e5-e66f40cb1f6d9f64-00
x-timer
S1644245383.667734,VS0,VE1
date
Mon, 07 Feb 2022 14:49:42 GMT
content-type
image/jpeg
x-styx-req-id
4e295ece-8700-11ec-9b14-723439186d04
expires
Tue, 07 Feb 2023 03:53:12 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame FCD2 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 06 Feb 2022 09:23:35 GMT
expires
Mon, 06 Feb 2023 09:23:35 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
105967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame CD93 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 07 Feb 2022 14:49:42 GMT
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame FDD8 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 06 Feb 2022 09:23:35 GMT
expires
Mon, 06 Feb 2023 09:23:35 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
105967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame 91FA 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 06 Feb 2022 09:23:35 GMT
expires
Mon, 06 Feb 2023 09:23:35 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
105967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame 9E53 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 06 Feb 2022 09:23:35 GMT
expires
Mon, 06 Feb 2023 09:23:35 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
105967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D592 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Feb 2022 15:30:47 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6025 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Feb 2022 15:30:47 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D6CE 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Feb 2022 15:30:47 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E79F 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://justthenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Feb 2022 15:30:47 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame FCD2 		136 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_justthenews.com_3&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&cust_params=publisher_name%3Djustthenews.com&env=vp&correlator=433977423647854&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=Wisconsin%20Republicans%20look%20at%20constitutional%20ban%20on%20Zuckerbucks&vid_d&vid_kw&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&addtl_consent=1~&sdki=44d&adk=2481014435&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=490A84AE-C309-49B6-A445-F27A09B2D4B7&nel=0&eid=44725355%2C44738437%2C44752711&url=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&dlt=1644245380302&idt=2813&dt=1644245383297&scor=4334003288679556&ged=ve4_td3_tt0_pd3_la3000_er694.165.855.465_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame FDD8 		136 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1300680169227907&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&addtl_consent=1~&sdki=44d&adk=2611010866&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=490A84AE-C309-49B6-A445-F27A09B2D4B7&nel=0&eid=44725355%2C44738437%2C44752711&url=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&dlt=1644245380302&idt=2781&dt=1644245383322&scor=2629251021338807&ged=ve4_td3_tt0_pd3_la3000_er694.165.855.465_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 91FA 		136 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1873631891007788&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&addtl_consent=1~&sdki=44d&adk=1414225256&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=490A84AE-C309-49B6-A445-F27A09B2D4B7&nel=0&eid=44725355%2C44738437%2C44752711&url=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&dlt=1644245380302&idt=2747&dt=1644245383329&scor=1551617451609268&ged=ve4_td3_tt0_pd3_la3000_er694.165.855.465_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 9E53 		136 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_justthenews.com_5&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&cust_params=publisher_name%3Djustthenews.com&env=vp&correlator=4466798978111530&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=Wisconsin%20Republicans%20look%20at%20constitutional%20ban%20on%20Zuckerbucks&vid_d&vid_kw&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&addtl_consent=1~&sdki=44d&adk=218974288&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=490A84AE-C309-49B6-A445-F27A09B2D4B7&nel=0&eid=44725355%2C44738437%2C44752711&url=https%3A%2F%2Fjustthenews.com%2Fworld%2Fasia%2Fpeter-schweizers-red-handed-how-china-and-us-elites-are-profiting-expense-america&dlt=1644245380302&idt=2856&dt=1644245383343&scor=4134720403935365&ged=ve4_td3_tt0_pd3_la3000_er694.165.855.465_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=justthenews.com&rs=justthenews.com&sid=98810&t=1644245380&cip=217.64.151.5&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=945&he=532&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1644245380973-947365533244-006081-012-004056&cha=0.7&stagid=&stplid=&d35=&d36=6.1.3&cb=16079844809&cd1=4.130.0&cd4=a7fecc3f-f14d-4ae4-9f78-b4284e66936d&cd5=default&d9=1000&d37=realtime&AV_WIDTH=945&AV_HEIGHT=532
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.186.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-186-197.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://justthenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 14:49:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| NREUM object| newrelic function| __nr_require object| dataLayer object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| regeneratorRuntime object| __EXCO string| pbPageIdentifier object| googletag function| __tcfapi function| __uspapi object| _sp_ object| _sp_ccpa object| core undefined| $ function| jQuery object| drupalSettings object| Drupal object| __webpackStripeJSv3Jsonp function| Stripe object| Cookies object| lazySizesConfig boolean| apstagLOADED object| apstag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| google_tag_manager object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| webpackChunkMediaTradecraft_Template object| pbjs string| google_user_agent_client_hint object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _fbq_gtm_ids function| Hls object| lazySizes object| _sp_queue function| av_sciv_hndlr1644245380636 object| storageAni function| google_sa_impl object| googleToken object| googleIMState function| pbjsChunk object| _pbjsGlobals object| mnet object| gaplugins object| gaGlobal object| gaData object| __ctcg_65349_0_exec function| admiral object| ats object| ID5 object| PublisherCommonId object| _sp_ccpa_queue object| __connect function| 4dm1r11545242527 number| google_global_correlator object| closure_lm_4067

89 Cookies

Domain/Path Name / Value
justthenews.com/world/asia Name: exco-uid
Value: 1t6482ymchnpkdtd
justthenews.com/ Name: _sp_v1_uid
Value: 1:284:ead8647d-62d7-4a76-b2f4-60296557e42d
.yahoo.com/ Name: A3
Value: d=AQABBIQxAWICEFguO8JpnwbR0LQQT_8mJvsFEgEBAQGDAmILYgAAAAAA_eMAAA&S=AQAAAv9ASSdIRsNH1RPv5-V5gsU
justthenews.com/ Name: _sp_v1_data
Value: 2:417019:1644245380:0:1:0:1:0:0:_:-1
justthenews.com/ Name: _sp_v1_ss
Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqLxM_JADIPaWFwmUVFCKRYAB1aS3L0AAAA%3D
justthenews.com/ Name: _sp_v1_opt
Value: 1:
justthenews.com/ Name: _sp_v1_consent
Value: 1!0:-1:-1:-1:-1:-1
justthenews.com/ Name: _sp_v1_csv
Value: null
justthenews.com/ Name: _sp_v1_lt
Value: 1:
.justthenews.com/ Name: consentUUID
Value: a963c492-0c31-468d-b733-d86cd4611a79
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MTQyNLAwtDQ3NAZCI0MjIT5DXdMsk2yTInMXt5zIcileQzMTEyMTU2MLAzMjcwCpZJDkNAAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MTQyNLAwtDQ3NAZCI0MjIT5DXdMsk2yTInMXt5zIcgBa-b_CJQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAADslzmtoZmJiZGJqbGFgZmQOAHSe5rcQAAAA
.lijit.com/ Name: ljt_reader
Value: 4d62000023bb361b3151333a
.casalemedia.com/ Name: CMID
Value: YgExhMOCL5RgFggK24zkFQAA
.casalemedia.com/ Name: CMPS
Value: 5199
.analytics.yahoo.com/ Name: IDSYNC
Value: 196n~233q
.gumgum.com/ Name: vst
Value: e_779e695b-d39f-40f6-80d7-3daae10fc387
.smartadserver.com/ Name: pid
Value: 5936013650851756463
.casalemedia.com/ Name: CMPRO
Value: 1220
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.adnxs.com/ Name: uuid2
Value: 4820658710785878206
.justthenews.com/ Name: _ga
Value: GA1.2.209220356.1644245381
.justthenews.com/ Name: _gid
Value: GA1.2.320934947.1644245381
.justthenews.com/ Name: _gat_UA-156171718-1
Value: 1
.servenobid.com/ Name: pid_324
Value: 5141210819713131212
.servenobid.com/ Name: pid_337
Value: y-oJjabOtE2uEiyjHqJt25A3Ks47lwKtZO3Ii5yvE-~A
.a-mo.net/ Name: amuid2
Value: b31ab47e-3c22-4d2b-bdc1-b51f333e2421
.servenobid.com/ Name: pid_317
Value: 5936013650851756463
.servenobid.com/ Name: pid_310
Value: 4d62000023bb361b3151333a
.bidswitch.net/ Name: tuuid
Value: 2df4b741-9ab0-4f7f-8881-dbad0b8058a7
.bidswitch.net/ Name: c
Value: 1644245380
.bidswitch.net/ Name: tuuid_lu
Value: 1644245380
.adsrvr.org/ Name: TDID
Value: 0710b751-6540-4829-b553-19f3ac610e33
.openx.net/ Name: i
Value: b381d4f9-9b08-4f8a-85ae-3cd54ce3313c|1644245380
.servenobid.com/ Name: pid_309
Value: e_779e695b-d39f-40f6-80d7-3daae10fc387
.quantserve.com/ Name: d
Value: EHsBDQGxJYir0QA
.quantserve.com/ Name: mc
Value: 62013184-eb406-d9a33-961d3
.servenobid.com/ Name: pid_333
Value: YgExhMOCL5RgFggK24zkFQAABMQAAAAB
.servenobid.com/ Name: pid_327
Value: b31ab47e-3c22-4d2b-bdc1-b51f333e2421
.servenobid.com/ Name: pid_312
Value: 4820658710785878206
.mathtag.com/ Name: uuid
Value: 0dc06201-3184-4f00-b108-4b76753dd148
.creativecdn.com/ Name: u
Value: e8iKZ22KyF5NlGP0S2Rc
.creativecdn.com/ Name: ts
Value: 1644245380
.justthenews.com/ Name: _fbp
Value: fb.1.1644245381005.822890291
.owneriq.net/ Name: si
Value: Q6975317812142490646
.owneriq.net/ Name: p2
Value: cc
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-48ba9e82-18fd-4013-aa14-557ab1ef151b-003%22%2C%22nxtrdr%22%3Afalse%7D
.facebook.com/ Name: fr
Value: 067vmt0eD0RsswMoZ..BiATGF...1.0.BiATGF.
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjOr7XW-ZS1OhAFOAFaC2FkY29uZHVjdG9yYAI.
.bidr.io/ Name: bito
Value: AAGdqE7EAmMAAHB-dHKLtQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.aniview.com/ Name: aniC
Value: 1644245380973-947365533244-006081-012-004056
.doubleclick.net/ Name: IDE
Value: AHWqTUlGIDgUMC2mS7bwu-j_R-8YoNleRCn7pGHeogQmFIVWnZeEskMdu0YAqBDID_g
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YgExhQAEcdicKABB
.casalemedia.com/ Name: CMST
Value: YgExhGIBMYUA
.postrelease.com/ Name: opt_out
Value: 1
.smartadserver.com/ Name: csync
Value: 127:AAGdqE7EAmMAAHB-dHKLtQ
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-48ba9e82-18fd-4013-aa14-557ab1ef151b-003%22%7D
.360yield.com/ Name: tuuid
Value: 4a707b97-17a7-4863-b377-6cf6bad09773
.360yield.com/ Name: tuuid_lu
Value: 1644245381
ads.avct.cloud/ Name: uuid
Value: f8c3d737-f922-4081-87e5-6acd8e1b8c7a
.justthenews.com/ Name: ccpaUUID
Value: 7eb5e3ef-9b9d-462d-b119-f44de991760f
.justthenews.com/ Name: dnsDisplayed
Value: true
.justthenews.com/ Name: ccpaApplies
Value: false
.justthenews.com/ Name: signedLspa
Value: false
.technoratimedia.com/ Name: tads_uid
Value: GDPR
justthenews.com/ Name: _lr_geo_location
Value: DE
.outbrain.com/ Name: obuid
Value: 6785afdf-853f-48db-99c2-35ad18578af6
.zemanta.com/ Name: zuid
Value: bN4y76HcspodnsQZicye
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f48fa236-a52d-4553-631d-b1943de0ce89.wzkrtG99QDSXpFcLGMbLKiqtH4Dn0%2ForsDAkdqBHYHM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-f48fa236-a52d-4553-631d-b1943de0ce89%24ip%24217.64.151.5.hkVLGcDGqv%2Bcfxzr98%2FNeTGNOsUQv25Ll6B6tVq0%2Bdg
.ipredictive.com/ Name: cu
Value: 2e442d4a-8825-11ec-9dac-e19a0e84bc3f|1644245381303
justthenews.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: cce137033e689945
.turn.com/ Name: uid
Value: 4082362253880754577
m.stripe.com/ Name: m
Value: 760dcef1-ecaa-4227-a35d-cac29fa704c7b6df99
.justthenews.com/ Name: __stripe_mid
Value: 74897fed-3a8e-4056-a751-ec6cba2fbda15a2786
.justthenews.com/ Name: __stripe_sid
Value: a2c04386-982a-4a24-a41a-896b68c890de17f629
.aniview.com/ Name: 2_C_42
Value: YgExhMOCL5RgFggK24zkFQAA&1220
sync.aniview.com/ Name: 2_C_42
Value: YgExhMOCL5RgFggK24zkFQAA&1220
.justthenews.com/ Name: _awl
Value: 2.1644245381.0.5-b51981831b9945ecef71e90560fcc227-6763652d6575726f70652d7765737431-0
.casalemedia.com/ Name: CMRUM3
Value: 27620131840b40&82620131852760AAGdqE7EAmMAAHB-dHKLtQ&f16201318405a0&496201318505a0&e6620131842760&2e6201318505a0&bc6201318505a00&98620131852760ca330865-f6ac-480f-947c-2fa3473e87fc&40620131852760no-consent&bf6201318405a0&296201318505a0&1f6201318405a00&046201318527604082362253880754577&2d6201318405a0&58620131852760YgExhQAEcdicKABB&da620131852760
.mfadsrvr.com/ Name: tuuid
Value: 2cd49f8b-4fd5-4fa9-8ed1-2a14da2351a8
.mfadsrvr.com/ Name: c
Value: 1644245381
.mfadsrvr.com/ Name: tuuid_lu
Value: 1644245381
.mfadsrvr.com/ Name: ssh
Value: !outbrain,1644245381
.outbrain.com/ Name: mdfrc
Value: 2cd49f8b-4fd5-4fa9-8ed1-2a14da2351a8
.nr-data.net/ Name: JSESSIONID
Value: 466a07fb886d050d

1 Console Messages

Source Level URL
Text
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

01.cdn.mediatradecraft.com
ad.360yield.com
ad.turn.com
ads.avct.cloud
ads.pubmatic.com
ads.servenobid.com
atrack.avplayer.com
ats.rlcdn.com
b1sync.zemanta.com
bam-cell.nr-data.net
bh.contextweb.com
c.amazon-adsystem.com
ccpa-service.sp-prod.net
ccpa.sp-prod.net
cdn.id5-sync.com
cdn.playbuzz.com
cdn.privacy-mgmt.com
cdnjs.cloudflare.com
ce.lijit.com
cheqzone.b-cdn.net
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
cs.emxdgt.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
get.s-onetag.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
jadserve.postrelease.com
js-agent.newrelic.com
js-sec.indexww.com
js.stripe.com
justthenews.com
log.outbrainimg.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mcd.ex.co
mcdp-nydc1.outbrain.com
message.sp-prod.net
micro.rubiconproject.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
onetag-geo.s-onetag.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.quantserve.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
player.ex.co
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid.a-mo.net
premiumsrv.aniview.com
public.servenobid.com
px.owneriq.net
q.stripe.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
stats.g.doubleclick.net
sulkycook.com
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tag.1rx.io
tag.targeting.unrulymedia.com
tcheck.outbrainimg.com
tg.socdm.com
token.rubiconproject.com
track1.aniview.com
ups.analytics.yahoo.com
us-u.openx.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
104.111.215.191
104.111.219.144
104.111.242.53
104.89.20.125
104.92.74.8
108.156.255.177
108.157.4.74
124.146.215.44
142.250.184.226
147.75.38.124
150.136.222.2
151.101.114.132
151.101.130.49
151.101.66.132
151.101.66.137
162.247.243.147
169.197.150.7
172.217.16.130
178.162.133.149
18.185.192.100
18.194.56.109
18.195.155.181
18.203.130.18
18.208.85.173
18.235.17.58
18.66.112.111
18.66.112.41
18.66.112.83
18.66.248.26
18.66.248.53
185.184.8.65
185.29.132.241
185.33.221.15
185.33.223.38
185.86.137.121
185.86.138.114
193.0.160.128
198.148.27.139
2.16.186.139
2.18.233.180
2.18.233.56
2.18.234.190
2.18.234.21
2001:678:cb4:bbbb::11
204.237.133.116
209.54.176.128
213.19.147.42
213.19.147.45
216.52.2.48
23.22.109.72
23.37.38.181
23.58.216.21
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:218f:a400:8:48e:53c0:93a1
2600:9000:223e:5200:19:7d10:bd80:93a1
2600:9000:224a:1200:1b:5138:8a40:93a1
2600:9000:2251:2600:0:bed9:b980:93a1
2606:4700::6810:135e
2620:116:800d:21:51e4:db4b:4436:b305
2620:12a:8001::3
2620:1ec:bdf::69
2a00:1450:4001:800::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::2006
2a00:1450:4001:829::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c1b::9c
2a02:26f0:12d:4ab::2c79
2a02:26f0:6c00::210:bb91
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3605:5da:b029:1b25:7ea6
3.124.70.84
3.126.56.137
3.231.0.153
3.33.220.150
34.230.197.238
34.240.176.29
34.243.37.252
34.255.38.72
34.98.64.218
35.186.249.84
44.193.191.16
44.228.63.192
44.238.135.153
46.105.202.126
51.89.21.21
51.89.9.252
52.19.2.69
52.205.96.140
52.222.188.32
52.222.214.123
52.222.236.42
52.5.186.197
54.177.241.193
54.186.23.98
54.205.198.81
54.210.154.62
54.73.209.201
64.202.112.127
64.202.112.255
66.155.71.150
67.202.105.24
69.173.144.139
69.173.144.165
72.251.241.196
8.43.72.98
89.187.169.47
03019ccf62b2bc924f2ff0be6fd1b8757e9d957dd3f704edfd792fe9e7d8b22c
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
069255395e6d128d19df5114fe35bdefb24ebf3f4b08dbe85ff0019629ad9bb9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0de9c60981a1f89aed3323c4650be5152f6303e5c354446cc20e40fa2ff12b47
106a9cf1e802e4b4eb79670ac273e521ad3d3df4188772729a308d36573bc6ca
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
14ee731c3ac8b15c2d268050a9ad9ff660e34042b614b70fe72c5013032e2b49
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
18665f0e3aa7ed07c2e0b6eb466e45652b3d90dd88bb89e68e88bce3024f2b1e
1a7fa05e87ccf58cfb7cd25e642144c196f16b989b574d304332bab025bb48b7
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1bbd7775b4648a4c247825d3f5520d8d58f7447815688fda7bc42a78ab5b7c24
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1d6ccc8868e042e68108da4db0da8bb4f80136bdc1e6002013a4514d89228036
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1fd12395504c982c182468c7c428a91caae2ce58ba794615401e563e3aea0714
2588cd8f2cb9219821b0221c97f954e299b9dbfdc4e6cd1039d54240733b9192
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d858a3dbb03600e19a60079cb0aefd2d3ade061f28bc40d457bb46a3cf0ff84
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
32af604ef561433e035417383a50be2b0377d64457ccf7b1beae76917d79dab7
3316dd89404c16901728f6fbf9fb3cdb4a2060501542037cecbdb1cfe412dd26
3692e10530b291798a245cf35c7ba982a680a6492af11ff55b42e3b426a2efec
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37d608999440e6d337098883ba786027ed5a8cd27a4182997a4441853606941f
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3bb3691c3ea56f61af84a48aef815d4f7540012c14fa60ab40073dd91efd28a7
3f8ef77b9c7c01d65e053ff64f9aa00fbd5faa19b1e13d1a195a1230a72c5ec9
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44999230a85ab93722edda59415c5bf08d35691437ec91921438b1284ae098a9
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
498d017c7df4ed4e2a5945e5502cbd57fd431fa898b4fd3209fdc045c3c34d7e
4e3910eeaa9318d1b5498b21ecd55429497fb2d128106145f496884f8b48144b
511ab271ab7ef9130a9fe0d1d53613969f3cc9f9f313d59a0555671a81481ffa
51a9f4c4a71b499acc543c69db898b7c65c8588f4981bcd0734f56e171eb2e9b
51eb44a48f2ec3bf5ee39395698b49d23ad55ed26f05bcbbccbeb1e128f477ef
532a6e8c06fd7fa9ae0f325c0fd0390bfe497b1d0aa5af894630b5de72ac7fa9
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
5423b5d24c0143d3d2d970376986d4518c464c1998b716bd4e6f30d22cd7ffbf
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd
60e5ea2c2766b7b575258e3fcff44679285dd3467f199a0fc315d9182aac3dd6
6133a2d71bc42036919fa9ae7f75621a1fe7d5c04a932554230366d5afbaa197
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61bdf51fbeabbc9aa8651d2b9e8e2c666c8a62683a5296545b2c70ac2cde9e85
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6e61be2f374a0122510025578940baf7ef8dbbcaf3ecc5f5535cfc81bd1cfd39
6fd5d08d59e73754e87baf8ca95ac95fce4d5f07dfd8482de957bf202b975b85
70385f98221f89859dbfe0cc01afa83c0391fcfb7abd14d78bef1027155d7b7b
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb
78af591bb6b6aa18d438897344304c3050d3ea4015e971d77fd7e9af7a857d9c
7c62ba7e387d868330d6f36dd9c8afc8bd677779dc917caa2a4cbde20419a0e8
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
82ebd542079ea66fbee420bfe0925495c3b7c26bab362d1e462660ac2998f16c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
857c53f37d6582d658e62e83aebe4dee7fd21471f3371968e497eff161c0040e
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
8735488fb8664ebbdb4498dbbb9f08794dcf70c11d82a406d4feb20d56a7aaf4
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
936a96afcde77875ce1b932be875ad57396d7b54dafdc05a190c994d14112630
967b53818317f72baeeabdcd4f4142cf946fc738fa7b493483dc5e494c819f15
968c7a08c066b33c989569fb817d4f6ababcf720f546f4e1c35ff14fc40981d2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
9d90d8258602548bcdbbe3d660e017ee63403bad5559f046e765f39c3fc20a03
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08f235f8d846d2d6f5455b94acb77aec9368b42987f9c72d9a0bad03b6ff8bf
a0a6ee977baf4be8265817e893fe3f849defd615298d626c7aa35bfd93f76cb6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a39346e807b5eee270ff07047bd57e8f9962fb6d8b2d4e59a36e8e7a692da81b
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a71611f4e21d7af30fe4f3265694a6946b49f57ae1206c9ce7ec9126e455bd04
a815dc1cc922f2e0b7c4f8b46157c2c65a42aa38757cfd85169a88a4ae9be9f8
aa2efb5ea40ddbc19a7b5cecf2410f5e34484fe7d56f413ab3718ca60cac4736
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14463d5ba2d89151d1e1c0913eae5f190f4b64703726e682d43d1ac2b97edde
b161a452760e628e5d4e19573320eff7833f5da41a399d8fe332dcf191a49afa
b16e4fdd3534e5df810787df45c2b8441ef95029ca125ab45d99f0bc68da9bc0
b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba
b2570d4eded76dc46cf65ba2dfe2d32ec426c01e617d12772427740948b02fb7
b279229c2eb8024708a5f4748914bb9c7fefee3c2fad50e18a64ff118ad5a32e
b2b04f26edbc4e925b1fab265413e2f047d023a7caf831a82f555d7ad69aeb5c
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5c106d4fd248a7f3adbabda82caa0329ae5761cea17d90b8501745e0369e178
b62cb4364fecceac51226e42b82a437dcb1939e5b030dd7ff27802f64ef7eafd
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
b81c0fc346edff68a5e7eebac1ac6163f732bd2a0e071757e005d9e0fe7a60a8
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c6f411711cb8cb582b42f6d68ecd641759f0739778d2423d7b40a6cafe35f9a2
c971b037378f66f07e4a7a3ee3356c7f9e177f0550dd1b6c72cbed742a9061f0
c9ac88b6f5aa138441daeeb2d381a76f3b56723b7aaeb3ebbc8b628e84117fde
c9fb4ef4005f9eeea89fc6566ea2c90c642334649e3889a012ea53d90932289f
ca38463c8d6565b7ee354a1c1eed60b93dce41db930ab618d521f17e61dee3b8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb5cfb266229580366fcdafe2d58e5aba517e6a34d58abcb075d01e8e6ea1a0f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce1203ea708fb6979d9006f0149bfde6c89f08863e8e0b0a225c02bf717146ac
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd69588ec05b39d041d9680897be251899eb05ad7a531b3726d4c4b2bde70ed2
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e6829f7ef99a4e9f890ff3d02d733e89968f7d8e9151f59ac9e979e0c35bdd68
e8ee962b40c7092069f54d742c03a6a40817e55ad6121deb0aae97e5bb66513a
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eb49b1f5aa2e72fd6975b4a0e65ffce513c6da8cfdaf94566a2751a1b8ff3ae4
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1870f734a253734a07b0542733fbed3b28ae811a83967deed504d31274407f4
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f647f8ac25634ecb113a505d3b3291e18f1fe55c5a06cfec1dcd7bcfc812fa91
fa24aff727aa417d59029a13d5e0b9c7bc16af53d408087f683baf66b304ce80
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fc0fbadd0003a518363a079597843305fcab3a583fc69bb67f352c98e57b68a2