edition.cnn.com Open in urlscan Pro
151.101.195.5 Public Scan

URL: https://www.cnn.com/business

URL: https://www.cnn.com/markets
Title: Markets

URL: https://www.cnn.com/business/tech
Title: Tech

URL: https://www.cnn.com/business/media
Title: Media

URL: https://www.cnn.com/business/success
Title: Success

URL: https://www.cnn.com/business/perspectives
Title: Perspectives

URL: https://www.cnn.com/business/videos
Title: Videos

URL: https://us.cnn.com/?hpt=header_edition-picker
Title: US

URL: https://arabic.cnn.com/?hpt=header_edition-picker
Title: Arabic

URL: https://cnnespanol.cnn.com/?hpt=header_edition-picker
Title: Español

URL: https://facebook.com/cnnbusiness

URL: https://twitter.com/cnnbusiness

URL: https://instagram.com/cnnbusiness

URL: https://www.cnn.com/us
Title: US

URL: https://www.cnn.com/us/crime-and-justice
Title: Crime + Justice

URL: https://www.cnn.com/specials/us/energy-and-environment
Title: Energy + Environment

URL: https://www.cnn.com/specials/us/extreme-weather
Title: Extreme Weather

URL: https://www.cnn.com/specials/space-science
Title: Space + Science

URL: https://www.cnn.com/world
Title: World

URL: https://www.cnn.com/world/africa
Title: Africa

URL: https://www.cnn.com/world/americas
Title: Americas

URL: https://www.cnn.com/world/asia
Title: Asia

URL: https://www.cnn.com/world/australia
Title: Australia

URL: https://www.cnn.com/world/china
Title: China

URL: https://www.cnn.com/world/europe
Title: Europe

URL: https://www.cnn.com/world/india
Title: India

URL: https://www.cnn.com/world/middle-east
Title: Middle East

URL: https://www.cnn.com/world/united-kingdom
Title: United Kingdom

URL: https://www.cnn.com/politics
Title: Politics

URL: https://www.cnn.com/specials/politics/supreme-court-nine
Title: SCOTUS

URL: https://www.cnn.com/specials/politics/congress
Title: Congress

URL: https://www.cnn.com/specials/politics/fact-check-politics
Title: Facts First

URL: https://www.cnn.com/election/2020/primaries-and-caucuses
Title: 2020 Election

URL: https://www.cnn.com/opinions
Title: Opinion

URL: https://www.cnn.com/specials/opinion/opinion-politics
Title: Political Op-Eds

URL: https://www.cnn.com/specials/opinion/opinion-social-issues
Title: Social Commentary

URL: https://www.cnn.com/health
Title: Health

URL: https://www.cnn.com/interactive/life-but-better/
Title: Life, But Better

URL: https://www.cnn.com/specials/health/fitness-life-but-better
Title: Fitness

URL: https://www.cnn.com/specials/health/food-life-but-better
Title: Food

URL: https://www.cnn.com/specials/health/sleep-life-but-better
Title: Sleep

URL: https://www.cnn.com/specials/health/mindfulness-life-but-better
Title: Mindfulness

URL: https://www.cnn.com/specials/health/relationships-life-but-better
Title: Relationships

URL: https://www.cnn.com/entertainment
Title: Entertainment

URL: https://www.cnn.com/entertainment/movies
Title: Movies

URL: https://www.cnn.com/entertainment/tv-shows
Title: Television

URL: https://www.cnn.com/entertainment/celebrities
Title: Celebrity

URL: https://www.cnn.com/specials/tech/innovate
Title: Innovate

URL: https://www.cnn.com/specials/tech/gadget
Title: Gadget

URL: https://www.cnn.com/specials/tech/foreseeable-future
Title: Foreseeable Future

URL: https://www.cnn.com/specials/tech/mission-ahead
Title: Mission: Ahead

URL: https://www.cnn.com/specials/tech/upstarts
Title: Upstarts

URL: https://www.cnn.com/specials/tech/work-transformed
Title: Work Transformed

URL: https://www.cnn.com/specials/tech/innovative-cities
Title: Innovative Cities

URL: https://www.cnn.com/style
Title: Style

URL: https://www.cnn.com/style/arts
Title: Arts

URL: https://www.cnn.com/style/design
Title: Design

URL: https://www.cnn.com/style/fashion
Title: Fashion

URL: https://www.cnn.com/style/architecture
Title: Architecture

URL: https://www.cnn.com/style/luxury
Title: Luxury

URL: https://www.cnn.com/style/beauty
Title: Beauty

URL: https://www.cnn.com/style/videos
Title: Video

URL: https://www.cnn.com/travel
Title: Travel

URL: https://www.cnn.com/travel/destinations
Title: Destinations

URL: https://www.cnn.com/travel/food-and-drink
Title: Food & Drink

URL: https://www.cnn.com/travel/stay
Title: Stay

URL: https://www.cnn.com/travel/videos
Title: Videos

URL: https://www.cnn.com/sports
Title: Sports

URL: https://bleacherreport.com/nfl
Title: Pro Football

URL: https://bleacherreport.com/college-football
Title: College Football

URL: https://bleacherreport.com/nba
Title: Basketball

URL: https://bleacherreport.com/mlb
Title: Baseball

URL: https://bleacherreport.com/world-football
Title: Soccer

URL: https://www.cnn.com/sport/olympics
Title: Olympics

URL: https://bleacherreport.com/nhl
Title: Hockey

URL: https://www.cnn.com/videos
Title: Videos

URL: https://www.cnn.com/live-tv
Title: Live TV

URL: https://www.cnn.com/specials/digital-studios
Title: Digital Studios

URL: https://www.cnn.com/specials/videos/digital-shorts
Title: CNN Films

URL: https://www.cnn.com/specials/videos/hln
Title: HLN

URL: https://www.cnn.com/tv/schedule/cnn
Title: TV Schedule

URL: https://www.cnn.com/specials/tv/all-shows
Title: TV Shows A-Z

URL: https://www.cnn.com/vr
Title: CNNVR

URL: https://www.cnn.com/cnn-underscored
Title: CNN Underscored

URL: https://www.cnn.com/cnn-underscored/electronics
Title: Electronics

URL: https://www.cnn.com/cnn-underscored/fashion
Title: Fashion

URL: https://www.cnn.com/cnn-underscored/beauty
Title: Beauty

URL: https://www.cnn.com/cnn-underscored/health-fitness
Title: Health & Fitness

URL: https://www.cnn.com/cnn-underscored/home
Title: Home

URL: https://www.cnn.com/cnn-underscored/reviews
Title: Reviews

URL: https://www.cnn.com/cnn-underscored/deals
Title: Deals

URL: https://www.cnn.com/cnn-underscored/money
Title: Money

URL: https://www.cnn.com/cnn-underscored/gifts
Title: Gifts

URL: https://www.cnn.com/cnn-underscored/travel
Title: Travel

URL: https://www.cnn.com/cnn-underscored/outdoors
Title: Outdoors

URL: https://www.cnn.com/cnn-underscored/pets
Title: Pets

URL: https://store.cnn.com/?utm_source=cnn.com&utm_medium=referral&utm_campaign=navbar
Title: CNN Store

URL: https://coupons.cnn.com/
Title: Coupons

URL: https://www.cnn.com/more
Title: More

URL: https://www.cnn.com/specials/photos
Title: Photos

URL: https://www.cnn.com/specials/cnn-longform
Title: Longform

URL: https://www.cnn.com/specials/cnn-investigates
Title: Investigations

URL: https://www.cnn.com/specials/profiles
Title: CNN Profiles

URL: https://www.cnn.com/specials/more/cnn-leadership
Title: CNN Leadership

URL: https://www.cnn.com/email/subscription
Title: CNN Newsletters

URL: https://www.turnerjobs.com/search-jobs?orgIds=1174&ac=19299
Title: Work for CNN

URL: http://www.cnn.com/
Title: CNN

URL: http://www.cnn.com/business/
Title: CNN Business

URL: https://money.cnn.com/quote/quote.html?symb=JPM&source=story_quote_link
Title: (JPM)

URL: https://www.cnn.com/2022/11/25/business/epstein-accusers-sue-jp-morgan-deutsche-bank-alleged-sex-trafficking/index.html
Title: filed civil lawsuits against JPMorgan

URL: https://www.dianomi.com/whats-this/?utm_source=pub.CNN%20Business%20%28International%29&utm_medium=smartad_sponsor_link

URL: https://www.cnn.com/specials/politics/joe-biden-news
Title: The Biden Presidency

URL: https://www.cnn.com/election/2020/results/president
Title: US Elections

URL: https://www.cnn.com/travel/news
Title: News

URL: https://www.cnn.com/audio
Title: Audio

URL: https://www.cnn.com/weather
Title: Weather

URL: https://www.cnn.com/specials/world/cnn-climate
Title: Climate

URL: https://www.cnn.com/interactive/storm-tracker/
Title: Storm Tracker

URL: https://www.cnn.com/interactive/2020/weather/wildfire-and-air-quality-tracker/
Title: Wildfire Tracker

URL: https://www.cnn.com/specials/weather/weather-video
Title: Video

URL: https://youtube.com/user/CNN

URL: https://www.cnn.com/terms
Title: Terms of Use

URL: https://www.cnn.com/privacy
Title: Privacy Policy

URL: https://warnermediaprivacy.com/policycenter/b2c/WMNS
Title: Ad Choices

URL: https://www.cnn.com/accessibility
Title: Accessibility & CC

URL: https://www.cnn.com/about
Title: About

URL: https://www.cnn.com/newsletters
Title: Newsletters

URL: https://www.cnn.com/transcripts
Title: Transcripts

URL: https://www.warnermediaprivacy.com/policycenter/b2c/WM/
Title: https://www.warnermediaprivacy.com/policycenter/b2c/WM/

URL: https://www.onetrust.com/products/cookie-consent/

a23-52-112-145.deploy.static.akamaitechnologies.com

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://ads.stickyadstv.com/user-matching?id=185&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=b23fc5eda5eafd49a0441a3ca7e380b9&_fw_gdpr=0&_fw_gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 106

https://warnermediagroup-com.videoplayerhub.com/galleryloader.js HTTP 301
https://btloader.com/tag?h=warnermediagroup-com&upapi=true

Request Chain 107

https://sync.search.spotxchange.com/audience_id HTTP 302
https://sync.search.spotxchange.com/audience_id?__user_check__=1

Request Chain 108

https://ib.adnxs.com/getuid?https://umto.cnn.com/user-sync?zwmc=$UID&domain=cnn.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fumto.cnn.com%2Fuser-sync%3Fzwmc%3D%24UID%26domain%3Dcnn.com HTTP 302
https://umto.cnn.com/user-sync?zwmc=8906080515655609534&domain=cnn.com

Request Chain 110

https://image8.pubmatic.com/AdServer/ImgSync?p=160262&gdpr=0&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160262%26mpc%3D4%26fp%3D1%26pmc%3DPM_PMC%26%26pr%3Dhttps%253A%252F%252Fumto.cnn.com%252Fuser-sync%253Fdomain%253Dcnn.com%2526kfyn%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160262&gdpr=0&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160262%26mpc%3D4%26fp%3D1%26pmc%3DPM_PMC%26%26pr%3Dhttps%253A%252F%252Fumto.cnn.com%252Fuser-sync%253Fdomain%253Dcnn.com%2526kfyn%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODAyNzkyNjktMDczOS00NjI1LTkzOTYtOTZFNjI3ODc0RkVG&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODAyNzkyNjktMDczOS00NjI1LTkzOTYtOTZFNjI3ODc0RkVG&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160262&mpc=4&fp=1&pmc=1&&pr=https%3A%2F%2Fumto.cnn.com%2Fuser-sync%3Fdomain%3Dcnn.com%26kfyn%3D80279269-0739-4625-9396-96E627874FEF HTTP 302
https://umto.cnn.com/user-sync?domain=cnn.com&kfyn=80279269-0739-4625-9396-96E627874FEF

Request Chain 111

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=cnn HTTP 302
https://umto.cnn.com/user-sync?ifyr=LCFILS5L-1Z-JUDL&domain=cnn.com

Request Chain 112

https://eq97f.publishers.tremorhub.com/pubsync?redir=https://umto.cnn.com/user-sync?goiz=%5Btvid%5D%26domain=cnn.com HTTP 302
https://eq97f.publishers.tremorhub.com/pubsync/verify?redir=https://umto.cnn.com/user-sync?goiz=%5Btvid%5D%26domain=cnn.com HTTP 302
https://umto.cnn.com/user-sync?goiz=f96f10d372ed4a66a5c91cca9e63830c&domain=cnn.com

Request Chain 182

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent= HTTP 301
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=

Request Chain 184

https://idsync.rlcdn.com/425276.gif?partner_uid=fdf5525eb1171db0254a1c60efa7bb24 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CLz6GRIsCigIARDX7wEaIGZkZjU1MjVlYjExNzFkYjAyNTRhMWM2MGVmYTdiYjI0EAAaDQiD-M2dBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=363d3e65a44d7940eac3f19bcb900be1e2707000be92f187b890756a2fe7cfd2791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzNjNkM2U2NWE0NGQ3OTQwZWFjM2YxOWJjYjkwMGJlMWUyNzA3MDAwYmU5MmYxODdiODkwNzU2YTJmZTdjZmQyNzkxNDI2YjU0MTdkY2UyMRAAGgwIhfjNnQYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzNjNkM2U2NWE0NGQ3OTQwZWFjM2YxOWJjYjkwMGJlMWUyNzA3MDAwYmU5MmYxODdiODkwNzU2YTJmZTdjZmQyNzkxNDI2YjU0MTdkY2UyMRAAGgwIhfjNnQYSBAgCEABCAEoA&google_gid=CAESELBwaou6aS_CchIHJwEqCe0&google_cver=1 HTTP 307
https://pippio.com/api/sync/liveramp.com

Request Chain 185

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP 302
https://data.dianomi.com/frontend/bidswitch?uid=d3d875d8-4851-4570-b0ce-32e5766f697e&cookie_age=0

Request Chain 186

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP 302
https://data.dianomi.com/frontend/bidswitch?uid=d3d875d8-4851-4570-b0ce-32e5766f697e&cookie_age=0

Request Chain 187

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent= HTTP 301
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=

Request Chain 189

https://idsync.rlcdn.com/425276.gif?partner_uid=4a9c879306eb72b03c42b9587382efe7 HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=fe6b8b55-8a85-4be3-8cbe-2e5b3178c732

Request Chain 190

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP 302
https://data.dianomi.com/frontend/bidswitch?uid=d3d875d8-4851-4570-b0ce-32e5766f697e&cookie_age=0

Request Chain 191

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent= HTTP 301
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=

Request Chain 193

https://idsync.rlcdn.com/425276.gif?partner_uid=7a484648117a4395a84edd714d85b85d HTTP 307
https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIhPjNnQYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIhPjNnQYSBAgCEABCAEoA&google_error=3 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=dd154850-7b6e-4045-90c5-3e46181c389d

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UFM2dW9GcGU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=UFM2dW9GcGU&google_tc= HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEBCX1t-HhxzBcEjx5IpM6xI&google_cver=1

Request Chain 198

https://usermatch.krxd.net/um/v2?partner=spotx HTTP 302
https://sync.search.spotxchange.com/audience_sync/9?uid=PS6uoFpe

Request Chain 199

https://bea4.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dfreewheel%26partner_uid%3D%23%7Buser.id%7D HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=freewheel&partner_uid=w82c8_7184222182913424031

Request Chain 200

https://ps.eyeota.net/match?bid=i0r4o4v&uid=PS6uoFpe HTTP 302
https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=PS6uoFpe HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlF3UFpPaGRWanlCTUI3VFlEcmFtSHhtM1p4elFXYVc3WWF3X3hPSkJ4VWM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=i0r4o4v& HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=i0r4o4v&google_gid=CAESEBSfsPvANyo5fWMKIjaWNo0&google_cver=1 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26 HTTP 302
https://ps.eyeota.net/match?uid=8906080515655609534&bid=2cr76e1&dc_rc=2&dc_mr=5&dc_orig=i0r4o4v& HTTP 302
https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26 HTTP 302
https://ps.eyeota.net/match?bid=9sn4omv&uid=c7Dw6d8D1Pcvwq5&newuser=1&dc_rc=3&dc_mr=5&dc_orig=i0r4o4v& HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=4&dc_mr=5&dc_orig=i0r4o4v& HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=8148565974731273334&newuser=1&dc_rc=4&dc_mr=5&dc_orig=i0r4o4v& HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=7625981f-53e3-4e76-986a-4c6debaf17a1&bid=1e2n4ou

Request Chain 201

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 302
https://beacon.krxd.net/usermatch.gif?adnxs_uid=8906080515655609534

Request Chain 205

https://usermatch.krxd.net/um/v2?partner=navegg HTTP 302
https://sync.navdmp.com/sync?prtid=30&salid=PS6uoFpe

Request Chain 206

https://sync.1rx.io/usersync/krux/PS6uoFpe?dspret=1 HTTP 302
https://sync.1rx.io/usersync/krux/PS6uoFpe?zcc=1&cb=1672707076774 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-a8552f0b-08e4-44ca-8aed-38a4655f0607-004

Request Chain 208

https://sync.crwdcntrl.net/map/c=9164/TP=KRUX/tpid=PS6uoFpe HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/tpid=PS6uoFpe

Request Chain 210

https://sync.im-apps.net/imid/redirect?cid=1000751&tid=sfid HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=intimatemerger&partner_uid=uZODeAiVQFWUgLSPY9ZR0w

Request Chain 211

https://usermatch.krxd.net/um/v2?partner=adara HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=s&p=2818&uid=PS6uoFpe HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=291280564&t=s&p=2818&uid=PS6uoFpe

Request Chain 213

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&dcc=t

Request Chain 225

https://ml314.com/csync.ashx?fp=PS6uoFpe&person_id=3632613727204802565&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3632613727204802565 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3632613727204802565

Request Chain 255

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=dianomi&gdpr=0&gdpr_consent=&gdpr=0&us_privacy=1---&khaos=LCFILS5L-1Z-JUDL HTTP 302
https://data.dianomi.com/frontend/rubicon?uid=LCFILS5L-1Z-JUDL&gdpr=0&us_privacy=1---

Request Chain 256

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/zn-RakqxAhef_3VnVzBkwcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Gv28v_lE2oLqVkGqPI9LTfOhHV60j1w6LgM7rw--~A

Request Chain 257

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=G1l5OTxMQ2eX7TBESLw0Tw&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G1l5OTxMQ2eX7TBESLw0Tw&gdpr=0

Request Chain 258

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
https://match.adsrvr.org/track/cmb/rubicon?gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=&expires=30

Request Chain 259

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENGSUxTNUwtMVotSlVETA==&gdpr=0&us_privacy=1---

Request Chain 260

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0Qg8tb5LS3y6bEkJ255Pug&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0Qg8tb5LS3y6bEkJ255Pug&gdpr=0

Request Chain 261

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCFILS5L-1Z-JUDL&gdpr=0&us_privacy=1---

Request Chain 262

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjU0ODJiZDMwNzc0ODgzM2NkNTg3NDk3MTIzYmYwOWRhMWY2Yzc4Mw&gdpr=0&us_privacy=1---

Request Chain 263

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAf1lFsSD7y3_nrOhLV6WxI&google_cver=1

Request Chain 280

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Request Chain 285

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1wUmtaWm1GRTJ1TG5aZWxIclVDWkQyX1VnTG1Ed2FKUX5B

Request Chain 286

https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3019041179730735901&gdpr=0&gdpr_consent=

Request Chain 287

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8906080515655609534&ex=appnexus.com

Request Chain 288

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3629917585617201438583

Request Chain 304

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=LCFILS5L-1Z-JUDL HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LCFILS5L-1Z-JUDL&ex=d-rubiconproject.com&status=ok&us_privacy=1---

Request Chain 308

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMsM7xF-7f7mLS7PehVcgag&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Request Chain 309

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=

Request Chain 310

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=52568843-4de7-4d69-9795-722ca16236cc&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}

Request Chain 311

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=

Request Chain 313

https://rtb.mfadsrvr.com/sync?ssp=yieldmo HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=249a4043-65e7-4138-8f35-ca7387c320e6&gdpr=&gdpr_pd=&gdpr_consent=

Request Chain 314

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
https://ads.yieldmo.com/v000/sync?userid=8906080515655609534&pn_id=an

Request Chain 316

https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1 HTTP 302
https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=1194c18ef1e20c2&is_secure=true&networkId=42851&version=1 HTTP 302
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAJlSxTVoG0YQNcYpYDAAAAAAA&expiration=1672793479&is_secure=true

Request Chain 317

https://c1.adform.net/serving/cookie/match?party=1283 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1283 HTTP 302
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=3958891285216491490

Request Chain 321

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y7N8BqwQYUMeBHmgYSYOGAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED2h6SbMylSJx2PULgeiY-M&google_cver=1

Request Chain 322

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7625981f-53e3-4e76-986a-4c6debaf17a1&expiration=1675299078&gdpr=0&gdpr_consent=

Request Chain 323

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y7N8BqwQYUMeBHmgYSYOGAAAEqkAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHSuwDkus-__OqFH3Dw7OE8&google_cver=1

Request Chain 327

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=2c6578a1-3a61-8dff-9853d619

Request Chain 328

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688345479&external_user_id=c5815bdd-c0b7-4936-8850-1fa2caff48b2

Request Chain 335

https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=aff94688-02ef-4526-ad9d-a04002012c8a&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}

Request Chain 336

https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMsM7xF-7f7mLS7PehVcgag&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=80279269-0739-4625-9396-96E627874FEF&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Kvucd8NE2uVCiFM_CFTtoeA3gkg_Vo4-~A&gdpr=0&gdpr_consent=

Request Chain 337

https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCOEEwN0hadmdBQUNEclh1dzNGUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Csas%2Cpp%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Csas%2Cpp%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB8A07HZvgAACDrXuw3FQ&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cshr%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB8A07HZvgAACDrXuw3FQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cshr%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cshr&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3019041179730735901&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB8A07HZvgAACDrXuw3FQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D3019041179730735901%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dshr%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?userid=3019041179730735901&gdpr=0&gdpr_consent=&bee_sync_partners=shr&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAB8A07HZvgAACDrXuw3FQ&pid=558502&do=add&gdpr=0 HTTP 303
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAB8A07HZvgAACDrXuw3FQ&gdpr=0

Request Chain 338

https://x.bidswitch.net/sync?ssp=sharethrough&user_id=be68624c-ab8d-45c8-82ff-0a52c76f09f5&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d3d875d8-4851-4570-b0ce-32e5766f697e&ssp=sharethrough&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522308695222332015&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dsharethrough%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522308695222332015&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dsharethrough%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=b3d8fbd6-c14d-40ab-988c-3db2697914d2&ssp=sharethrough&gdpr_consent=&gdpr=0 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522308695222332015&ssp=sharethrough&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232733304385000534406&ssp=sharethrough&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=419&user_id=10522308695222332015&ssp=sharethrough&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=d3d875d8-4851-4570-b0ce-32e5766f697e&seat_user_id=&seat_key=&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy=

Request Chain 339

https://sync.srv.stackadapt.com/sync?nid=15 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-7e742496-715d-42b9-4951-e5baa8a0d799$ip$173.245.209.33

Request Chain 347

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8906080515655609534

Request Chain 349

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=325a63b3-7c07-4a00-adb9-d2776229436f

Request Chain 350

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y7N8BqwQYUMeBHmgYSYOGAAAEqkAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/Y7N8BqwQYUMeBHmgYSYOGAAAEqkAAAIB

Request Chain 352

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y7N8BwAIwMzA1wAo HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y7N8BwAIwMzA1wAo&_test=Y7N8BwAIwMzA1wAo

Request Chain 353

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688345479&external_user_id=c5815bdd-c0b7-4936-8850-1fa2caff48b2

Request Chain 354

https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=rxNhPhd2TIF2k8KJYh9dt6310SE

Request Chain 358

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:368f63b3-7c08-4b00-b8c3-c28c6178bba1&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3958891285216491490 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d3d875d8-4851-4570-b0ce-32e5766f697e HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d3d875d8-4851-4570-b0ce-32e5766f697e HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=834ca1e7-f8c4-4c19-967e-c7a05af922de&user_group=1&ssp=pubmatic&bsw_param=d3d875d8-4851-4570-b0ce-32e5766f697e HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d3d875d8-4851-4570-b0ce-32e5766f697e&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 359

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y7N8BwAIybRK2gAF HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7N8BwAIybRK2gAF&gdpr=0&gdpr_consent=&_test=Y7N8BwAIybRK2gAF HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3D80279269-0739-4625-9396-96E627874FEF HTTP 302
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=80279269-0739-4625-9396-96E627874FEF

Request Chain 361

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gCeSaQc5RiWTlpbmJ4dP7w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 362

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=80279269-0739-4625-9396-96E627874FEF HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=80279269-0739-4625-9396-96E627874FEF HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b3d8fbd6-c14d-40ab-988c-3db2697914d2%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7625981f-53e3-4e76-986a-4c6debaf17a1&ttd_puid=b3d8fbd6-c14d-40ab-988c-3db2697914d2%2C

Request Chain 364

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=80279269-0739-4625-9396-96E627874FEF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=80279269-0739-4625-9396-96E627874FEF&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 365

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMsM7xF-7f7mLS7PehVcgag&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3D80279269-0739-4625-9396-96E627874FEF HTTP 302
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=80279269-0739-4625-9396-96E627874FEF

Request Chain 368

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3D80279269-0739-4625-9396-96E627874FEF HTTP 302
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=80279269-0739-4625-9396-96E627874FEF

Request Chain 375

https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=ddafea11-fd15-4f80-98db-516f3c1e12f6&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&us_privacy=1---&_t=1672707081079 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZGRhZmVhMTEtZmQxNS00ZjgwLTk4ZGItNTE2ZjNjMWUxMmY2&us_privacy=1---

Request Chain 376

https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1672707081079 HTTP 302
https://sync.teads.tv/um?eid=22&uid=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=

Request Chain 377

https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1672707081079 HTTP 302
https://sync.teads.tv/um?fp=1&eid=80&uid=046ea6f6-1f26-4972-9006-43a5b039f964&gdpr=0&gdpr_consent=

Request Chain 378

https://pr-bh.ybp.yahoo.com/sync/teads/ddafea11-fd15-4f80-98db-516f3c1e12f6?gdpr=0&gdpr_consent=&_t=1672707081079 HTTP 302
https://sync.teads.tv/um?eid=132&uid=y-ACw_iapE2oRBlU9ajAz4cUqExiUK0oDG._4-~A

Request Chain 379

https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=ddafea11-fd15-4f80-98db-516f3c1e12f6_ap_au&gdpr_consent=&us_privacy=1---&_t=1672707081079 HTTP 302
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=ddafea11-fd15-4f80-98db-516f3c1e12f6_ap_au&gdpr_consent=&us_privacy=1---&_t=1672707081079&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 384

https://sync.teads.tv/um?fp=1&eid=3&google_nid=teadstv_ab&uid=&vid=ddafea11-fd15-4f80-98db-516f3c1e12f6&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr_consent=&us_privacy=1---&_t=1672707081079 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZGRhZmVhMTEtZmQxNS00ZjgwLTk4ZGItNTE2ZjNjMWUxMmY2&us_privacy=1---

Request Chain 389

https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=yfcabol3t2g HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8906080515655609534 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 390

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8906080515655609534&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 391

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pGQWeaU0RHy_YkN49GFZfvZgFX-_bkMp9DUJEAvp HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 392

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 393

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rxNhPhd2TIF2k8KJYh9dt6310SE HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 395

https://gocm.c.appier.net/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6tf9rMKEC5266ec2C3yzYw

Request Chain 397

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=325a63b3-7c07-4a00-adb9-d2776229436f

Request Chain 398

https://idsync.rlcdn.com/420486.gif?partner_uid=80279269-0739-4625-9396-96E627874FEF HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJxyDqTd55chhQTjf5P9HV4&google_cver=1

Request Chain 399

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8148565974731273334&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 400

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=80279269-0739-4625-9396-96E627874FEF&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=f606ee6459f20c2&is_secure=true&networkId=17100&version=1&nuid=80279269-0739-4625-9396-96E627874FEF&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJoC_CWi79IwNgjJY8AAAAAAA&expiration=1672793482&nuid=80279269-0739-4625-9396-96E627874FEF&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

412 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.html Show response
edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/ 2 MB
478 KB 335ms
100ms Document
text/html 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.5 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

70ad7da56e16422aa78bebb8933e9db6b1f4c855b0e6f147e8839225b49d0795

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: https://.cnn.com: http://.cnn.com: .cnn.io: .cnn.net: .turner.com: .turner.io: .ugdturner.com: courageousstudio.com .vgtf.net:; script-src 'unsafe-eval' 'unsafe-inline' 'self' ; style-src 'unsafe-inline' 'self' blob: ; child-src 'self' blob: ; frame-src 'self' ; object-src 'self' ; img-src 'self' data: blob: ; media-src 'self' data: blob: ; font-src 'self' data: ; connect-src 'self' data: ; frame-ancestors 'self' https://.cnn.com:* http://.cnn.com https://.cnn.io:* http://.cnn.io: .turner.com: courageousstudio.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3666
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60
content-encoding: gzip
content-length: 488286
content-security-policy: default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* courageousstudio.com;
content-type: text/html; charset=utf-8
date: Tue, 03 Jan 2023 00:51:10 GMT
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-content-hub: build-env=prod; unique-deployment-key=rn12135z; build-version=v3.12.0; build-commit-hash=a2e6f4353
x-content-type-options: nosniff
x-last-modified: Thu, 29 Dec 2022 12:18:33 GMT
x-served-by: cache-iad-kcgs7200140-IAD, cache-syd10156-SYD
x-timer: S1672707070.406420,VS0,VE2
x-xss-protection: 1; mode=block

GET
H2 200 cwr.js Show response
client.rum.us-east-1.amazonaws.com/1.2.1/ 113 KB
30 KB 635ms
235ms Script
text/javascript 13.33.88.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-83.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5911d117ea2edb1fd45ae8b808faf1f4797ad47cea6903af6fcf6939d652c6b7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: .4K5CfpXnO4JYWpB.0XU4z1pqhcxZqEe
content-encoding: gzip
via: 1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
date: Sun, 01 Jan 2023 01:47:28 GMT
last-modified: Thu, 17 Mar 2022 20:19:41 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 169423
etag: W/"22408e37866ef0d296d8a35f95078b0f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=604800
x-amz-cf-id: kW5nrBA4NrTtbA4h4jzUag6nDIUC62x7-uXTepY19Tb7YNM10Vo8lQ==

GET
H2 200 launch-95f9268404e1.min.js Show response
lightning.cnn.com/launch/7be62238e4c3/3acce89e7125/ 270 KB
69 KB 1084ms
255ms Script
application/x-javascript 23.10.29.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lightning.cnn.com/launch/7be62238e4c3/3acce89e7125/launch-95f9268404e1.min.js
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.29.219 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-10-29-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f4672b369b91dc5b2d6c9836f7892c771cceeaa525f6f066a5a379a9eb5de95

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:11 GMT
content-encoding: gzip
last-modified: Wed, 14 Dec 2022 17:15:18 GMT
server: AkamaiNetStorage
etag: "df6acc587d1788bab7f7842dbd15420a:1671038117.983135"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: *
cache-control: max-age=504
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 03 Jan 2023 00:59:35 GMT

GET
H2 200 business-edition-adfuel.min.js Show response
edition.cnn.com/media/sites/js/bundles/ 791 KB
255 KB 118ms
117ms Script
application/javascript 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://edition.cnn.com/media/sites/js/bundles/business-edition-adfuel.min.js

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.5 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

40661b8bf070eed005fa31c2f9911f99944151f21bfa49a10d41fee827218acc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: https://.cnn.com: http://.cnn.com: .cnn.io: .cnn.net: .turner.com: .turner.io: .ugdturner.com: courageousstudio.com .vgtf.net:; script-src 'unsafe-eval' 'unsafe-inline' 'self' ; style-src 'unsafe-inline' 'self' blob: ; child-src 'self' blob: ; frame-src 'self' ; object-src 'self' ; img-src 'self' data: blob: ; media-src 'self' data: blob: ; font-src 'self' data: ; connect-src 'self' data: ; frame-ancestors 'self' https://.cnn.com:* http://.cnn.com https://.cnn.io:* http://.cnn.io: .turner.com: courageousstudio.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* courageousstudio.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Jan 2023 00:51:10 GMT
via: 1.1 varnish, 1.1 varnish
age: 516
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 260614
x-content-hub: build-env=prod; unique-deployment-key=rn12135z; build-version=v3.12.0; build-commit-hash=a2e6f4353
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100055-IAD, cache-syd10156-SYD
last-modified: Mon, 19 Dec 2022 17:54:51 GMT
x-timer: S1672707071.534324,VS0,VE2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-cache-hits: 67, 1

GET
H2 200 business-edition-adfuel-body.min.js Show response
edition.cnn.com/media/sites/js/bundles/ 327 KB
96 KB 118ms
117ms Script
application/javascript 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://edition.cnn.com/media/sites/js/bundles/business-edition-adfuel-body.min.js

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.5 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2363380e7772e0b6933ce1bc2c614cdbb26cabb6b5ee3d818ac6ee785736a6d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: https://.cnn.com: http://.cnn.com: .cnn.io: .cnn.net: .turner.com: .turner.io: .ugdturner.com: courageousstudio.com .vgtf.net:; script-src 'unsafe-eval' 'unsafe-inline' 'self' ; style-src 'unsafe-inline' 'self' blob: ; child-src 'self' blob: ; frame-src 'self' ; object-src 'self' ; img-src 'self' data: blob: ; media-src 'self' data: blob: ; font-src 'self' data: ; connect-src 'self' data: ; frame-ancestors 'self' https://.cnn.com:* http://.cnn.com https://.cnn.io:* http://.cnn.io: .turner.com: courageousstudio.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* courageousstudio.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Jan 2023 00:51:10 GMT
via: 1.1 varnish, 1.1 varnish
age: 786
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 98360
x-content-hub: build-env=prod; unique-deployment-key=rn12135z; build-version=v3.12.0; build-commit-hash=a2e6f4353
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100024-IAD, cache-syd10156-SYD
last-modified: Mon, 19 Dec 2022 17:54:51 GMT
x-timer: S1672707071.534465,VS0,VE3
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-cache-hits: 106, 1

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 310ms
108ms Script
application/javascript 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Jan 2023 00:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QpLkTroHlqrE0LequA2uwg==
age: 82029
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Wed, 21 Dec 2022 07:32:46 GMT
server: cloudflare
etag: 0x8DAE3258E5CB56A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6bd0e487-b01e-00a1-089a-15167d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7837bea22aeba81f-SYD

GET
H2 200 zion-web-client.min.js Show response
z.cdp-dev.cnn.com/zion-web-client/3.0/ 241 KB
46 KB 398ms
98ms Script
application/javascript 151.101.1.67
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdp-dev.cnn.com/zion-web-client/3.0/zion-web-client.min.js
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.67 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3cf5e7dad9ae7cd1cc9e268025c2524f2bf5ec2315166d1b06b2eac8379f9747

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: CBRwCxDeLBHpcWTiZMMbdCT2FWHcJn9B
content-encoding: gzip
via: 1.1 20f0d9cf6610f77242f5c592d2ecfd1c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date: Tue, 03 Jan 2023 00:51:12 GMT
x-amz-cf-pop: IAD89-C3
age: 43
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 46071
x-served-by: cache-iad-kcgs7200029-IAD, cache-syd10135-SYD
last-modified: Wed, 30 Nov 2022 16:03:09 GMT
x-timer: S1672707073.624420,VS0,VE0
etag: W/"aa932f5e3354ef5ed2c76f4949d87c37"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: 5WXUNp23Rg2FJaI8sHbWXMqOCOLgzdV5hXGQusI4V9lTRT6yE_yOYg==
x-cache-hits: 11036, 3

GET
H2 200 tag.min.js Show response
get.s-onetag.com/c15ddde9-ec7d-4a49-b8ca-7a21bc4b943b/ 36 KB
12 KB 620ms
224ms Script
text/javascript 13.33.33.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/c15ddde9-ec7d-4a49-b8ca-7a21bc4b943b/tag.min.js
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-16.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c41bb5ffeb5f7dab3f5935cdd05f98c88dfe483744df9f61f18a42dc5584fbe0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 16:46:16 GMT
content-encoding: gzip
via: 1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
x-amz-version-id: 14LTmW1BAmB84QL3vVkAPQWHgp31vFgJ
last-modified: Mon, 04 Jan 2021 13:04:28 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 29097
etag: W/"4d31aa6b0d6615f7e1798cf37de44c41"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 7EJI_n0r7jMbplHDg2C6flVud8M7U4OboG8h7Bka1Ho4PI7gs8Busg==

GET
H2 200 js Show response
registry.api.cnn.io/bundles/fave/latest-4.x/ 227 KB
78 KB 146ms
97ms Script
application/javascript 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://registry.api.cnn.io/bundles/fave/latest-4.x/js
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e919cb9fd20c78929a38b19d2c6b170ff846f4b977c080f42f272bc981fb0161

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:12 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: CSP7EYWCX0NX6GXC
age: 3471
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 79299
x-amz-id-2: 9G8eVXTa9xvqbo4iycIhh/6vieYEh5RQITBFEhPqbNZvBJjZLWNXog+eRnJPmmXXuMfqKdhY6KM=
x-served-by: cache-iad-kiad7000114-IAD, cache-syd10156-SYD
last-modified: Tue, 20 Dec 2022 18:08:19 GMT
server: AmazonS3
x-timer: S1672707072.474236,VS0,VE0
vary: origin,accept-encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 747, 83

GET
H2 200 pym.v1.min.js Show response
cdn.cnn.com/cnn/.e/interactive/js/lib/vendor/pym/ 9 KB
3 KB 328ms
251ms Script
application/javascript 23.10.29.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cnn.com/cnn/.e/interactive/js/lib/vendor/pym/pym.v1.min.js
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.29.219 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-10-29-219.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:12 GMT
content-encoding: gzip
x-amz-request-id: Y4M995B9VV7Y30C6
x-amz-server-side-encryption: AES256
content-length: 2809
x-amz-id-2: KC49Yu12ZvV3uasBQsiYENx0LvxF28NukJuhNa4iXL27AgFEfJLGV5dK4usDVVnGUAdf6NNVnF0=
last-modified: Fri, 02 Oct 2020 06:43:24 GMT
server: AmazonS3
etag: "d4257b34abdd55b0b5b4459db41c2c1c"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-datastream-cache-status: 2
expires: Tue, 03 Jan 2023 01:51:12 GMT

GET
H2 200 articleprod.js Show response
cdn.optimizely.com/public/125375509/s/ 398 KB
104 KB 936ms
311ms Script
text/javascript 23.52.112.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/125375509/s/articleprod.js

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.112.145 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

24330875cbe767527597e615b60a4c83e50e6015180a97ea99b971f5bcd79886

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: DP2yxm0gxcxcpMh5_4rXJldceYFBwuXg
content-encoding: gzip
date: Tue, 03 Jan 2023 00:51:11 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: XTSSVPCKXBVG2192
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 5630
x-amz-replication-status: PENDING
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="308";dur=0,cdnip;desc="23.52.112.145";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
content-length: 105076
x-amz-id-2: 62odYV1X+xs0yBZY2+4nNAHB+Z4D9vsbQiAtkLKAXw8nL1U1li1OSLmLFhYfrHFH0mpclWtWkw0=
last-modified: Sun, 25 Dec 2022 05:00:00 GMT
server: AmazonS3
etag: "89d4ec4c60691f17100fee85f8952716"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 180511194112-barclays-ceo-staley.jpg
media.cnn.com/api/v1/images/stellar/prod/ 35 KB
35 KB 153ms
102ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/180511194112-barclays-ceo-staley.jpg?q=x_0,y_156,h_1857,w_3300,c_crop/w_850
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4f422ac888117e8f1ee97ff3efa62356eccac333f74d0a474c545dfedba2fb1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000171-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 48045
x-timer: S1672707072.478175,VS0,VE1
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 35949
x-cache-hits: 67, 1

GET
H2 200 180511194112-barclays-ceo-staley.jpg
media.cnn.com/api/v1/images/stellar/prod/ 6 KB
6 KB 153ms
101ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/180511194112-barclays-ceo-staley.jpg?q=x_0,y_156,h_1857,w_3300,c_crop/w_250
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 97c18a0e3fa8d497eb6aa335d22ba33d43689e2efb0017675ae97eace35e1101

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200052-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 37863
x-timer: S1672707072.478194,VS0,VE1
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 5972
x-cache-hits: 36, 1

GET
H2 200 221222220453-bill-gates.jpg
media.cnn.com/api/v1/images/stellar/prod/ 5 KB
5 KB 150ms
98ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221222220453-bill-gates.jpg?c=16x9&q=w_250,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 082a0f082bbe92caad599e7b55014be8310583dbd072e35e3863ee065ec2e2e5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200058-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 35161
x-timer: S1672707072.477689,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 4692
x-cache-hits: 496, 16

GET
H2 200 221222182538-foreman-dnt-ai.jpg
media.cnn.com/api/v1/images/stellar/prod/ 6 KB
6 KB 151ms
100ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221222182538-foreman-dnt-ai.jpg?c=16x9&q=w_250,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: df14ee246867197fcd4e0986f8736e7dc3bd2c2715588b274b0cfb87b2532912

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000140-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 28206
x-timer: S1672707072.478206,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 6312
x-cache-hits: 595, 2

GET
H2 200 221216125849-california-fast-food-council.jpg
media.cnn.com/api/v1/images/stellar/prod/ 10 KB
10 KB 151ms
100ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221216125849-california-fast-food-council.jpg?c=16x9&q=w_250,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d08e7694961efae5e658ed65ec256939f6eae39fc3e2a12879f47757d7346f44

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000157-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 60027
x-timer: S1672707072.478157,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 10456
x-cache-hits: 613, 17

GET
H2 200 221215130953-apple-airtag-lauren-hughes-stalking.jpg
media.cnn.com/api/v1/images/stellar/prod/ 8 KB
8 KB 117ms
99ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221215130953-apple-airtag-lauren-hughes-stalking.jpg?c=16x9&q=w_250,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5a6d0aff50e1046976839da7db1e2526649d500b1ce6e335d98288d90ca2f0ba

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200039-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 48059
x-timer: S1672707072.478137,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 7827
x-cache-hits: 531, 17

GET
H2 200 221215080848-david-schnitzler-yurkevich-pkg1.jpg
media.cnn.com/api/v1/images/stellar/prod/ 8 KB
8 KB 99ms
98ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221215080848-david-schnitzler-yurkevich-pkg1.jpg?c=16x9&q=w_250,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8ed3f70f448996308c2650db03d9b516992c76d0d636f2f4f69d358d89afec44

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100037-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 59266
x-timer: S1672707073.580731,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 7731
x-cache-hits: 502, 23

GET
H2 200 221214212247-elon-musk-jack-sweeney-split.jpg
media.cnn.com/api/v1/images/stellar/prod/ 7 KB
7 KB 101ms
101ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221214212247-elon-musk-jack-sweeney-split.jpg?c=16x9&q=w_250,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d0d79dafe3b0f1612eaf9605954a58cbaad03b6f222b7a2566569d9bc333b05b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000111-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 36415
x-timer: S1672707073.581297,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 7313
x-cache-hits: 533, 17

GET
H2 200 220520163214-us-homes-for-sale-0314.jpg
media.cnn.com/api/v1/images/stellar/prod/ 8 KB
9 KB 102ms
101ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/220520163214-us-homes-for-sale-0314.jpg?c=16x9&q=w_250,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 91e35a9aa6f9792a9ed69c0bc3ce17e56091a0ed9999fc828f79d879557da753

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100113-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 47067
x-timer: S1672707073.581279,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 8682
x-cache-hits: 573, 14

GET
H2 200 221213152458-sam-bankman-fried-leaves-courthouse.jpg
media.cnn.com/api/v1/images/stellar/prod/ 9 KB
10 KB 100ms
99ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221213152458-sam-bankman-fried-leaves-courthouse.jpg?c=16x9&q=w_250,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ee2602588ae0dc5410551708f84f9817e67fa674179249bebbdee773ff48edc5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100104-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 53378
x-timer: S1672707073.581246,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 9720
x-cache-hits: 502, 21

GET
H2 200 221212074936-elon-musk-cameo-dave-chappelle-san-francisco-show.jpg
media.cnn.com/api/v1/images/stellar/prod/ 6 KB
6 KB 100ms
100ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221212074936-elon-musk-cameo-dave-chappelle-san-francisco-show.jpg?c=16x9&q=w_250,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4e587200ec18c662b5ce87c3cf1e93ee392e692b225758a034efdb338540fab4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100121-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 41287
x-timer: S1672707073.581224,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 5881
x-cache-hits: 533, 18

GET
H2 200 221205130149-nasa-artemis-orion-earth-moon-1128.jpg
media.cnn.com/api/v1/images/stellar/prod/ 4 KB
4 KB 99ms
98ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221205130149-nasa-artemis-orion-earth-moon-1128.jpg?c=16x9&q=w_250,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: adecb307e3a2643f2b11f8622033c9382bd1eff92e1e905daf5c9add928cad7b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000131-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 77892
x-timer: S1672707073.581215,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 4366
x-cache-hits: 657, 22

GET
H2 200 221207141127-jamie-dimon.jpg
media.cnn.com/api/v1/images/stellar/prod/ 6 KB
7 KB 100ms
99ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221207141127-jamie-dimon.jpg?c=16x9&q=w_250,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 114f9fd177e198bced51950679b25b2ed28520180e3d79f94e5fc327f7540129

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200063-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 31551
x-timer: S1672707073.684130,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 6547
x-cache-hits: 462, 18

GET
H2 200 221207133141-barbara-corcora-rent-thumb.jpg
media.cnn.com/api/v1/images/stellar/prod/ 14 KB
14 KB 99ms
97ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221207133141-barbara-corcora-rent-thumb.jpg?c=16x9&q=w_250,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3ba95e6c6b427b70cde4b42bb18c16264c36df653dd3da93d023d4b1846c7390

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000021-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 21221
x-timer: S1672707073.684111,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 14109
x-cache-hits: 474, 14

GET
H2 200 221110145036-01-planet-fitness-gym-file.jpg
media.cnn.com/api/v1/images/stellar/prod/ 10 KB
10 KB 101ms
99ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221110145036-01-planet-fitness-gym-file.jpg?c=16x9&q=w_250,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: acf5afb42e8d7ca0cdbb00dd3f3ad8720d3d26753a8d51ec8bc5889f14971570

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100054-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 38887
x-timer: S1672707073.684348,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 10327
x-cache-hits: 556, 12

GET
H2 200 221205140804-ifeoma-ozoma-risk-takers-laptop.jpg
media.cnn.com/api/v1/images/stellar/prod/ 7 KB
7 KB 100ms
100ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221205140804-ifeoma-ozoma-risk-takers-laptop.jpg?c=16x9&q=w_250,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8bf5030c6728777f266fc36c9ddf5309d81cb16ec57a0c20de2415571cce4d59

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100160-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 45056
x-timer: S1672707073.684315,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 7087
x-cache-hits: 525, 17

GET
H2 200 220217121832-01-elon-musk-0210.jpg
media.cnn.com/api/v1/images/stellar/prod/ 2 KB
3 KB 98ms
97ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/220217121832-01-elon-musk-0210.jpg?c=16x9&q=w_250,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1df0bf2a55641e942756f7a39483ebabb0e2dce235d072a44dbf8987d9247cb4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100053-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 39544
x-timer: S1672707073.754660,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 2541
x-cache-hits: 468, 18

GET
H2 200 230102141825-donald-trump-1231.jpg
media.cnn.com/api/v1/images/stellar/prod/ 5 KB
5 KB 98ms
97ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/230102141825-donald-trump-1231.jpg?c=16x9&q=h_144,w_256,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a7ab18e80b008a6dfc908e6e91076d15a0bef611632ac38f68a00c7b7373a0c0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000051-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 8626
x-timer: S1672707073.598201,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 5100
x-cache-hits: 47, 2

GET
H2 200 220906151952-tesla-interior-file.jpg
media.cnn.com/api/v1/images/stellar/prod/ 11 KB
11 KB 98ms
98ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/220906151952-tesla-interior-file.jpg?c=16x9&q=h_144,w_256,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 038a641740492d709f2f688acee289e9e28aded12e8162fc748958d00417f157

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100138-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 24593
x-timer: S1672707073.598343,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 11141
x-cache-hits: 66, 2

GET
H2 200 221227093826-george-santos.jpg
media.cnn.com/api/v1/images/stellar/prod/ 7 KB
7 KB 98ms
97ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221227093826-george-santos.jpg?c=16x9&q=h_144,w_256,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b19251b4b010fec065c1e42c7627db8af57bc38d540d834f3e491dd293d3a844

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000098-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 52810
x-timer: S1672707073.786317,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 7051
x-cache-hits: 582, 31

GET
H2 200 190821151537-10-barbara-walters-lead-image.jpg
media.cnn.com/api/v1/images/stellar/prod/ 5 KB
6 KB 99ms
98ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/190821151537-10-barbara-walters-lead-image.jpg?c=16x9&q=h_144,w_256,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: eb48d62ca56806fe555b0ed20ade32a349dbd3ebf7abbcac790f2ffe546e6684

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200137-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 27470
x-timer: S1672707073.786565,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 5546
x-cache-hits: 448, 30

GET
H2 200 221219164230-20-tiktok-stock.jpg
media.cnn.com/api/v1/images/stellar/prod/ 8 KB
8 KB 99ms
98ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221219164230-20-tiktok-stock.jpg?c=16x9&q=h_144,w_256,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3148794f69580dc23ff7c27115ad8fb3ff286f19f3a29410e745faa7184078ba

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100091-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 36164
x-timer: S1672707073.786532,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 8238
x-cache-hits: 460, 32

GET
H2 200 221229142110-passenger-luggage-reunion.jpg
media.cnn.com/api/v1/images/stellar/prod/ 13 KB
13 KB 100ms
99ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/221229142110-passenger-luggage-reunion.jpg?c=16x9&q=h_144,w_256,c_fill
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7d3cc5a83e01133a36f653b0b7b9f960d7a1ffd38ea92f1fc35f9f3581bf16ff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000090-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 18371
x-timer: S1672707073.786809,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 13250
x-cache-hits: 40, 27

GET
H2 200 freewheel-mapping.json Show response
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ 14 KB
2 KB 314ms
113ms XHR
application/json 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/media/sites/js/bundles/business-edition-adfuel.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Jan 2023 00:51:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3540
x-jsd-version: 1.0.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19153-FRA, cache-cdg20766-CDG
x-jsd-version-type: version
server: cloudflare
etag: W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEbznR%2BIAENMcISl69oAxz1%2BBuAVYedOmixGF2KxxvVT%2BZ1XuKboi8V3BGq9NtF6MgryWldupwET2VBpTlyhtWYxQ8JhvtAD1nw5azCQcrMs27g3GQrMhj0J9UhAXMeN6I4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7837be9b5809a880-SYD

GET
H2 200 EX6bb9e0ba01b74387b149c56e7fda2fe0-libraryCode_source.min.js Show response
lightning.cnn.com/launch/7be62238e4c3/3acce89e7125/ea6bbb43d6e9/ 33 KB
12 KB 268ms
266ms Script
application/x-javascript 23.10.29.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lightning.cnn.com/launch/7be62238e4c3/3acce89e7125/ea6bbb43d6e9/EX6bb9e0ba01b74387b149c56e7fda2fe0-libraryCode_source.min.js
Requested by: Host: lightning.cnn.com
URL: https://lightning.cnn.com/launch/7be62238e4c3/3acce89e7125/launch-95f9268404e1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.29.219 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-10-29-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cc6b01835e8d367b82e2199d93bf042885b36f653d6abb865a3a2fb2c4ecf955

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:12 GMT
content-encoding: gzip
content-length: 12172
last-modified: Wed, 14 Dec 2022 17:15:16 GMT
server: AkamaiNetStorage
etag: "a49a88d2a53aacfa64d973b322d79bf0:1671038116.816385"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: *
cache-control: max-age=267
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 03 Jan 2023 00:55:39 GMT

GET
H/1.1 200
OK geo4.js Show response
cdn3.optimizely.com/js/ 309 B
791 B 900ms
268ms Script
application/javascript 23.9.179.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo4.js
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/125375509/s/articleprod.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.9.179.6 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-179-6.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: eb6a7264cfc7fdf39635e403d17c8593071e523bb3268ec8ba151f657d7ee9c6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
Date: Tue, 03 Jan 2023 00:51:13 GMT
Server: AmazonS3
x-amz-request-id: RTFN7TVC3P64GHW3
x-amz-server-side-encryption: AES256
ETag: "8777c006589ecabfa3d63a6b5bf24393"
Content-Type: application/javascript
Cache-Control: max-age=39299
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 309
x-amz-id-2: 9QtrLMX/KQB7DThg/P4Wrng7r7/9zSgrm7FDXuMuo/RTKdX/G+KZ3TeNqmIDXBHh8yYjSJFpTlI=

GET
DATA 200
OK truncated
/ 57 KB
57 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ad349cc5c635fbf821147c00c55093061abb7fee8318587ca218bcde06898f5

Request headers

Referer
Origin: https://edition.cnn.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H2 200 a125375509.html Show response
a125375509.cdn.optimizely.com/client_storage/ Frame C27B 2 KB
1 KB 864ms
282ms Document
text/html 23.9.177.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a125375509.cdn.optimizely.com/client_storage/a125375509.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/125375509/s/articleprod.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.177.173 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-177-173.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

76fae0bd28c9d3e5c0b515748309ac22fc66c180dfe323432b80fbf18401d683

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://edition.cnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 806
content-type: text/html; charset=utf-8
date: Tue, 03 Jan 2023 00:51:13 GMT
etag: "86753515c3c411e36f90a02dc31ad5fe"
last-modified: Sun, 25 Dec 2022 05:05:23 GMT
server: AmazonS3
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="269";dur=0,cdnip;desc="23.9.177.173";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-amz-id-2: TldTBq9nwK+e6NNRpXqUGNZejlXNB8P5f+vV8tvHnUujDSqgmCxh9T5ly/QxYGBt7m2/yvlj9aE=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: WTQS0WSWEN0JCBVG
x-amz-server-side-encryption: AES256
x-amz-version-id: 2a.XrxMw0V.jwPHcOfDDQuDBdV_LCb08

GET
H2 200 sync Show response
live.rezync.com/ 739 B
1 KB 1354ms
533ms Script
application/javascript 18.155.153.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=34747f0775f02a6784bb965de6833e73&k=cnn-pixel-8786&zmpID=cnn&custom1=article_34813AEB-28B3-C3B8-F62B-5D9BFD435525&custom2=article&custom3=business&cache_buster=1672707072510
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.153.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-153-34.ham50.r.cloudfront.net
Software: lighttpd/1.4.59 /
Resource Hash: 620eaa20f6ce3c29a105728bff03737793ca58fe99ec3bcfdb8c33bd39d3e257

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
via: 1.1 4ca183c2610619d28671590d4fd6b380.cloudfront.net (CloudFront)
server: lighttpd/1.4.59
x-amz-cf-pop: HAM50-P2
vary: Cookie
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 739
x-amz-cf-id: xqJNwYmXx19rioTWr_y5Od2_M90zk5dyiifsy4qaNc2ohS0emS_aZw==

GET
H3 200 alerts Show response
edition.cnn.com/public/api/ 13 B
1 KB 108ms
107ms Fetch
application/json 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://edition.cnn.com/public/api/alerts

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.195.5 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f43c62200c7815091a6fe618461fbcb6ffd38e0f8ff7aaa9ee863ab0f5d47092

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: https://.cnn.com: http://.cnn.com: .cnn.io: .cnn.net: .turner.com: .turner.io: .ugdturner.com: courageousstudio.com .vgtf.net:; script-src 'unsafe-eval' 'unsafe-inline' 'self' ; style-src 'unsafe-inline' 'self' blob: ; child-src 'self' blob: ; frame-src 'self' ; object-src 'self' ; img-src 'self' data: blob: ; media-src 'self' data: blob: ; font-src 'self' data: ; connect-src 'self' data: ; frame-ancestors 'self' https://.cnn.com:* http://.cnn.com https://.cnn.io:* http://.cnn.io: .turner.com: courageousstudio.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* courageousstudio.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Tue, 03 Jan 2023 00:51:12 GMT
age: 39
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13
x-content-hub: build-env=prod; unique-deployment-key=rn12154r; build-version=v3.12.0; build-commit-hash=a2e6f4353
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100092-IAD, cache-syd10180-SYD
surrogate-keys: YWxlcnRzL2xhbWJkYS1hbGVydA== v3.12.0
x-timer: S1672707073.563088,VS0,VE1
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-cache-hits: 15, 11

GET
H2 200 current Show response
production.dataviz.cnn.io/index/fearandgreed/ 236 B
587 B 1046ms
352ms Fetch
application/json 65.8.11.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production.dataviz.cnn.io/index/fearandgreed/current
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.11.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-11-129.kul50.r.cloudfront.net
Software: uvicorn /
Resource Hash: 2d9b902e90fce9ec57f1e4adc6560e8bb2bb7d5bf327699c02082d0d255b008b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
via: 1.1 13935e9a2646099caef6302426761de0.cloudfront.net (CloudFront)
server: uvicorn
x-amz-cf-pop: KUL50-C2
age: 4
etag: W/7758909911046752225
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
x-api-cache: Hit
cache-control: max-age=5
content-length: 236
x-amz-cf-id: hWx8H0DRjppyhEtpX_J8__0i-PD1GtjAaJrj9fLfIfsIVK6QTOKcCA==
expires: Tue, 03 Jan 2023 00:51:14 GMT

GET
H2 200 2023-01-03 Show response
production.dataviz.cnn.io/markets/index/DJII-USA,SP500-CME,COMP-USA/ 2 KB
875 B 996ms
306ms Fetch
application/json 65.8.11.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production.dataviz.cnn.io/markets/index/DJII-USA,SP500-CME,COMP-USA/2023-01-03
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.11.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-11-129.kul50.r.cloudfront.net
Software: uvicorn /
Resource Hash: 076cca9d50fa9aa02b5302178344f7b0316e5c7ccbaaa03769d0856cfe5d2649

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:10 GMT
content-encoding: gzip
via: 1.1 13935e9a2646099caef6302426761de0.cloudfront.net (CloudFront)
server: uvicorn
x-amz-cf-pop: KUL50-C2
age: 3
etag: W/-6100010198451334376
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
x-api-cache: Hit
cache-control: max-age=5
x-amz-cf-id: 0i3AoiKpQhBxtORnA6QkPj45sUcogvskYl6TWmkp0S4K5d0E1mYX4Q==
expires: Tue, 03 Jan 2023 00:51:15 GMT

GET
H3 200 video-placeholder.svg
edition.cnn.com/media/sites/cnn/ 1 KB
2 KB 99ms
98ms Image
image/svg+xml 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://edition.cnn.com/media/sites/cnn/video-placeholder.svg

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.195.5 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

149f8752f35155dca87362377145dc3ade1bd4e3051c9a59132fbc35bf463798

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: https://.cnn.com: http://.cnn.com: .cnn.io: .cnn.net: .turner.com: .turner.io: .ugdturner.com: courageousstudio.com .vgtf.net:; script-src 'unsafe-eval' 'unsafe-inline' 'self' ; style-src 'unsafe-inline' 'self' blob: ; child-src 'self' blob: ; frame-src 'self' ; object-src 'self' ; img-src 'self' data: blob: ; media-src 'self' data: blob: ; font-src 'self' data: ; connect-src 'self' data: ; frame-ancestors 'self' https://.cnn.com:* http://.cnn.com https://.cnn.io:* http://.cnn.io: .turner.com: courageousstudio.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: https://*.cnn.com:* http://*.cnn.com:* *.cnn.io:* *.cnn.net:* *.turner.com:* *.turner.io:* *.ugdturner.com:* courageousstudio.com *.vgtf.net:*; script-src 'unsafe-eval' 'unsafe-inline' 'self' *; style-src 'unsafe-inline' 'self' blob: *; child-src 'self' blob: *; frame-src 'self' *; object-src 'self' *; img-src 'self' data: blob: *; media-src 'self' data: blob: *; font-src 'self' data: *; connect-src 'self' data: *; frame-ancestors 'self' https://*.cnn.com:* http://*.cnn.com https://*.cnn.io:* http://*.cnn.io:* *.turner.com:* courageousstudio.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Jan 2023 00:51:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 3976
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 696
x-content-hub: build-env=prod; unique-deployment-key=rn12135z; build-version=v3.12.0; build-commit-hash=a2e6f4353
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200026-IAD, cache-syd10180-SYD
last-modified: Mon, 19 Dec 2022 17:45:58 GMT
x-timer: S1672707073.574993,VS0,VE1
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-cache-hits: 621, 25

GET
DATA 200
OK truncated
/ 389 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e82ce01a588ff0a5a4a5070c2a14f4d062f4428b50738a2cfa538672b063158

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 50 KB
50 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74baf67d61eba75cb4edcddd19ee17c33b00e78cc739de71a2a87de4f98bb638

Request headers

Referer
Origin: https://edition.cnn.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
DATA 200
OK truncated
/ 13 KB
13 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb7315f0f3ee9225fb42a2b3131de748dca09c48cba19379f6da3fa1aebe8103

Request headers

Referer
Origin: https://edition.cnn.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H2 200 contextfeed.js Show response
www.dianomi.com/js/ 72 KB
22 KB 324ms
118ms Script
application/javascript 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed.js

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e0d664958b948476a205de47a2721876abb1411668bbe42e58ef541a9e34f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:12 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 15
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 08 Dec 2022 16:53:55 GMT
server: cloudflare
etag: W/"12169-5ef53e1edd3b7"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 7837bea58c566a45-SYD
expires: Tue, 03 Jan 2023 00:53:12 GMT

GET
H2 200 3d9a6f21-8e47-43f8-8d58-d86150f3e92b.json Show response
cdn.cookielaw.org/consent/3d9a6f21-8e47-43f8-8d58-d86150f3e92b/ 4 KB
2 KB 306ms
108ms XHR
application/x-javascript 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3d9a6f21-8e47-43f8-8d58-d86150f3e92b/3d9a6f21-8e47-43f8-8d58-d86150f3e92b.json

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a61d376fc4c4ad444376121a403e0281e2885d4e0b70ff199ff0d55f19933fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Jan 2023 00:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: i/dyf6jtRoFx3EBesx2zyw==
age: 16303
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1694
x-ms-lease-status: unlocked
last-modified: Wed, 14 Dec 2022 20:17:54 GMT
server: cloudflare
etag: 0x8DADE104860A6EF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8731f972-e01e-00f6-14f9-0ffff0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7837bea5b8dea94f-SYD
expires: Wed, 04 Jan 2023 00:51:12 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 216 B
1019 B 1326ms
266ms XHR
application/json 52.88.128.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=7FF852E2556756057F000101%40AdobeOrg&d_nsid=0&ts=1672707072699

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-128-19.us-west-2.compute.amazonaws.com

Software

Resource Hash

af31b672fd4d401966bf3365286944ac2e28dbc11bc3f96571ca6f6fe63aa65d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-1-v041-0e3ad0b9d.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: pYPsYcayRMc=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://edition.cnn.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 207
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 RC7977cbd3c2fb4c0889e0ad588d1a249e-source.min.js Show response
lightning.cnn.com/launch/7be62238e4c3/3acce89e7125/ea6bbb43d6e9/ 668 B
977 B 247ms
247ms Script
application/x-javascript 23.10.29.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lightning.cnn.com/launch/7be62238e4c3/3acce89e7125/ea6bbb43d6e9/RC7977cbd3c2fb4c0889e0ad588d1a249e-source.min.js
Requested by: Host: lightning.cnn.com
URL: https://lightning.cnn.com/launch/7be62238e4c3/3acce89e7125/launch-95f9268404e1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.29.219 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-10-29-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 886512eb5fb8a6b519c511a9bbdcd692f5012dcfec9998b8e9ff5c357cf9f71a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:12 GMT
last-modified: Wed, 14 Dec 2022 17:15:17 GMT
server: AkamaiNetStorage
etag: "fd613ca56154427dbc9e249cdf453e49:1671038117.117135"
access-control-max-age: 86400
access-control-allow-methods: *
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=353
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 668
expires: Tue, 03 Jan 2023 00:57:05 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 579ms
193ms Script
text/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/media/sites/js/bundles/business-edition-adfuel-body.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6a0706ba8f0df89052730cc06f1f579cad19806f54079b72f8a9237ccf219c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27665
x-xss-protection: 0
server: sffe
etag: "1440 / 576 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 03 Jan 2023 00:51:13 GMT

GET
H2 200 zfh-3.js Show response
z.cdp-dev.cnn.com/zfm/ 5 KB
1 KB 98ms
98ms Script
application/javascript 151.101.1.67
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdp-dev.cnn.com/zfm/zfh-3.js
Requested by: Host: z.cdp-dev.cnn.com
URL: https://z.cdp-dev.cnn.com/zion-web-client/3.0/zion-web-client.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.67 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 84841ae2d4dd04ff59ce302baa5421b478dc2f26d092ffb3f9bcadc13c6ca64e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: XpTiNQbrmE20FhL95XM7iSDWmUzqqFrd
content-encoding: gzip
via: 1.1 0dc81f450c72d91e34b5a0b41d441f28.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
date: Tue, 03 Jan 2023 00:51:12 GMT
x-amz-cf-pop: IAD89-P2
age: 7
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 1211
x-served-by: cache-iad-kiad7000133-IAD, cache-syd10135-SYD
last-modified: Wed, 06 Jul 2022 20:08:03 GMT
x-timer: S1672707073.845122,VS0,VE1
etag: W/"c1b7b40e7529c0dffb8eaac8c58b2a8f"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: 3GanP39T4n325kUSllrCsnCyVt2VvqyfyFVFrQwoFV1s96NxLCzTVQ==
x-cache-hits: 3038, 1

OPTIONS
H2 200 tp2
collector.cdp.cnn.com/com.snowplowanalytics.snowplow/ Frame 0
0 726ms
238ms Preflight 76.223.14.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.cdp.cnn.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.14.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a80a9201ee101bbc3.awsglobalaccelerator.com
Software: akka-http/10.2.7 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://edition.cnn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://edition.cnn.com
access-control-max-age: 600
content-length: 0
date: Tue, 03 Jan 2023 00:51:13 GMT
server: akka-http/10.2.7

OPTIONS
H2 200 putRecord
zion.api.cnn.io/bridge/v1/ Frame 0
0 1010ms
326ms Preflight
application/json 52.20.132.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://zion.api.cnn.io/bridge/v1/putRecord
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.132.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-132-178.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://edition.cnn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: X-Graphql-Query-Uuid,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 03 Jan 2023 00:51:13 GMT
x-amz-apigw-id: eJBQTHTFoAMFoiA=
x-amzn-requestid: 91c45f99-d034-4e25-b56d-41fe84ce28fd

POST
H2 200 tp2 Show response
collector.cdp.cnn.com/com.snowplowanalytics.snowplow/ 2 B
315 B 613ms
236ms XHR
text/plain 76.223.14.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.cdp.cnn.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.14.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a80a9201ee101bbc3.awsglobalaccelerator.com
Software: akka-http/10.2.7 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://edition.cnn.com
date: Tue, 03 Jan 2023 00:51:14 GMT
access-control-allow-credentials: true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server: akka-http/10.2.7
content-length: 2
content-type: text/plain; charset=UTF-8

POST
H2 200 putRecord Show response
zion.api.cnn.io/bridge/v1/ 133 B
467 B 344ms
343ms XHR
application/json 52.20.132.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://zion.api.cnn.io/bridge/v1/putRecord
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.132.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-132-178.compute-1.amazonaws.com
Software: /
Resource Hash: 22c278112652549c7fff3590372154b8581d655e7428d2f94dc5f6bd0a60f799

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
x-amzn-requestid: e42edc7e-4a32-42d7-a70e-63d47cd40e4d
x-amzn-trace-id: Root=1-63b37c02-470a786d465e03255936e143
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: eJBQWGDOIAMFhRg=
content-length: 133
access-control-allow-headers: X-Graphql-Query-Uuid,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token

GET
H2 200 zion-mb.min.js Show response
www.i.cdn.cnn.com/zion/ 2 KB
1 KB 141ms
97ms Script
application/x-javascript 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.i.cdn.cnn.com/zion/zion-mb.min.js
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: c6104817ba76c7ef1ce99a73ab68bac973a3d0a1bef9db9f91624153754d8f35

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
content-encoding: gzip
x-amz-meta-privilege: 664
via: 1.1 varnish, 1.1 varnish
x-servedbyhost: ::ffff:127.0.0.1
x-amz-request-id: 5EHBP8EJ7F9HVPK5
age: 845
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 569
x-amz-id-2: vDCf6eghZGmmGxwFC4ItAZKAQz/X33Cgu91zJMHYeHQ/BYzgqGcHEiz+jK8YHAdt4ikByMl07bI=
x-served-by: cache-iad-kjyo7100045-IAD, cache-syd10156-SYD
last-modified: Thu, 21 Jan 2021 05:08:08 GMT
server: openresty
x-timer: S1672707073.046314,VS0,VE0
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-md5: 7fa91029084bd49ef9ec069641e263a2
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 7, 30

GET
H2 200 RC9b99e7d9aabe42148501b6950dc764cd-source.min.js Show response
lightning.cnn.com/launch/7be62238e4c3/3acce89e7125/ea6bbb43d6e9/ 16 KB
3 KB 250ms
250ms Script
application/x-javascript 23.10.29.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lightning.cnn.com/launch/7be62238e4c3/3acce89e7125/ea6bbb43d6e9/RC9b99e7d9aabe42148501b6950dc764cd-source.min.js
Requested by: Host: lightning.cnn.com
URL: https://lightning.cnn.com/launch/7be62238e4c3/3acce89e7125/launch-95f9268404e1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.29.219 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-10-29-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7c52b2e2bde01007ac3d94cdabee21b0ffe2b7f72b44f13e7adee2e941f975d1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
content-encoding: gzip
content-length: 2957
last-modified: Wed, 14 Dec 2022 17:15:17 GMT
server: AkamaiNetStorage
etag: "f4e92e8ea12d237feb143297b56ac3cc:1671038117.411547"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: *
cache-control: max-age=207
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 03 Jan 2023 00:54:40 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/ 383 KB
92 KB 109ms
109ms Script
application/javascript 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Jan 2023 00:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uPFqyxtrxGqJsyAvB7RnSg==
age: 16832
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93482
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:45 GMT
server: cloudflare
etag: 0x8DADC66BDFA5EC7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cffcc2f9-101e-0024-13c4-0e41a8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7837bea6682aa81f-SYD

GET
H2 200 context.pl Show response
www.dianomi.com/cgi-bin/ 3 KB
1 KB 377ms
376ms XHR
application/json 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/context.pl?id=524&h=edition.cnn.com&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5907df3620aef855fb4e2d69901105fd13c168cb5309ea7ec45d546c4ead8447

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: https://edition.cnn.com
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 7837bea66d126a45-SYD
x-xss-protection: 1; mode=block

GET
H2 200 context.pl Show response
www.dianomi.com/cgi-bin/ 415 B
338 B 378ms
377ms XHR
application/json 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/context.pl?id=633&h=edition.cnn.com&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bac93af2d4c2726e1fb624b450e5d772c7bb727472d58faea76a1809fcb286a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: https://edition.cnn.com
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 7837bea66d146a45-SYD
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
948 B 587ms
195ms Fetch
application/json 13.33.33.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-53.sin2.r.cloudfront.net
Software: /
Resource Hash: c2dff4d99eef4b35e8f498d841d785ec135749647ff00b3efd1a5d66f87e5241

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 02:18:31 GMT
via: 1.1 efb1b7f3f8c49c642a3c171f148004fe.cloudfront.net (CloudFront), 1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1, SIN2-P1
age: 81162
x-amzn-requestid: 5a8de01c-4e2d-4ddd-a5a9-ac3b654aa147
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: eF7GrEyPiYcF6Fg=
content-length: 535
x-amz-cf-id: uGCfz90ErDpj1dr65QH7Qs8RNXdYBoiimVlOQOW8dZ5K0hihwApfPw==

GET
H2 200 cnn-beacon.min.js Show response
signal-beacon.s-onetag.com/ 30 KB
10 KB 657ms
216ms Script
application/javascript 18.155.68.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/cnn-beacon.min.js?affiliateId=276894
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-98.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b5f70b5766bdc7352be33719cde8b5a6641dc146ef408b7d74ac559aaf2fd35

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: mwmxiTBvzyAbABNBohYXNbW_eX6pBP7U
content-encoding: gzip
via: 1.1 574188a928e9091a61842b1bf8314b56.cloudfront.net (CloudFront)
date: Tue, 03 Jan 2023 00:18:26 GMT
last-modified: Wed, 20 Apr 2022 09:28:01 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
age: 1968
x-amz-server-side-encryption: AES256
etag: W/"ba68631d95f8620a7a77d811c736bb02"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 22c1qV-aDF9yZAsdkhj5LwuFiiCHnmj9BhEJTm44qa8LxNTBzKvdyw==

GET
H3 200 css
registry.api.cnn.io/bundles/fave/4.16.2/ 100 KB
18 KB 99ms
98ms Stylesheet
text/css 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://registry.api.cnn.io/bundles/fave/4.16.2/css
Requested by: Host: registry.api.cnn.io
URL: https://registry.api.cnn.io/bundles/fave/latest-4.x/js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39e25f1f874faaf89cea5a4722d143df1444e2c2fcc653b28366f866b206472c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: CSPBW57GYGCBF9H6
age: 3466
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17563
x-amz-id-2: kABOcOgq1Jyg3XcnPpqNVrPrp4ZDNeQa4lpk0RmFswN3svk2y2rvvfJqQS19oMtbsD9Wtjq0Xq8=
x-served-by: cache-iad-kjyo7100053-IAD, cache-syd10180-SYD
last-modified: Tue, 20 Dec 2022 18:08:19 GMT
server: AmazonS3
x-timer: S1672707073.102560,VS0,VE0
vary: origin,accept-encoding, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 379, 51

GET
H3 200 vendor Show response
registry.api.cnn.io/bundles/fave/vendor-8cd0b0d8/ 971 KB
275 KB 99ms
98ms Script
application/javascript 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://registry.api.cnn.io/bundles/fave/vendor-8cd0b0d8/vendor
Requested by: Host: registry.api.cnn.io
URL: https://registry.api.cnn.io/bundles/fave/latest-4.x/js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6938b419ee2325f0617b7873bdd313503a4d3e67f6fba54326c70197429c6cbd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 0YTR18JK4BCT0PFA
age: 1904
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 281364
x-amz-id-2: 5UOK5yghzGEgznd9yu4XLqrU/S1U//JdM4gmegNbCr6hjeFrzMkZJiNC2UZz8meqHvl4Ofx2s88=
x-served-by: cache-iad-kjyo7100071-IAD, cache-syd10180-SYD
last-modified: Tue, 20 Dec 2022 18:08:20 GMT
server: AmazonS3
x-timer: S1672707073.103191,VS0,VE0
vary: origin,accept-encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 189, 28

GET
H3 200 app Show response
registry.api.cnn.io/bundles/fave/4.16.2/ 23 KB
7 KB 294ms
294ms Script
application/javascript 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://registry.api.cnn.io/bundles/fave/4.16.2/app
Requested by: Host: registry.api.cnn.io
URL: https://registry.api.cnn.io/bundles/fave/latest-4.x/js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a84fd157db76f74ff879c5cb924b24f680f14bfb74132e47f842c2ce34f68c4b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 4JEAP3C0VAT9W1K0
age: 3456
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6306
x-amz-id-2: SxB5FgsANJ0XschXuA/UxFI44rsvPMiZ03QWx0ddebHsIVzybDuTAuMfq6HNIyrRNb2ZS0N5jRE=
x-served-by: cache-iad-kiad7000099-IAD, cache-syd10180-SYD
last-modified: Tue, 20 Dec 2022 18:08:19 GMT
server: AmazonS3
x-timer: S1672707073.103342,VS0,VE0
vary: origin,accept-encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 685, 84

POST
H2 200 putRecord Show response
zion.api.cnn.io/bridge/v1/ 133 B
467 B 334ms
333ms XHR
application/json 52.20.132.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://zion.api.cnn.io/bridge/v1/putRecord
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.132.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-132-178.compute-1.amazonaws.com
Software: /
Resource Hash: e0e1c9c1d11731e2ab33be69684cd10b23d3866339064a375c4948ab23bdbfba

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
x-amzn-requestid: c66bfdc7-482c-441c-b88f-39aff09afdd2
x-amzn-trace-id: Root=1-63b37c02-1767b1c476450c466b927042
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: eJBQWG5qIAMFuKg=
content-length: 133
access-control-allow-headers: X-Graphql-Query-Uuid,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token

POST
H2 200 putRecord Show response
zion.api.cnn.io/bridge/v1/ 133 B
467 B 336ms
335ms XHR
application/json 52.20.132.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://zion.api.cnn.io/bridge/v1/putRecord
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.132.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-132-178.compute-1.amazonaws.com
Software: /
Resource Hash: a3bc6bd17dddff63d04fd8fab2c95fbdbbf5c6c9d2ca842bad6f0f02deb2a215

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
x-amzn-requestid: d33a1b37-ba6f-4f4f-bfe0-55e7ea6f85ef
x-amzn-trace-id: Root=1-63b37c02-24db8c1b3684a50434ce82c9
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: eJBQWHMdIAMFj9g=
content-length: 133
access-control-allow-headers: X-Graphql-Query-Uuid,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 putRecord
zion.api.cnn.io/bridge/v1/ Frame 0
0 819ms
325ms Preflight
application/json 52.20.132.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://zion.api.cnn.io/bridge/v1/putRecord
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.132.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-132-178.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://edition.cnn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: X-Graphql-Query-Uuid,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 03 Jan 2023 00:51:13 GMT
x-amz-apigw-id: eJBQTHwMIAMFhNw=
x-amzn-requestid: d5cb59d4-abb5-483d-a898-d6376b571fb2

OPTIONS
H2 200 putRecord
zion.api.cnn.io/bridge/v1/ Frame 0
0 820ms
326ms Preflight
application/json 52.20.132.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://zion.api.cnn.io/bridge/v1/putRecord
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.132.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-132-178.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://edition.cnn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: X-Graphql-Query-Uuid,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 03 Jan 2023 00:51:13 GMT
x-amz-apigw-id: eJBQTExAoAMFntQ=
x-amzn-requestid: da574074-da03-4af0-81f5-9608ee8a57a2

GET
H2 200 RC9f0ac7b15b094072b30003e87a3cbbde-source.min.js Show response
lightning.cnn.com/launch/7be62238e4c3/3acce89e7125/ea6bbb43d6e9/ 48 KB
6 KB 258ms
257ms Script
application/x-javascript 23.10.29.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lightning.cnn.com/launch/7be62238e4c3/3acce89e7125/ea6bbb43d6e9/RC9f0ac7b15b094072b30003e87a3cbbde-source.min.js
Requested by: Host: lightning.cnn.com
URL: https://lightning.cnn.com/launch/7be62238e4c3/3acce89e7125/launch-95f9268404e1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.29.219 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-10-29-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0ba1e31fcf776296baeafed62817164d0fa069fa586213cd63f6df9c4108901b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
content-encoding: gzip
content-length: 5540
last-modified: Wed, 14 Dec 2022 17:15:17 GMT
server: AkamaiNetStorage
etag: "854c773b5e59cc15e22fad44f03e7e9f:1671038117.666672"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: *
cache-control: max-age=84
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 03 Jan 2023 00:52:37 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/3d9a6f21-8e47-43f8-8d58-d86150f3e92b/11234644-4fd8-4b71-a75e-19b507c56d8c/ 305 KB
49 KB 107ms
107ms Fetch
application/x-javascript 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3d9a6f21-8e47-43f8-8d58-d86150f3e92b/11234644-4fd8-4b71-a75e-19b507c56d8c/en.json

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e85bef9261e02dd57eadbc38c5eed2693b324751fc20f1b741feb724406913f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Jan 2023 00:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: XLLx8F19/1ivDKRZMXNFvQ==
age: 16309
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 50268
x-ms-lease-status: unlocked
last-modified: Wed, 14 Dec 2022 20:18:39 GMT
server: cloudflare
etag: 0x8DADE10631C909B
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 289cd6be-901e-00f9-40f9-0f1206000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7837bea80bc5a94f-SYD
expires: Wed, 04 Jan 2023 00:51:13 GMT

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
360 B 1332ms
322ms XHR
text/plain 107.23.1.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.1.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-1-183.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 03 Jan 2023 00:51:14 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://edition.cnn.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: ba90023e-8567-4ed6-9ef0-d9d221982dc3

GET
H2 200 dianomi-context.css
www.dianomi.com/partner/dianomi/css/ 169 B
301 B 117ms
117ms Stylesheet
text/css 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4115
cf-polished: origSize=199
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 21 Jan 2019 12:43:41 GMT
server: cloudflare
etag: W/"c7-57ff735ded940"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7837bea8cfc66a45-SYD
expires: Tue, 03 Jan 2023 04:51:13 GMT

GET
H2 200 videofeed.js Show response
www.dianomi.com/js/contextfeed/ 4 KB
2 KB 112ms
112ms Script
application/javascript 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed/videofeed.js?v=20221208165346499

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10010e51059cbaf5e25c4bebc978688ba1309b0b928fceac23a0297332c8d720

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 49
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 08 Dec 2022 16:53:55 GMT
server: cloudflare
etag: W/"10ff-5ef53e1ee8b52"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 7837bea8cfc86a45-SYD
expires: Tue, 03 Jan 2023 00:53:13 GMT

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame 52B9 6 KB
2 KB 393ms
393ms Document
text/html 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=7237&numAds=3&cf=1759.524.cnninlt&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7237-Y7N8AYsi75GRi1DALLdAnwAAAD80

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f8f9d8279aff091c45c973cd487d1299c926d4841d9242541d1957cbc281a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://edition.cnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 7837bea8dfd06a45-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 03 Jan 2023 00:51:13 GMT
expires: now
link: </img/a/pss/3455/15.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame B44A 3 KB
1 KB 391ms
391ms Document
text/html 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=10328&numAds=1&cf=1759.524.cnninlt&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-10328-Y7N8AYsi75GRi1DALLdAnwAAAD81

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06f0d98451146d3433e415a870835aa7d8a3156580dd9dcd67ac339411df7b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://edition.cnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 7837bea8dfd26a45-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 03 Jan 2023 00:51:13 GMT
expires: now
link: </img/a/pss/3862/76.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ 1 KB
1 KB 118ms
117ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949580
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
content-length: 1164
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7837bea928306a45-SYD
expires: Thu, 02 Feb 2023 10:51:13 GMT

GET
H2 200 pixeltrack.pl
www.dianomi.com/cgi-bin/ 77 B
246 B 374ms
374ms Image
image/gif 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=1759.524.cnninlt&geo_ccod=au

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:13 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 7837bea928316a45-SYD
content-length: 77
x-xss-protection: 1; mode=block
expires: Mon, 02 Jan 2023 00:51:13 GMT

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame 94AD 9 KB
2 KB 437ms
436ms Document
text/html 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=7244&numAds=6&cf=1759.633.CNNinltrhnew&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7244-Y7N8ATvNHbWhdA7Hrap6ZgAAACM9

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51bbfbf10840c33e0ca3e8265ba316d5bab0bb541e51820097f9c26b87432cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://edition.cnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 7837bea9283b6a45-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 03 Jan 2023 00:51:13 GMT
expires: now
link: </img/a/pss/3395/19.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixeltrack.pl
www.dianomi.com/cgi-bin/ 77 B
137 B 376ms
375ms Image
image/gif 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=1759.633.CNNinltrhnew&geo_ccod=au

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:13 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 7837bea928386a45-SYD
content-length: 77
x-xss-protection: 1; mode=block
expires: Mon, 02 Jan 2023 00:51:13 GMT

GET
H3 200 topplayer Show response
registry.api.cnn.io/bundles/fave/topplayer-f1aa0f04/ 3 MB
996 KB 98ms
97ms Script
application/javascript 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://registry.api.cnn.io/bundles/fave/topplayer-f1aa0f04/topplayer
Requested by: Host: registry.api.cnn.io
URL: https://registry.api.cnn.io/bundles/fave/latest-4.x/js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f304f45550671582b688cf783331149146bbff148259b7afc87ff1356bdaa145

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 2YY94MK3QTTZFVYQ
age: 2779
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1019512
x-amz-id-2: Db106US0Uf6Ym4iEZdWEGke6MXGFojFYd35lYP5yCaYFYZoQMOUjQ7+SXV/2suuVi6/UAea+Qx4=
x-served-by: cache-iad-kcgs7200136-IAD, cache-syd10180-SYD
last-modified: Tue, 20 Dec 2022 18:08:19 GMT
server: AmazonS3
x-timer: S1672707073.496364,VS0,VE0
vary: origin,accept-encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 1123, 50

GET
H3 200 topinstance Show response
registry.api.cnn.io/bundles/fave/topinstance-c30c24eb/ 230 KB
48 KB 204ms
203ms Script
application/javascript 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://registry.api.cnn.io/bundles/fave/topinstance-c30c24eb/topinstance
Requested by: Host: registry.api.cnn.io
URL: https://registry.api.cnn.io/bundles/fave/latest-4.x/js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3f3f42abf50867d2741b8fbe394f9f6962a7c060868c5495887d94783723ed5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: TXCD11Q606F37JV9
age: 3504
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 49037
x-amz-id-2: Aumr3K85WuNtVlf6LCTBjB0eFn8SKS7srAxMaslKq0tKDOf0UpB2MerJWVQfAGODA2BcEOl/0NI=
x-served-by: cache-iad-kcgs7200032-IAD, cache-syd10180-SYD
last-modified: Tue, 20 Dec 2022 18:08:19 GMT
server: AmazonS3
x-timer: S1672707073.496461,VS0,VE0
vary: origin,accept-encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 210, 69

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 13 KB
3 KB 108ms
107ms Fetch
application/json 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otFlat.json

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Jan 2023 00:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: vO8A/abKpoPacUrvSk9OSw==
age: 23672
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:35 GMT
server: cloudflare
etag: 0x8DADC66B7AF38D0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6b936df6-f01e-0108-2455-0e85c0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7837bea9be1aa94f-SYD

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/ 61 KB
12 KB 110ms
109ms Fetch
application/json 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/otPcCenter.json

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Jan 2023 00:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: mBGnk7IXt0USbYmXZQhmOw==
age: 23665
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12540
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:37 GMT
server: cloudflare
etag: 0x8DADC66B90C98A8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 094bb476-a01e-003d-2455-0e6dc0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7837bea9be1ca94f-SYD

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 21 KB
4 KB 117ms
117ms Fetch
text/css 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Jan 2023 00:51:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 23665
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a06cfc05-d01e-001b-1155-0ef674000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7837bea9be1ea94f-SYD

GET
H2 200 pubads_impl_2022120601.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 492ms
191ms Script
text/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 03:27:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132161
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 09:39:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Dec 2023 03:27:18 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
452 B 574ms
193ms XHR
application/json 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=edition.cnn.com

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

cafe /

Resource Hash

06c1dc99ffc44800fa6d6fc9ab5ed5954d1de620c1df740825029a4d1a992022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 427
x-xss-protection: 0
expires: Tue, 03 Jan 2023 00:51:14 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
489 B 109ms
109ms Fetch
image/svg+xml 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Jan 2023 00:51:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 23665
x-ms-lease-status: unlocked
last-modified: Wed, 21 Dec 2022 07:32:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d168a2be-901e-017e-6d68-15017c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7837beaa8f01a94f-SYD

GET
H2 200 WBD_HorizontalLogo_Blue.png
cdn.cookielaw.org/logos/9651e1f6-c35b-4377-be7f-5a0c93f0ecb8/03801d52-ca25-489d-9ebe-e2ce0c81387f/846ba59f-32f3-4560-b70d-5302b8ce95a0/ 97 KB
97 KB 108ms
108ms Image
image/png 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/9651e1f6-c35b-4377-be7f-5a0c93f0ecb8/03801d52-ca25-489d-9ebe-e2ce0c81387f/846ba59f-32f3-4560-b70d-5302b8ce95a0/WBD_HorizontalLogo_Blue.png

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cd1751416a7128f8a0c14fdc634c7aa4733548014fa35a16c7fa12c897436a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Jan 2023 00:51:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: r+FEfCnLZBkQEuNoHO6SaQ==
age: 23669
content-length: 99368
x-ms-lease-status: unlocked
last-modified: Fri, 09 Dec 2022 00:14:12 GMT
server: cloudflare
etag: 0x8DAD97A4CE25130
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 2e5fe1ec-a01e-0072-6836-0ea9d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7837beaaad31a81f-SYD

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 161ms
161ms Image
image/svg+xml 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 03 Jan 2023 00:51:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 2089
x-ms-lease-status: unlocked
last-modified: Wed, 21 Dec 2022 07:32:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 72dbe5f4-f01e-0121-5cb1-15f382000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7837beaaad33a81f-SYD

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
939 B 194ms
194ms Fetch
application/json 13.33.33.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-53.sin2.r.cloudfront.net
Software: /
Resource Hash: c2dff4d99eef4b35e8f498d841d785ec135749647ff00b3efd1a5d66f87e5241

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 02:18:31 GMT
via: 1.1 efb1b7f3f8c49c642a3c171f148004fe.cloudfront.net (CloudFront), 1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1, SIN2-P1
age: 81162
x-amzn-requestid: 5a8de01c-4e2d-4ddd-a5a9-ac3b654aa147
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: eF7GrEyPiYcF6Fg=
content-length: 535
x-amz-cf-id: ltu03YTKYEbHq2PxXZ6T_S2TF3GpnYsT5bTS4QaWcZQnKtAl-QEZqA==

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
544 B 1142ms
379ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

eb3f4524bc9a1d57c3ff226e6c6b9326638adc5fe83d66b0f9d8de3f745c5d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://edition.cnn.com
date: Tue, 03 Jan 2023 00:51:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 178 KB
45 KB 626ms
227ms Script
application/javascript 13.33.79.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/media/sites/js/bundles/business-edition-adfuel.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-79-24.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2db364591994c4fb2da18489bf8d4547fac6f633bcea1169e7c68519b47109ff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:00:05 GMT
content-encoding: gzip
via: 1.1 519f4b1ac97b08b10023540bb9e7e006.cloudfront.net (CloudFront), 1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 18:13:57 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2, SIN2-P2
age: 3070
x-amz-server-side-encryption: AES256
etag: W/"b2496fcafcf1daf6223aefe99a0cf048"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: HhKi4eGBXiJ0M7bhYH6NiB4OjEABYRA7fF-9jaemQTIYiFZYIw_PGA==

GET
H2 200 controltag Show response
cdn.krxd.net/ 35 KB
8 KB 310ms
105ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag?confid=tefghq6ia
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/media/sites/js/bundles/business-edition-adfuel.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3af5460ab518e05cac5955fe2f639bfdae0250a03d38541656ce0318b1096011

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Tue, 03 Jan 2023 00:51:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 619
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-length: 7961
x-served-by: config-service-a006-ash-prod.krxd.net, cache-iad-kjyo7100162-IAD, cache-syd10162-SYD
x-response-time: 1
x-do-esi: esi
x-timer: S1672707074.116722,VS0,VE8
etag: "6f4b0e5a126ee75ab71c985ffbbd799f00f09cc1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 iasPET.1.js Show response
static.adsafeprotected.com/ 22 KB
7 KB 1232ms
402ms Script
application/javascript 52.84.45.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/iasPET.1.js
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/media/sites/js/bundles/business-edition-adfuel.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.45.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-45-31.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: UWTIHcIBCTlOhfqinKDA9NwqhFA8.Ocb
content-encoding: gzip
via: 1.1 281d355987643c0eb0bbf0ab368dda60.cloudfront.net (CloudFront)
date: Tue, 27 Dec 2022 01:06:14 GMT
x-amz-cf-pop: MRS52-P1
age: 604047
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Jun 2021 13:42:44 GMT
server: AmazonS3
etag: W/"51636de3ce868a2172f9e6996c2934e0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: kZ1Agrxc9zMt6LALlJBak4UJuVLOTPn1bC3bgPUdn71n9-WILoPmUQ==

GET
H/1.1

200
OK

u
1f2e7.v.fwmrm.net/ad/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=185&_fw_gdpr=0&_fw_gdpr_consent=
https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=b23fc5eda5eafd49a0441a3ca7e380b9&_fw_gdpr=0&_fw_gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
455 B

1071ms
265ms

Image
image/gif

34.223.199.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=b23fc5eda5eafd49a0441a3ca7e380b9&_fw_gdpr=0&_fw_gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: HTTP/1.1
Server: 34.223.199.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-199-225.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:15 GMT
Content-Type: image/gif
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:14 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=b23fc5eda5eafd49a0441a3ca7e380b9&_fw_gdpr=0&_fw_gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1672707074448005-68
Expires: Tue, 03 Jan 2023 00:51:14 GMT

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
541 B 680ms
197ms Image
image/gif 72.247.81.168
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.81.168 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-81-168.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:14 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1672707074418047-16
Expires: Tue, 03 Jan 2023 00:51:14 GMT

GET
H2 200 xd.sjs Show response
www.ugdturner.com/ 329 B
534 B 1127ms
310ms Script
text/javascript 44.208.250.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ugdturner.com/xd.sjs
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/media/sites/js/bundles/business-edition-adfuel.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.208.250.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-208-250-193.compute-1.amazonaws.com
Software: openresty /
Resource Hash: ea332e6c1e4cdd2478dabbd42c19f5c5ed167101b6ff5ea56f83206ab6cbd2a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
cache-control: no-cache
server: openresty
content-type: text/javascript

GET
H2 200 player-ui.min.js Show response
turnip.cdn.turner.com/top/player-ui/2.12.1-30/ 280 KB
66 KB 1254ms
278ms Script
application/x-javascript 96.17.72.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://turnip.cdn.turner.com/top/player-ui/2.12.1-30/player-ui.min.js

Requested by

Host: registry.api.cnn.io
URL: https://registry.api.cnn.io/bundles/fave/topplayer-f1aa0f04/topplayer

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.72.58 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-72-58.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

c4ced9b65799c47270c5f92809e9ed6471d838d8fffba5aa0fb5f33a719e9d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
akamai-grn: , 0.36481160.1672707075.3cc63a8d
server-timing: cdn-cache; desc=HIT, edge; dur=1
last-modified: Wed, 28 Sep 2022 20:03:59 GMT
server: AkamaiNetStorage
etag: "47b640c9e4342cd35c3ac01b175bdd1d:1664395438.712647"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Server,range,hdntl,hdnts
cache-control: max-age=1209600
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts

GET
H2 200 player-ui.min.css
turnip.cdn.turner.com/top/player-ui/2.12.1-30/ 26 KB
9 KB 1240ms
265ms Stylesheet
text/css 96.17.72.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://turnip.cdn.turner.com/top/player-ui/2.12.1-30/player-ui.min.css

Requested by

Host: registry.api.cnn.io
URL: https://registry.api.cnn.io/bundles/fave/topplayer-f1aa0f04/topplayer

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.72.58 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-72-58.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

351f4a610470ff4bc5cdc7763f3a5efd757cab0b4281b8d746bc6af1868b79ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
akamai-grn: , 0.36481160.1672707075.3cc63a8c
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 8437
last-modified: Wed, 28 Sep 2022 20:03:59 GMT
server: AkamaiNetStorage
etag: "f4f76eebd15fc6e8f3647f276fef1a0b:1664395439.469917"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Server,range,hdntl,hdnts
cache-control: max-age=1209600
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts

GET
H/1.0 503
Service Unavailable 39a34d8d-dd1d-4fbf-aa96-fdc5f0329451
v8-emea.sdk.beemray.com/content/websdk/ 0
0 2208ms
376ms Script
text/html 94.237.48.90
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://v8-emea.sdk.beemray.com/content/websdk/39a34d8d-dd1d-4fbf-aa96-fdc5f0329451
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/media/sites/js/bundles/business-edition-adfuel-body.min.js
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.237.48.90 London, United Kingdom, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-48-90.uk-lon1.upcloud.host
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 script.js Show response
d2uap9jskdzp2.cloudfront.net/ 121 KB
42 KB 626ms
225ms Script
application/javascript 13.225.0.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2uap9jskdzp2.cloudfront.net/script.js
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/media/sites/js/bundles/business-edition-adfuel-body.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.0.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-0-140.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c290d1940e625a637a116cdb9e319249d8c4ddb6006d9e1a4c535054b2407736

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 2n2r4V.YU.HH9ZK6XtCW5F79XBPiyaJX
content-encoding: gzip
via: 1.1 d0c382408f1494b28878807009b3cbdc.cloudfront.net (CloudFront)
date: Tue, 03 Jan 2023 00:46:40 GMT
last-modified: Fri, 30 Dec 2022 17:23:40 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 276
etag: W/"76ece6936f87a78088207171b3e3c9da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,public,must-revalidate
x-amz-cf-id: 7cWET8TEMKDlUmHeKFqXpZRNTBJeREYUhX0TiYzlvh6fx08aohOiqA==

GET
H2 200 76.css
www.dianomi.com/img/a/pss/3862/ Frame B44A 4 KB
1 KB 113ms
112ms Stylesheet
text/css 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/3862/76.css

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

447bc4896c9d43c8a4acc84b49205a3592a55cbf21bcfcb9996602e6387c83da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=10328&numAds=1&cf=1759.524.cnninlt&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-10328-Y7N8AYsi75GRi1DALLdAnwAAAD81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 871379
cf-polished: origSize=6878
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 12:35:48 GMT
server: cloudflare
etag: W/"1ade-5ee22873ec8bf"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 7837beb0b9976a45-SYD
expires: Thu, 02 Feb 2023 10:51:14 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame B44A 9 KB
881 B 584ms
193ms Stylesheet
text/css 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&family=Source+Serif+Pro:wght@600&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=10328&numAds=1&cf=1759.524.cnninlt&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-10328-Y7N8AYsi75GRi1DALLdAnwAAAD81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

ESF /

Resource Hash

511ae9e649b3f4725c514a241262d7d6744d72a1a02bec7ab0d54411391b40b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 00:48:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Jan 2023 00:51:15 GMT

GET
H2 200 viewability11.js Show response
www.dianomi.com/js/ Frame B44A 8 KB
3 KB 127ms
125ms Script
application/javascript 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability11.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=10328&numAds=1&cf=1759.524.cnninlt&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-10328-Y7N8AYsi75GRi1DALLdAnwAAAD81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2
cf-polished: origSize=13022
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:07:22 GMT
server: cloudflare
etag: W/"32de-5eda6eac3f39f"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 7837beb0b9a26a45-SYD
expires: Tue, 03 Jan 2023 00:53:14 GMT

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://warnermediagroup-com.videoplayerhub.com/galleryloader.js
https://btloader.com/tag?h=warnermediagroup-com&upapi=true

14 KB
7 KB

308ms
107ms

Script
application/javascript

104.26.6.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=warnermediagroup-com&upapi=true
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 104.26.6.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44a87322918d3f175ce7c85fad24140479aff0e4a61b4ecfbd53b5da44c5380c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Jan 2023 00:24:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1605
etag: W/"174ada19e6fc416b321de2265bdd0ac2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y183ZhsB2uQnFETZNk8lFiz3m9iDkmmYfTcY5m7htzQ62B%2FC94jVPUnstphKey2TXJOZu%2B%2BthQeeWRJcuFa4PyV7Qn7SSVnAhz5CqqJiL0tIOrstIQ2AHVIb14fu5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray: 7837beb3ed7ca865-SYD

Redirect headers

date: Tue, 03 Jan 2023 00:51:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohL6YdQejjJx%2Fk%2F31brbmd5oKZ7qfX5vsrs1Wtpyr1Gdmzdag%2FsEYU4AQajJhlQ3yGo%2BlovyJYHsxllDQFziKJOU6qlV9f0FQEywnO8DrNieVrqOUw8iBpktj0veP3yItoxc8SkSyamjAKgxXvvmGbl7qx3ZBJYW9g%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=warnermediagroup-com&upapi=true
cache-control: max-age=3600
cf-ray: 7837beb1f818a949-SYD
expires: Tue, 03 Jan 2023 01:51:14 GMT

GET
H/1.1

200

audience_id Show response
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/audience_id
https://sync.search.spotxchange.com/audience_id?__user_check__=1

54 B
587 B

195ms
194ms

XHR
application/json

103.71.26.125
SPOTX-AS-AP SpotX...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.search.spotxchange.com/audience_id?__user_check__=1
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: HTTP/1.1
Server: 103.71.26.125 , Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f8fa7d2cf8c2ca6177297177508c1b8d23088c571882304e330c5de8572b971

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 03 Jan 2023 00:51:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://edition.cnn.com
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
X-fe: 45
Connection: keep-alive
Content-Length: 54

Redirect headers

Date: Tue, 03 Jan 2023 00:51:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: //sync.search.spotxchange.com/audience_id?__user_check__=1
Access-Control-Allow-Origin: https://edition.cnn.com
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
X-fe: 90
Connection: keep-alive
Content-Length: 0

GET
H2

200

user-sync
umto.cnn.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://umto.cnn.com/user-sync?zwmc=$UID&domain=cnn.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fumto.cnn.com%2Fuser-sync%3Fzwmc%3D%24UID%26domain%3Dcnn.com
https://umto.cnn.com/user-sync?zwmc=8906080515655609534&domain=cnn.com

0
156 B

1443ms
318ms

Image
application/octet-stream

52.44.203.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://umto.cnn.com/user-sync?zwmc=8906080515655609534&domain=cnn.com
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 52.44.203.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-203-190.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
server: awselb/2.0
content-length: 0
content-type: application/octet-stream

Redirect headers

Date: Tue, 03 Jan 2023 00:51:15 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 173.245.209.33; 173.245.209.33; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 36788834-fe9e-497e-a81c-d5afd0894ca8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://umto.cnn.com/user-sync?zwmc=8906080515655609534&domain=cnn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK u
bea4.v.fwmrm.net/ad/ 0
411 B 1550ms
264ms Image
text/html 34.223.199.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bea4.v.fwmrm.net/ad/u?mode=echo&cr=https://umto.cnn.com/user-sync%3Fbea4%3D%23%7Buser.id%7D%26domain%3Dcnn.com
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.199.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-199-222.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:16 GMT
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2

200

user-sync
umto.cnn.com/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160262&gdpr=0&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160262%26mpc%3D4%26fp%3D1%26pmc%3DPM_PMC%26%2...
https://image8.pubmatic.com/AdServer/ImgSync?p=160262&gdpr=0&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160262%26mpc%3D4%26fp%3D1%26pmc%3DPM_PMC%26%2...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODAyNzkyNjktMDczOS00NjI1LTkzOTYtOTZFNjI3ODc0RkVG&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODAyNzkyNjktMDczOS00NjI1LTkzOTYtOTZFNjI3ODc0RkVG&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160262&mpc=4&fp=1&pmc=1&&pr=https%3A%2F%2Fumto.cnn.com%2Fuser-sync%3Fdomain%3Dcnn.com%26kfyn%3D80279269-0739-4625-9396-96E627874FEF
https://umto.cnn.com/user-sync?domain=cnn.com&kfyn=80279269-0739-4625-9396-96E627874FEF

0
169 B

317ms
317ms

Image
application/octet-stream

52.44.203.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://umto.cnn.com/user-sync?domain=cnn.com&kfyn=80279269-0739-4625-9396-96E627874FEF
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 52.44.203.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-203-190.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:19 GMT
server: awselb/2.0
content-length: 0
content-type: application/octet-stream

Redirect headers

location: https://umto.cnn.com/user-sync?domain=cnn.com&kfyn=80279269-0739-4625-9396-96E627874FEF
date: Tue, 03 Jan 2023 00:51:19 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

user-sync
umto.cnn.com/
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=cnn
https://umto.cnn.com/user-sync?ifyr=LCFILS5L-1Z-JUDL&domain=cnn.com

0
155 B

1285ms
317ms

Image
application/octet-stream

52.44.203.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://umto.cnn.com/user-sync?ifyr=LCFILS5L-1Z-JUDL&domain=cnn.com
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 52.44.203.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-203-190.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
server: awselb/2.0
content-length: 0
content-type: application/octet-stream

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://umto.cnn.com/user-sync?ifyr=LCFILS5L-1Z-JUDL&domain=cnn.com
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0190a17a18f2299b1b85aeb1793e601c
Expires: 0

GET
H2

200

user-sync
umto.cnn.com/
Redirect Chain

https://eq97f.publishers.tremorhub.com/pubsync?redir=https://umto.cnn.com/user-sync?goiz=%5Btvid%5D%26domain=cnn.com
https://eq97f.publishers.tremorhub.com/pubsync/verify?redir=https://umto.cnn.com/user-sync?goiz=%5Btvid%5D%26domain=cnn.com
https://umto.cnn.com/user-sync?goiz=f96f10d372ed4a66a5c91cca9e63830c&domain=cnn.com

0
165 B

851ms
316ms

Image
application/octet-stream

52.44.203.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://umto.cnn.com/user-sync?goiz=f96f10d372ed4a66a5c91cca9e63830c&domain=cnn.com
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 52.44.203.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-203-190.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
server: awselb/2.0
content-length: 0
content-type: application/octet-stream

Redirect headers

location: https://umto.cnn.com/user-sync?goiz=f96f10d372ed4a66a5c91cca9e63830c&domain=cnn.com
date: Tue, 03 Jan 2023 00:51:16 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2 200 15.css
www.dianomi.com/img/a/pss/3455/ Frame 52B9 3 KB
1 KB 118ms
118ms Stylesheet
text/css 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/3455/15.css

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2233286fd2d163624ded87a963a18fa31c32e3354a45f52d96e502f10fa26d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=7237&numAds=3&cf=1759.524.cnninlt&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7237-Y7N8AYsi75GRi1DALLdAnwAAAD80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 949001
cf-polished: origSize=5945
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 30 Aug 2022 17:09:05 GMT
server: cloudflare
etag: W/"1739-5e77870082f96"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 7837beb0c9af6a45-SYD
expires: Thu, 02 Feb 2023 10:51:14 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 52B9 11 KB
1 KB 566ms
192ms Stylesheet
text/css 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=7237&numAds=3&cf=1759.524.cnninlt&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7237-Y7N8AYsi75GRi1DALLdAnwAAAD80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

ESF /

Resource Hash

143fbc50a692d31c0e600ed1869a3a697b623455cd13498f93cbefc86cfeb803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 00:21:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Jan 2023 00:51:15 GMT

GET
H2 200 viewability11.js Show response
www.dianomi.com/js/ Frame 52B9 8 KB
3 KB 114ms
114ms Script
application/javascript 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability11.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=7237&numAds=3&cf=1759.524.cnninlt&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7237-Y7N8AYsi75GRi1DALLdAnwAAAD80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2
cf-polished: origSize=13022
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:07:22 GMT
server: cloudflare
etag: W/"32de-5eda6eac3f39f"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 7837beb0d9bc6a45-SYD
expires: Tue, 03 Jan 2023 00:53:14 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame 52B9 1 KB
1 KB 111ms
111ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=7237&numAds=3&cf=1759.524.cnninlt&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7237-Y7N8AYsi75GRi1DALLdAnwAAAD80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949581
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
content-length: 1164
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7837beb18a796a45-SYD
expires: Thu, 02 Feb 2023 10:51:14 GMT

GET
H2 200 84x84.jpg
www.dianomi.com/img/a/sav2/282470/3/ Frame 52B9 2 KB
3 KB 120ms
120ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/282470/3/84x84.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0110643755612438fa4b69641c0da7043cf791803d9fec1a7fe0403090747011

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=7237&numAds=3&cf=1759.524.cnninlt&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7237-Y7N8AYsi75GRi1DALLdAnwAAAD80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 84760
cf-polished: qual=85, origFmt=jpeg, origSize=4559
content-disposition: inline; filename="84x84.webp"
content-length: 2404
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Dec 2022 13:12:21 GMT
server: cloudflare
etag: "11cf-5f06a6b4f0ce0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7837beb24b386a45-SYD
expires: Thu, 02 Feb 2023 10:51:14 GMT

GET
H2 200 84x84.jpg
www.dianomi.com/img/a/sav2/281595/6/ Frame 52B9 3 KB
3 KB 122ms
117ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/281595/6/84x84.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

334379ea63e750469a9e1503a9b38bf6a2bbaeda9845a8094ef642a5f5f27329

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=7237&numAds=3&cf=1759.524.cnninlt&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7237-Y7N8AYsi75GRi1DALLdAnwAAAD80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 610169
cf-polished: qual=85, origFmt=jpeg, origSize=15473
content-disposition: inline; filename="84x84.webp"
content-length: 2868
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 12 Dec 2022 08:54:23 GMT
server: cloudflare
etag: "3c71-5ef9da6597bd8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7837beb32c726a45-SYD
expires: Thu, 02 Feb 2023 10:51:15 GMT

GET
H2 200 84x84.jpg
www.dianomi.com/img/a/sav2/199342/4/ Frame 52B9 2 KB
3 KB 118ms
117ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/199342/4/84x84.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

903a3032c094060bf10bbc4a496a822dd1da14ac35d6a761db6ed1f111e0bc13

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=7237&numAds=3&cf=1759.524.cnninlt&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7237-Y7N8AYsi75GRi1DALLdAnwAAAD80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143452
cf-polished: qual=85, origFmt=jpeg, origSize=4771
content-disposition: inline; filename="84x84.webp"
content-length: 2486
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 27 Oct 2022 05:49:26 GMT
server: cloudflare
etag: "12a3-5ebfdb43ecaf0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7837beb3ed3e6a45-SYD
expires: Thu, 02 Feb 2023 10:51:15 GMT

GET
H2 200 19.css
www.dianomi.com/img/a/pss/3395/ Frame 94AD 3 KB
1 KB 114ms
114ms Stylesheet
text/css 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/3395/19.css

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71cd9f4a3d5630f2ec95749e552b00ba52a87ee2751af9ab6e3bfc23b3d1dca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=7244&numAds=6&cf=1759.633.CNNinltrhnew&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7244-Y7N8ATvNHbWhdA7Hrap6ZgAAACM9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 947604
cf-polished: origSize=6100
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 08 Dec 2022 13:21:32 GMT
server: cloudflare
etag: W/"17d4-5ef50ea678ce4"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 7837beb0e9c96a45-SYD
expires: Thu, 02 Feb 2023 10:51:14 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 94AD 11 KB
752 B 557ms
195ms Stylesheet
text/css 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=7244&numAds=6&cf=1759.633.CNNinltrhnew&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7244-Y7N8ATvNHbWhdA7Hrap6ZgAAACM9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

ESF /

Resource Hash

143fbc50a692d31c0e600ed1869a3a697b623455cd13498f93cbefc86cfeb803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 23:31:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Jan 2023 00:51:15 GMT

GET
H2 200 viewability11.js Show response
www.dianomi.com/js/ Frame 94AD 8 KB
3 KB 118ms
117ms Script
application/javascript 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability11.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=7244&numAds=6&cf=1759.633.CNNinltrhnew&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7244-Y7N8ATvNHbWhdA7Hrap6ZgAAACM9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2
cf-polished: origSize=13022
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 09:07:22 GMT
server: cloudflare
etag: W/"32de-5eda6eac3f39f"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 7837beb0e9d96a45-SYD
expires: Tue, 03 Jan 2023 00:53:14 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame 94AD 1 KB
1 KB 110ms
110ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=7244&numAds=6&cf=1759.633.CNNinltrhnew&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7244-Y7N8ATvNHbWhdA7Hrap6ZgAAACM9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949581
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
content-length: 1164
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7837beb1aa8d6a45-SYD
expires: Thu, 02 Feb 2023 10:51:14 GMT

GET
H2 200 140x84.jpg
www.dianomi.com/img/a/sav2/266931/2/ Frame 94AD 6 KB
6 KB 119ms
118ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/266931/2/140x84.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3c2c2b44b4539bb2d0e7a416b8e1762844cc7e6f721e80866bc891141d659b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=7244&numAds=6&cf=1759.633.CNNinltrhnew&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7244-Y7N8ATvNHbWhdA7Hrap6ZgAAACM9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 150185
cf-polished: qual=85, origFmt=jpeg, origSize=11267
content-disposition: inline; filename="140x84.webp"
content-length: 5680
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 18 Nov 2022 00:29:27 GMT
server: cloudflare
etag: "2c03-5edb3cc669e4c"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7837beb25b4c6a45-SYD
expires: Thu, 02 Feb 2023 10:51:14 GMT

GET
H2 200 140x84.jpg
www.dianomi.com/img/a/sav2/282470/3/ Frame 94AD 4 KB
4 KB 117ms
114ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/282470/3/140x84.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e20a542bb43a863d8f2a46dfa5a2f347beb8344dca0b438c9ff72cc8d407d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=7244&numAds=6&cf=1759.633.CNNinltrhnew&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7244-Y7N8ATvNHbWhdA7Hrap6ZgAAACM9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 954674
cf-polished: qual=85, origFmt=jpeg, origSize=6762
content-disposition: inline; filename="140x84.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Dec 2022 16:14:10 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 7837beb32c766a45-SYD
expires: Tue, 10 Jan 2023 00:51:15 GMT

GET
H2 200 140x84.jpg
www.dianomi.com/img/a/sav2/276979/2/ Frame 94AD 4 KB
4 KB 116ms
115ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/276979/2/140x84.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1216cd9c288d5205fcf0f122b46ed0b86d5e1f408b0f958c1b0eef8f1df9f42b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=7244&numAds=6&cf=1759.633.CNNinltrhnew&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7244-Y7N8ATvNHbWhdA7Hrap6ZgAAACM9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 88233
cf-polished: qual=85, origFmt=jpeg, origSize=8336
content-disposition: inline; filename="140x84.webp"
content-length: 4354
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 03 Nov 2022 13:30:05 GMT
server: cloudflare
etag: "2090-5ec90f48c5d30"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7837beb3ed3b6a45-SYD
expires: Thu, 02 Feb 2023 10:51:15 GMT

GET
H2 200 140x84.jpg
www.dianomi.com/img/a/sav2/281432/2/ Frame 94AD 4 KB
5 KB 120ms
119ms Image
image/jpeg 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/281432/2/140x84.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa4bf105e0da221388e26c3a433eb9a5c2501c959ca05a6013b1164cb039f6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=7244&numAds=6&cf=1759.633.CNNinltrhnew&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7244-Y7N8ATvNHbWhdA7Hrap6ZgAAACM9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2220156
cf-polished: degrade=85, origSize=7283, status=webp_bigger
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Dec 2022 04:55:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 7837beb46db56a45-SYD
expires: Tue, 10 Jan 2023 00:51:15 GMT

GET
H2 200 140x84.jpg
www.dianomi.com/img/a/sav2/266046/12/ Frame 94AD 2 KB
2 KB 115ms
113ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/266046/12/140x84.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

880d4ab8e46190569798c999c9f8be9adccfdb14978899b49671957c20b7edab

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=7244&numAds=6&cf=1759.633.CNNinltrhnew&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7244-Y7N8ATvNHbWhdA7Hrap6ZgAAACM9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1302549
cf-polished: qual=85, origFmt=jpeg, origSize=4761
content-disposition: inline; filename="140x84.webp"
content-length: 2170
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Dec 2022 02:07:05 GMT
server: cloudflare
etag: "1299-5efe86d172aa9"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7837beb47dbc6a45-SYD
expires: Thu, 02 Feb 2023 10:51:15 GMT

GET
H2 200 140x84.jpg
www.dianomi.com/img/a/sav2/271996/2/ Frame 94AD 4 KB
4 KB 120ms
118ms Image
image/jpeg 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/271996/2/140x84.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

058201805b2bac2bb296f56af6e6da5e0cb089477919b0163b7d93703b39bebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=7244&numAds=6&cf=1759.633.CNNinltrhnew&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7244-Y7N8ATvNHbWhdA7Hrap6ZgAAACM9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2244480
cf-polished: degrade=85, origSize=7118, status=webp_bigger
content-length: 4171
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Sat, 01 Oct 2022 18:27:14 GMT
server: cloudflare
etag: "1bce-5e9fd4273fb56"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7837beb47dbe6a45-SYD
expires: Thu, 02 Feb 2023 10:51:15 GMT

GET
H2 200 id Show response
smetrics.cnn.com/ 48 B
460 B 606ms
208ms XHR
application/x-javascript 63.140.48.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.cnn.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=7FF852E2556756057F000101%40AdobeOrg&mid=91625621524452046010674888867063744818&ts=1672707074661

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.48.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

4545a2ab1fbb9deeb1ba20bf7bdfdcc0bb9f29a3110440878be269d71e703c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://edition.cnn.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 videofeed-flowplayer.js Show response
www.dianomi.com/js/contextfeed/ Frame A729 33 KB
11 KB 116ms
115ms Script
application/javascript 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20221208165346499

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed.js?v=20221208165346499

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2e2af85599f4930ad66071aeb56cf113c7bca252eb9a13536049aa297402260

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:14 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 12 Dec 2022 14:10:33 GMT
server: cloudflare
etag: W/"8408-5efa2110cc070"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 7837beb109f46a45-SYD
expires: Tue, 03 Jan 2023 00:53:14 GMT

POST
H2 200 tp2 Show response
collector.cdp.cnn.com/com.snowplowanalytics.snowplow/ 2 B
314 B 238ms
235ms XHR
text/plain 76.223.14.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.cdp.cnn.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.14.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a80a9201ee101bbc3.awsglobalaccelerator.com
Software: akka-http/10.2.7 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://edition.cnn.com
date: Tue, 03 Jan 2023 00:51:15 GMT
access-control-allow-credentials: true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server: akka-http/10.2.7
content-length: 2
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 tp2
collector.cdp.cnn.com/com.snowplowanalytics.snowplow/ Frame 0
0 240ms
237ms Preflight 76.223.14.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.cdp.cnn.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.14.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a80a9201ee101bbc3.awsglobalaccelerator.com
Software: akka-http/10.2.7 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://edition.cnn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://edition.cnn.com
access-control-max-age: 600
content-length: 0
date: Tue, 03 Jan 2023 00:51:14 GMT
server: akka-http/10.2.7

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
360 B 323ms
322ms XHR
text/plain 107.23.1.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.1.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-1-183.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 03 Jan 2023 00:51:14 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://edition.cnn.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 784fbd85-a174-4f43-98b7-4531acfd7be7

GET
H/1.1 200
OK p13n.min.js Show response
cdn.boomtrain.com/p13n/cnn/ 80 KB
25 KB 752ms
235ms Script
application/javascript 13.33.88.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.boomtrain.com/p13n/cnn/p13n.min.js
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-10.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be548c881f31d5ab83f259e1dd157db22b44754a0293db5a0cfcacc1f5fbbc64

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: MhJCa_4YxZoe5AMSus9UbHhJ5keFb.sM
Content-Encoding: gzip
Via: 1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
Date: Tue, 03 Jan 2023 00:35:45 GMT
X-Amz-Cf-Pop: SIN2-P2
Age: 930
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 02 Jan 2023 01:42:19 GMT
Server: AmazonS3
ETag: W/"9db82ed910582d63611fb23201c73f29"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
X-Amz-Cf-Id: 0Ajj6DGpZYFML2UydCFDNWtyNx8Hj0toqkCmTZT-rmGwPG6uB8VS4A==

GET
H2 200 controltag.js.d58f47095e6041e576ee04944cca45da Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 98ms
97ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag?confid=tefghq6ia
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Tue, 03 Jan 2023 00:51:14 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1069104
age: 7813641
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 84766
x-served-by: cache-syd10162-SYD
last-modified: Tue, 04 Oct 2022 09:41:11 GMT
x-timer: S1672707075.770435,VS0,VE0
etag: "d58f47095e6041e576ee04944cca45da"
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Fri, 01 Oct 2032 09:41:10 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 196ms
195ms XHR
text/plain 13.33.79.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3288&u=https%3A%2F%2Fedition.cnn.com
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-79-24.sin2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 19:41:16 GMT
via: 1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN2-P2
age: 18597
x-cache: Hit from cloudfront
access-control-allow-origin: https://edition.cnn.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: hBOLcb1bExa8X5BXrALEzzcDFDPFtwQOyXIKec7Ouo_XdZrHgRPcuQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 588ms
195ms XHR
application/javascript 13.33.79.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-79-24.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
date: Mon, 02 Jan 2023 21:25:38 GMT
x-amz-cf-pop: SIN2-P2
age: 12338
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: UNKcrM2897nhuhJBQk_oxO-QxoNKDMgEUYJ8ykD9YQHMcukDips7Cg==

GET
H2 200 smartads_video_json.pl Show response
www.dianomi.com/cgi-bin/ Frame A729 1 KB
1 KB 388ms
388ms XHR
application/json 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/smartads_video_json.pl?id=7235&cf=1759.524.cnninlt&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20221208165346499

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95af746f885f015fe8b39b39d3657adf5c966b6bb94fc04c8e8947fd132b31e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: application/json; charset=utf-8
access-control-allow-origin: https://edition.cnn.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 7837beb1cab86a45-SYD
x-xss-protection: 1; mode=block
expires: Mon, 02 Jan 2023 00:51:14 GMT

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 155 B
489 B 988ms
586ms XHR
text/javascript 13.33.30.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3288&u=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&pid=cTCm2PaAf4l5A&cb=0&ws=1600x1200&v=22.1213.2134&t=1150&slots=%5B%7B%22sd%22%3A%22ad_bnr_atf_01%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22CNNi%2Fbusiness%2Fleaf_ad_bnr_atf_01%22%7D%2C%7B%22sd%22%3A%22ad_rect_atf_01%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22CNNi%2Fbusiness%2Fleaf_ad_rect_atf_01%22%7D%2C%7B%22sd%22%3A%22ad_rect_btf_01%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22CNNi%2Fbusiness%2Fleaf_ad_rect_btf_01%22%7D%5D&pj=%7B%22si_section%22%3A%22CNNi%2Fbusiness%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.30.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-30-231.sin2.r.cloudfront.net
Software: Server /
Resource Hash: bb5a9ef49394269854d05ef5b7ced2135e6414977d934e972eb1d5b35e221233

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
via: 1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN2-P1
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://edition.cnn.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 155
x-amz-cf-id: jhKwEeKHElbAESw1imNy4blCSJyvCWJmp8MKDLvZ8hChu94Sej-JxA==

GET
H/1.1 200
OK turner-47fcf6 Show response
segment-data-us-east.zqtk.net/ 1 KB
1 KB 1011ms
325ms Script
application/javascript 35.170.144.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://segment-data-us-east.zqtk.net/turner-47fcf6?url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/media/sites/js/bundles/business-edition-adfuel.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.144.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-144-17.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fb7ede3d99fd4c83f50f9550b572c5be89a3d4506ac27631c77161ae161a7861

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 03 Jan 2023 00:51:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Jan 2023 22:56:31 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
X-Result-Id: GTjOkdDTTEu
Cache-Control: max-age=14714
Connection: keep-alive
Expires: Tue, 03 Jan 2023 04:56:31 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 1F97 805 B
850 B 98ms
97ms Document
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer: https://edition.cnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 39176053
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 525
content-type: text/html
date: Tue, 03 Jan 2023 00:51:15 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
expires: Fri, 19 Feb 2027 17:50:50 GMT
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 305531
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by: cache-syd10162-SYD
x-timer: S1672707075.027272,VS0,VE0

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 647 B
792 B 597ms
200ms XHR
application/json 18.139.190.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.190.155 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-190-155.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e282047575f8ba5e40ec2b9ec1e26fd8ca0242286f171eeabf5412b758f156c1

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://edition.cnn.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 424

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 855 B
857 B 680ms
283ms XHR
application/json 18.139.190.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.190.155 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-190-155.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 8a0731d660a51919f17f2c78044e1de9e623cedeeae46b089a6cff4189c1558d

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://edition.cnn.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 491

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 473 B
694 B 788ms
394ms XHR
application/json 18.139.190.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.190.155 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-190-155.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 527062a0d5afff8831dda2eaf26a57647ab06e33f7efa9b78237c0616e1775f4

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://edition.cnn.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 327

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 572 B
727 B 821ms
427ms XHR
application/json 18.139.190.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.190.155 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-190-155.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: f68fb4b548f95dd0808ec3ec0841bc305666f37ddaa0c46a60329da6b0bd2147

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://edition.cnn.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 360

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 778 B
806 B 792ms
398ms XHR
application/json 18.139.190.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.190.155 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-190-155.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: c9aa61d4655498896f2ef2cb28faed16ae6913db43e4fec39123f01f8f560ab1

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://edition.cnn.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 439

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 433 B
630 B 786ms
392ms XHR
application/json 18.139.190.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.190.155 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-190-155.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e6667e33c6675780f15dbcb2c08d235095221cdbd24468f4821fd3ecd61f6f08

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://edition.cnn.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 263

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
9 KB 597ms
483ms XHR
application/json 104.254.150.228
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

nginx/1.21.3 /

Resource Hash

1feb343b510764cbbf13e45b10b18ceda0027fea3b8e46c73c0e797b853b6de0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 03 Jan 2023 00:51:15 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 173.245.209.33; 173.245.209.33; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5a5511b1-758b-490d-a669-9c653232be38
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://edition.cnn.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
217 B 984ms
358ms XHR
text/plain 182.161.73.145
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.23.0-pre&cb=24288038358&lsavail=0

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://edition.cnn.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
310 B 539ms
337ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=341938&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2216bdaf419819c7f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%227.23.0-pre%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html%22%2C%22tmax%22%3A1150%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22ad_rect_btf_01%22%2C%22divId%22%3A%22ad_rect_btf_01%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22179f35e108c730d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22341938%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22341939%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22341937%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22CNNi%2Fbusiness%2Fleaf%23bnr_atf_01%22%2C%22tid%22%3A%2281c7e8ee-225e-497e-9730-d1f6ef197791%22%7D%7D%2C%7B%22id%22%3A%222053b1357cd2c7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22341940%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22341940%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22CNNi%2Fbusiness%2Fleaf%23rect_atf_01%22%2C%22tid%22%3A%224f417b82-0446-42bd-9602-c63136d73d13%22%7D%7D%2C%7B%22id%22%3A%2221a990f0b28faaa%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22341942%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22341941%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22CNNi%2Fbusiness%2Fleaf%23rect_btf_01%22%2C%22tid%22%3A%223bc710d4-0d93-45da-9d98-194f66e7b744%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22b651476b-1c03-43cd-92f0-c6f4946c7278%22%7D%7D
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddac113f71795052d78dcf325c7c651880f4088fa92177de1374fc348d036ab7

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWi73vHichpKFP4JaJMJza0iJu1jMAAsOFQO%2FWDA%2BLBqQ%2BL0cQwJ3XoK5GEVq669ByiqYqKtbHl2cyQxZRRoRZ4LP277kSBacTzy2%2FHhPhKNfsnU7ewdz7Rq9bpPKstsm4uDlrxY"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://edition.cnn.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7837beb45926aafb-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
561 B 491ms
290ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=341938&ac=j&sd=1&r=%7B%22id%22%3A%2216bdaf419819c7f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%227.23.0-pre%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html%22%2C%22tmax%22%3A1150%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22ad_rect_btf_01%22%2C%22divId%22%3A%22ad_rect_btf_01%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2219a36668e5db53c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341937%22%2C%22tid%22%3A%2281c7e8ee-225e-497e-9730-d1f6ef197791%22%2C%22gpid%22%3A%22CNNi%2Fbusiness%2Fleaf%23bnr_atf_01%22%7D%2C%22native%22%3A%7B%22request%22%3A%22%7B%5C%22ver%5C%22%3A%5C%221.2%5C%22%2C%5C%22assets%5C%22%3A%5B%7B%5C%22id%5C%22%3A0%2C%5C%22required%5C%22%3A1%2C%5C%22title%5C%22%3A%7B%5C%22len%5C%22%3A80%7D%7D%2C%7B%5C%22id%5C%22%3A1%2C%5C%22required%5C%22%3A1%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A2%7D%7D%2C%7B%5C%22id%5C%22%3A2%2C%5C%22required%5C%22%3A1%2C%5C%22img%5C%22%3A%7B%5C%22type%5C%22%3A3%2C%5C%22wmin%5C%22%3A300%2C%5C%22hmin%5C%22%3A225%2C%5C%22ext%5C%22%3A%7B%5C%22aspectratios%5C%22%3A%5B%5C%224%3A3%5C%22%5D%7D%7D%7D%2C%7B%5C%22id%5C%22%3A3%2C%5C%22required%5C%22%3A1%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A1%7D%7D%2C%7B%5C%22id%5C%22%3A4%2C%5C%22required%5C%22%3A1%2C%5C%22img%5C%22%3A%7B%5C%22type%5C%22%3A1%2C%5C%22wmin%5C%22%3A15%2C%5C%22hmin%5C%22%3A15%2C%5C%22ext%5C%22%3A%7B%5C%22aspectratios%5C%22%3A%5B%5C%221%3A1%5C%22%5D%7D%7D%7D%2C%7B%5C%22id%5C%22%3A5%2C%5C%22required%5C%22%3A0%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A12%7D%7D%5D%2C%5C%22eventtrackers%5C%22%3A%5B%7B%5C%22event%5C%22%3A1%2C%5C%22methods%5C%22%3A%5B1%2C2%5D%7D%5D%2C%5C%22privacy%5C%22%3A1%7D%22%2C%22ver%22%3A%221.2%22%7D%7D%2C%7B%22id%22%3A%222053b1357cd2c7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341940%22%2C%22tid%22%3A%224f417b82-0446-42bd-9602-c63136d73d13%22%2C%22gpid%22%3A%22CNNi%2Fbusiness%2Fleaf%23rect_atf_01%22%7D%2C%22native%22%3A%7B%22request%22%3A%22%7B%5C%22ver%5C%22%3A%5C%221.2%5C%22%2C%5C%22assets%5C%22%3A%5B%7B%5C%22id%5C%22%3A0%2C%5C%22required%5C%22%3A1%2C%5C%22title%5C%22%3A%7B%5C%22len%5C%22%3A80%7D%7D%2C%7B%5C%22id%5C%22%3A1%2C%5C%22required%5C%22%3A1%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A2%7D%7D%2C%7B%5C%22id%5C%22%3A2%2C%5C%22required%5C%22%3A1%2C%5C%22img%5C%22%3A%7B%5C%22type%5C%22%3A3%2C%5C%22wmin%5C%22%3A300%2C%5C%22hmin%5C%22%3A225%2C%5C%22ext%5C%22%3A%7B%5C%22aspectratios%5C%22%3A%5B%5C%224%3A3%5C%22%5D%7D%7D%7D%2C%7B%5C%22id%5C%22%3A3%2C%5C%22required%5C%22%3A1%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A1%7D%7D%2C%7B%5C%22id%5C%22%3A4%2C%5C%22required%5C%22%3A1%2C%5C%22img%5C%22%3A%7B%5C%22type%5C%22%3A1%2C%5C%22wmin%5C%22%3A15%2C%5C%22hmin%5C%22%3A15%2C%5C%22ext%5C%22%3A%7B%5C%22aspectratios%5C%22%3A%5B%5C%221%3A1%5C%22%5D%7D%7D%7D%2C%7B%5C%22id%5C%22%3A5%2C%5C%22required%5C%22%3A0%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A12%7D%7D%5D%2C%5C%22eventtrackers%5C%22%3A%5B%7B%5C%22event%5C%22%3A1%2C%5C%22methods%5C%22%3A%5B1%2C2%5D%7D%5D%2C%5C%22privacy%5C%22%3A1%7D%22%2C%22ver%22%3A%221.2%22%7D%7D%2C%7B%22id%22%3A%22227f7bad0ab42bf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341941%22%2C%22tid%22%3A%223bc710d4-0d93-45da-9d98-194f66e7b744%22%2C%22gpid%22%3A%22CNNi%2Fbusiness%2Fleaf%23rect_btf_01%22%7D%2C%22native%22%3A%7B%22request%22%3A%22%7B%5C%22ver%5C%22%3A%5C%221.2%5C%22%2C%5C%22assets%5C%22%3A%5B%7B%5C%22id%5C%22%3A0%2C%5C%22required%5C%22%3A1%2C%5C%22title%5C%22%3A%7B%5C%22len%5C%22%3A80%7D%7D%2C%7B%5C%22id%5C%22%3A1%2C%5C%22required%5C%22%3A1%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A2%7D%7D%2C%7B%5C%22id%5C%22%3A2%2C%5C%22required%5C%22%3A1%2C%5C%22img%5C%22%3A%7B%5C%22type%5C%22%3A3%2C%5C%22wmin%5C%22%3A300%2C%5C%22hmin%5C%22%3A225%2C%5C%22ext%5C%22%3A%7B%5C%22aspectratios%5C%22%3A%5B%5C%224%3A3%5C%22%5D%7D%7D%7D%2C%7B%5C%22id%5C%22%3A3%2C%5C%22required%5C%22%3A1%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A1%7D%7D%2C%7B%5C%22id%5C%22%3A4%2C%5C%22required%5C%22%3A1%2C%5C%22img%5C%22%3A%7B%5C%22type%5C%22%3A1%2C%5C%22wmin%5C%22%3A15%2C%5C%22hmin%5C%22%3A15%2C%5C%22ext%5C%22%3A%7B%5C%22aspectratios%5C%22%3A%5B%5C%221%3A1%5C%22%5D%7D%7D%7D%2C%7B%5C%22id%5C%22%3A5%2C%5C%22required%5C%22%3A0%2C%5C%22data%5C%22%3A%7B%5C%22type%5C%22%3A12%7D%7D%5D%2C%5C%22eventtrackers%5C%22%3A%5B%7B%5C%22event%5C%22%3A1%2C%5C%22methods%5C%22%3A%5B1%2C2%5D%7D%5D%2C%5C%22privacy%5C%22%3A1%7D%22%2C%22ver%22%3A%221.2%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22b651476b-1c03-43cd-92f0-c6f4946c7278%22%7D%7D
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddac113f71795052d78dcf325c7c651880f4088fa92177de1374fc348d036ab7

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YV501L6KQixmZ5Q0oe5zJK945ANDjbxUI7k4QoG6Rc3rvIfidCkKuruwimfG6IIFIc%2BVElPwIERHWccnuhFfxtu6LyFWKfTANgDCrEy4Ji8y5GOTVKuj5GRh1BWGZ0sU5Ih85lPa"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://edition.cnn.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7837beb45928aafb-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
804 B 866ms
281ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11016&site_id=215622&zone_id=1060940&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&tk_flint=pbjs_lite_v7.23.0-pre&x_source.tid=81c7e8ee-225e-497e-9730-d1f6ef197791&l_pb_bid_id=24fb0c73e33859f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=CNNi%2Fbusiness%2Fleaf%23bnr_atf_01&slots=1&rand=0.774487037595087
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0fc8af2c27a72f9bb8023f643f2779c7c99fc9446ac44d8a251ae7a3c3d6a82d

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:15 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://edition.cnn.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
575 B 926ms
341ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11016&site_id=215622&zone_id=1060940&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&tk_flint=pbjs_lite_v7.23.0-pre&x_source.tid=4f417b82-0446-42bd-9602-c63136d73d13&l_pb_bid_id=25f0ec1afc17b22&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=CNNi%2Fbusiness%2Fleaf%23rect_atf_01&slots=1&rand=0.017037389896948696
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c2268cfb3c41382c1ac0b2146062110bc38c664467eca0f11dfc3c1eb8423937

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:15 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://edition.cnn.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
575 B 876ms
292ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11016&site_id=215622&zone_id=1060942&size_id=15&alt_size_ids=10&p_pos=btf&rf=https%3A%2F%2Fwww.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&tk_flint=pbjs_lite_v7.23.0-pre&x_source.tid=3bc710d4-0d93-45da-9d98-194f66e7b744&l_pb_bid_id=265e8aeeaad504f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=CNNi%2Fbusiness%2Fleaf%23rect_btf_01&slots=1&rand=0.9377750391324806
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 15b0f33a8fb6f8bdfec130d16da75f74c347d335b2e69ba5b0fbfc4423942557

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:15 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://edition.cnn.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 945ms
312ms XHR
text/plain 103.231.98.193
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://edition.cnn.com
date: Tue, 03 Jan 2023 00:51:15 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
402 B 1144ms
380ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

c5e80a271708907f579f8daea76cf223abef8b28d90ad8fe24b89e670f5ef4de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://edition.cnn.com
date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 f3b6d00d-676f-48d8-80ef-2b48af61105e Show response
consumer.krxd.net/consent/get/ 223 B
425 B 240ms
240ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/f3b6d00d-676f-48d8-80ef-2b48af61105e?idt=device&dt=kxcookie&callback=Krux.ns._default.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 00309d431a2fea0063b232b4986e3dcc664e1f7fc5b2d16b3e3356394370edc1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: consumer-a003-pdx-prod.krxd.net, cache-syd10153-SYD
date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-timer: S1672707076.642185,VS0,VE142
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
content-length: 186
x-cache-hits: 0, 1

GET
H2 200 tefghq6ia.js Show response
cdn.krxd.net/controltag/ Frame 1F97 35 KB
8 KB 104ms
104ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/tefghq6ia.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3af5460ab518e05cac5955fe2f639bfdae0250a03d38541656ce0318b1096011

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 678
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-length: 7961
x-served-by: config-service-a002-ash-prod.krxd.net, cache-iad-kiad7000072-IAD, cache-syd10162-SYD
x-response-time: 1
x-do-esi: esi
x-timer: S1672707075.135061,VS0,VE4
etag: "6f4b0e5a126ee75ab71c985ffbbd799f00f09cc1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 42, 1

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 1016 B
1 KB 705ms
225ms XHR
application/json 13.251.90.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=925660&slot=%7Bid:ad_bnr_atf_01,ss:%5B1.1,1.2,320.50,728.90,970.66,970.90,970.250,1.1%5D,p:/8663477/CNNi/business/leaf,t:display%7D&slot=%7Bid:ad_rect_atf_01,ss:%5B1.2,2.2,300.250,300.600,300.850,300.1050,1.1%5D,p:/8663477/CNNi/business/leaf,t:display%7D&slot=%7Bid:ad_rect_btf_01,ss:%5B1.2,300.250,300.251,300.600,300.601,1.1%5D,p:/8663477/CNNi/business/leaf,t:display%7D&slot=%7Bid:ad_nat_btf_01,ss:%5B1.1,1.2,1.1%5D,p:/8663477/CNNi/business/leaf,t:display%7D&slot=%7Bid:ad_ns_atf_01,ss:%5B200.60%5D,p:/8663477/CNNi/business/leaf,t:display%7D&slot=%7Bid:ad_out_vid_01,ss:%5B1.1,320.180,640.360%5D,p:/8663477/CNNi/business/leaf,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=53e3354a-8fd8-668a-332a-46b1cd6349d8&url=https%253A%252F%252Fedition.cnn.com%252F2022%252F12%252F29%252Fbusiness%252Fjeffrey-epstein-jpmorgan-virgin-islands%252Findex.html
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.90.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-90-192.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 77e1e2c8881f4475744ca12147f929cb6dabf758b6764ad39abc21464d68f8f6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
server: nginx
x-server-name: app04.sg.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://edition.cnn.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 dianomi-video.css
www.dianomi.com/css/ Frame A729 7 KB
2 KB 116ms
112ms Stylesheet
text/css 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/css/dianomi-video.css?v=20221212141024069

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20221208165346499

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de315c00c5eb5ad7ad78c165dc1461fc64c936fbe772a4ba78d1290fab5d9d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 5595
cf-polished: origSize=8601
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 08 Dec 2022 16:53:55 GMT
server: cloudflare
etag: W/"2199-5ef53e1eec203"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 7837beb44d726a45-SYD
expires: Tue, 03 Jan 2023 04:51:15 GMT

GET
H2 200 10.css
www.dianomi.com/img/a/pss/2534/ Frame A729 4 KB
1 KB 114ms
110ms Stylesheet
text/css 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2534/10.css

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20221208165346499

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

506a63d2af90215be21cc036bd64c9844cf225a634effe873d120772c6c3ef7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 949219
cf-polished: origSize=5630
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 07 Oct 2022 04:27:35 GMT
server: cloudflare
etag: W/"15fe-5ea6a3aaedad7"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 7837beb44d756a45-SYD
expires: Thu, 02 Feb 2023 10:51:15 GMT

GET
H2 200 reporting-observer.js Show response
www.dianomi.com/js/contextfeed/ Frame A729 616 B
474 B 123ms
120ms Script
application/javascript 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed/reporting-observer.js?v=20221212141024069

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20221208165346499

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f1314977484b794b14e55ddcf03fb39ca95b9c86213f1897c6a64dfffb00016

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 08 Dec 2022 16:53:55 GMT
server: cloudflare
etag: W/"268-5ef53e1ee1a08"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 7837beb44d766a45-SYD
expires: Tue, 03 Jan 2023 00:53:15 GMT

GET
H2 200 flowplayer.css
cdn.flowplayer.com/releases/native/3/stable/style/ Frame A729 45 KB
11 KB 655ms
224ms Stylesheet
text/css 13.33.33.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/style/flowplayer.css
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20221208165346499
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-3.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96234ac86729d6833b645cd2047bd81096a8abc561dbea4b3ceee35629200345

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 3PHBXpyMUtPrdNdVpqge4VvRfu7KsMDN
content-encoding: gzip
via: 1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
date: Mon, 02 Jan 2023 16:12:22 GMT
x-amz-cf-pop: SIN2-P1
age: 31144
x-cache: Hit from cloudfront
last-modified: Tue, 06 Dec 2022 13:15:43 GMT
server: AmazonS3
etag: W/"bf92134f112cf251798e0ba890768af1"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: HAYpW_Jq4RFPWzkjhBuRMlOW2A0V4cZQAF0tOQX_IOaL03CH-arPsw==

GET
H2 200 flowplayer.min.js Show response
cdn.flowplayer.com/releases/native/3/v3.4.1/ Frame A729 72 KB
24 KB 239ms
239ms Script
application/javascript 13.33.33.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/v3.4.1/flowplayer.min.js
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20221208165346499
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-3.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6be23bbf284c6d5884a84a7ca3347075acf5c028f0cb7fcfe6a4b7354071df0a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: AYetg8AOqi.2BIlsvdUy1q0VvTRaIr9z
content-encoding: gzip
via: 1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
date: Mon, 02 Jan 2023 18:51:31 GMT
x-amz-cf-pop: SIN2-P1
age: 21585
x-cache: Hit from cloudfront
last-modified: Mon, 26 Sep 2022 17:58:44 GMT
server: AmazonS3
etag: W/"07e3da6c90c44ca3d032372837e4e582"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: K7-7v3LVTqhCKf-UmLYpmrjnGU5XvaOBhzNgrqFU984ClBuxxJmbew==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A729 372 KB
125 KB 573ms
191ms Script
text/javascript 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20221208165346499

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

sffe /

Resource Hash

72e1fa934e93ff92e04edc940282b3f3c14bf6d8662e563bb94814bca654ce55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126857
x-xss-protection: 0
expires: Tue, 03 Jan 2023 00:51:16 GMT

GET
H2 200 controltag.js.d58f47095e6041e576ee04944cca45da Show response
cdn.krxd.net/ctjs/ Frame 1F97 259 KB
83 KB 98ms
97ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/tefghq6ia.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1069105
age: 7813641
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 84766
x-served-by: cache-syd10162-SYD
last-modified: Tue, 04 Oct 2022 09:41:11 GMT
x-timer: S1672707075.243490,VS0,VE0
etag: "d58f47095e6041e576ee04944cca45da"
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Fri, 01 Oct 2032 09:41:10 GMT

GET
H2 200 pixeljs Show response
data.dianomi.com/frontend/ Frame B44A 4 KB
1 KB 421ms
418ms Script
text/javascript 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x9FD7E9F5BF4B4A93A51512D541FD2378&third_party_tracking=1&consent_string=&smartad_id=10328&partner_id=1759

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b69b54557f095422af577d1b4e5a7557cda636c3e10ebae9c1ca80fc5c3e37b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
via: 1.1 google
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
content-type: text/javascript
cache-control: no-cache, no-store
cf-ray: 7837beb46db76a45-SYD

GET
H2 200 pixeljs Show response
data.dianomi.com/frontend/ Frame 52B9 4 KB
1 KB 419ms
417ms Script
text/javascript 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xC71B9D5922244A9D866CD3703144FD80&third_party_tracking=1&consent_string=&smartad_id=7237&partner_id=1759

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92c9d073a4c615b659c2aec1ad91760fd9ce2a9079ff4ef8424237401027dc9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
via: 1.1 google
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
content-type: text/javascript
cache-control: no-cache, no-store
cf-ray: 7837beb46db96a45-SYD

GET
H2 200 wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfp66_B2sl.woff2
fonts.gstatic.com/s/barlowsemicondensed/v14/ Frame 52B9 21 KB
22 KB 573ms
190ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowsemicondensed/v14/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfp66_B2sl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4111fd22c33853faea503ad59f721eb23f99393cb4b5cd380f7ebc7bf14f7e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 13:48:09 GMT
x-content-type-options: nosniff
age: 471786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21952
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:15:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 13:48:09 GMT

GET
H2 200 wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2
fonts.gstatic.com/s/barlowsemicondensed/v14/ Frame 52B9 21 KB
21 KB 762ms
380ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowsemicondensed/v14/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9302cb5aec72de2f2ff0c475fd3b1518cca263f808bbbf63757c5812b5f8f9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 09:43:00 GMT
x-content-type-options: nosniff
age: 486495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21308
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:14:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 09:43:00 GMT

GET
H2 200 pixeljs Show response
data.dianomi.com/frontend/ Frame 94AD 4 KB
2 KB 407ms
406ms Script
text/javascript 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xE803229B62BD4169BD96AD4A3B711A30&third_party_tracking=1&consent_string=&smartad_id=7244&partner_id=1759

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94c4da0be9b308a3eee98905bbc57ae17f533ba420a1b91b98e3db7c17d56728

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
via: 1.1 google
server: cloudflare
cf-cache-status: DYNAMIC
content-encoding: br
content-type: text/javascript
cache-control: no-cache, no-store
cf-ray: 7837beb47dbf6a45-SYD

GET
H2 200 wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf36y_B2sl.woff2
fonts.gstatic.com/s/barlowsemicondensed/v14/ Frame 94AD 22 KB
22 KB 908ms
529ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowsemicondensed/v14/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRf36y_B2sl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530fab1d3576bb471c5e7334662ab75eb73aa7f80efcd26e56d70c3b45e383d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 23:07:03 GMT
x-content-type-options: nosniff
age: 438252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22324
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:14:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 23:07:03 GMT

GET
H2 200 wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2
fonts.gstatic.com/s/barlowsemicondensed/v14/ Frame 94AD 21 KB
21 KB 834ms
455ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowsemicondensed/v14/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9302cb5aec72de2f2ff0c475fd3b1518cca263f808bbbf63757c5812b5f8f9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dianomi.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 09:43:00 GMT
x-content-type-options: nosniff
age: 486495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21308
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:14:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 09:43:00 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
931 B 304ms
103ms Image
image/gif 104.26.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2606298
x-guploader-uploadid: ADPycdtFHX0TTT7JUlf345IZI-YuHAtHGOhcuV2iYiEohv2Rz_3_r_owODrakMHFU2MZrKa01A0dhkk_TjrXv-C2Uuss3g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DV8PQGgFettJCfh7wehFPR%2F3afuYk6nFx1J%2BqHAJgJuUNsGY2e%2BkpoSqgC%2BRlf0at49V%2BB%2FVIqcURKXOjWDYWFVUKmksbZ64znd%2BAyu1bkZrv%2B3XP37t9uHvje95TPsdcw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7837bebab911aacc-SYD
expires: Sat, 03 Dec 2022 21:16:32 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 577ms
191ms Image
image/x-icon 142.251.12.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f148.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 09:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55565
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Jan 2023 09:25:11 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
324 B 151ms
104ms Image
image/gif 104.26.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7519919833749789
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2606298
x-guploader-uploadid: ADPycdtFHX0TTT7JUlf345IZI-YuHAtHGOhcuV2iYiEohv2Rz_3_r_owODrakMHFU2MZrKa01A0dhkk_TjrXv-C2Uuss3g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggfhrpf39K7GuKn8hk6llYyGUSe1Vd51NyQv%2FaxxSytpPO94hjXR0KNZeQ6QIVe1jUJyBjxTALV2zb%2Fvd0qA22PTDQam7vw2JDTQWEieBEPdcLnhY0SvZ5pGkCcMR08ZBg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7837bebac913aacc-SYD
expires: Sat, 03 Dec 2022 21:16:32 GMT

GET
H2 200 s07153572749932
smetrics.cnn.com/b/ss/aolturnercnnmoney-2010/1/JS-2.17.0-LCXS/ 43 B
320 B 200ms
199ms Image
image/gif 63.140.48.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.cnn.com/b/ss/aolturnercnnmoney-2010/1/JS-2.17.0-LCXS/s07153572749932?AQB=1&ndh=1&pf=1&t=3%2F0%2F2023%200%3A51%3A15%202%200&mid=91625621524452046010674888867063744818&aamlh=9&ce=UTF-8&ns=cnn&pageName=mny%3Ao%3Aedition%3A%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2F&g=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&c.&cm.&ssf=1&.cm&.c&cc=USD&ch=business&server=edition.cnn.com&events=event26&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=business&v1=D%3Dc1&c2=business&v2=D%3Dc2&l2=&c3=virgin%20islands%20attorney%20general%20sues%20jpmorgan%20chase%20over%20banking%20services%20for%20jeffrey%20epstein%20%7C%20cnn%20business&v3=D%3Dc3&c5=CNNMONEY&v5=D%3Dc5&c6=2022%2F12%2F29%7C2022%2F12%2F29&v6=D%3Dc6&c7=andy%20rose&v7=D%3Dc7&v12=0%3D1578%2C1%3D2888%2C2%3D2957%2C3%3D1740%2C4%3D8263%2C5%3D1035%2C6%3D0856%2C7%3D2924%2C8%3D2099%2C9%3D4527%2C10%3D2705%2C11%3D8966%2C12%3D8140%2C13%3D7844%2C14%3D5664%2C15%3D4072%2C16%3D9960%2C17%3D4746%2C18%3D8241%2C19%3D6543&c23=international&v23=D%3Dc23&c26=edition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2F&v26=D%3DpageName&v27=D%3Dch&c28=business%3A&v28=D%3Dc28&v29=D%3Dserver&c30=cnnmoney&v30=D%3Dc30&c32=adbp%3Aarticle_leaf&v32=D%3Dc32&c33=adbp%3Anone&v33=D%3Dc33&c35=launch.cnnbiz.prod.68.20221214&v35=D%3Dc35&c44=article_34813aeb-28b3-c3b8-f62b-5d9bfd435525&v44=business&c46=16727070738061421207478398&v46=D%3Dc46&c48=no%20topics&v48=stellar2.0&v49=archive.cms.cnn.com%2F_pages%2Fh_70df9c63e19a933f1b0ee6efefa68134%40published&c51=business%3A%3A&v51=anonymous&c56=general%20news&v56=D%3Dc56&v61=virgin%20islands%20attorney%20general%20sues%20jpmorgan%20chase%20over%20banking%20services%20for%20jeffrey%20epstein&v89=not%20logged%20in&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=7FF852E2556756057F000101%40AdobeOrg&AQE=1

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.48.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 04 Jan 2023 00:51:15 GMT
server: jag
etag: 3592111092167540736-4619788981989254252
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 02 Jan 2023 00:51:15 GMT

GET
H2 200 f3b6d00d-676f-48d8-80ef-2b48af61105e Show response
consumer.krxd.net/consent/get/ Frame 1F97 223 B
263 B 484ms
282ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/f3b6d00d-676f-48d8-80ef-2b48af61105e?idt=device&dt=kxcookie&callback=Krux.ns._default.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 00309d431a2fea0063b232b4986e3dcc664e1f7fc5b2d16b3e3356394370edc1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: consumer-a003-pdx-prod.krxd.net, cache-syd10153-SYD
date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-timer: S1672707076.600804,VS0,VE184
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
content-length: 186
x-cache-hits: 0, 0

POST
H3 200 1a Show response
i.clean.gg/ 0
15 B 493ms
293ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 494ms
292ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://edition.cnn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 03 Jan 2023 00:51:15 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 480F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=

281 B
410 B

255ms
248ms

Document
text/html

23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Requested by: Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xE803229B62BD4169BD96AD4A3B711A30&third_party_tracking=1&consent_string=&smartad_id=7244&partner_id=1759
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.dianomi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 03 Jan 2023 00:51:16 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 03 Jan 2023 00:51:16 GMT
location: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
server: AkamaiGHost

GET
H2 200 pixel Show response
data.dianomi.com/frontend/ Frame 94AD 0
44 B 400ms
393ms XHR
text/plain 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.dianomi.com/frontend/pixel?r=https%3A%2F%2Fedition.cnn.com%2F&can_programmatic=1&geo_country=9&smartad_variant_id=9633&device_type=computer&organization=netprotect&magnite_site_id=397002&referer=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&geo_state=new%20south%20wales&publisher_id=1759&adgroup_ids=120021%2C117246%2C110825%2C111398%2C105667%2C114524&impression_id=Y7N8AR4eup8gxOQkc03FqwAAABs&adgroup_variant_ids=282470%2C276979%2C266046%2C266931%2C281432%2C271996&geo_ccod=au&geo_dma=&hosting_facility=0&include_rtb=1&smartad_id=7244

Requested by

Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xE803229B62BD4169BD96AD4A3B711A30&third_party_tracking=1&consent_string=&smartad_id=7244&partner_id=1759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 0
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.dianomi.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7837beb7184d6a45-SYD
access-control-allow-headers: dianomi-force-dmp

GET
H3

404

liveramp.com
pippio.com/api/sync/ Frame 94AD
Redirect Chain

https://idsync.rlcdn.com/425276.gif?partner_uid=fdf5525eb1171db0254a1c60efa7bb24
https://idsync.rlcdn.com/1000.gif?memo=CLz6GRIsCigIARDX7wEaIGZkZjU1MjVlYjExNzFkYjAyNTRhMWM2MGVmYTdiYjI0EAAaDQiD-M2dBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=363d3e65a44d7940eac3f19bcb900be1e2707000be92f187b890756a2fe7cfd2791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzNjNkM2U2NWE0NGQ3OTQwZWFjM2YxOWJjYjkwMGJlMWUyNzA3MDAwYmU5MmYxODdiODkwNzU2YTJmZTdjZmQyNzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzNjNkM2U2NWE0NGQ3OTQwZWFjM2YxOWJjYjkwMGJlMWUyNzA3MDAwYmU5MmYxODdiODkwNzU2YTJmZTdjZmQyNzkxNDI2YjU0MTdkY2UyMRAAGgwIhfjNnQYSBAgCEABCAEoA&goog...
https://pippio.com/api/sync/liveramp.com

0
0

268ms
268ms

Image
text/plain

107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync/liveramp.com
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=7244&numAds=6&cf=1759.633.CNNinltrhnew&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7244-Y7N8ATvNHbWhdA7Hrap6ZgAAACM9
Protocol: H3
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date: Tue, 03 Jan 2023 00:51:17 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: liveramp.com
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

bidswitch
data.dianomi.com/frontend/ Frame 94AD
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
https://data.dianomi.com/frontend/bidswitch?uid=d3d875d8-4851-4570-b0ce-32e5766f697e&cookie_age=0

68 B
165 B

399ms
397ms

Image
image/png

104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.dianomi.com/frontend/bidswitch?uid=d3d875d8-4851-4570-b0ce-32e5766f697e&cookie_age=0

Requested by

Protocol

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 68
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7837bec11abc6a45-SYD
access-control-allow-headers: dianomi-force-dmp

Redirect headers

Location: https://data.dianomi.com/frontend/bidswitch?uid=d3d875d8-4851-4570-b0ce-32e5766f697e&cookie_age=0
Date: Tue, 03 Jan 2023 00:51:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

bidswitch
data.dianomi.com/frontend/ Frame 52B9
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
https://data.dianomi.com/frontend/bidswitch?uid=d3d875d8-4851-4570-b0ce-32e5766f697e&cookie_age=0

68 B
333 B

397ms
396ms

Image
image/png

104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.dianomi.com/frontend/bidswitch?uid=d3d875d8-4851-4570-b0ce-32e5766f697e&cookie_age=0

Requested by

Protocol

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 68
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7837bec11abd6a45-SYD
access-control-allow-headers: dianomi-force-dmp

Redirect headers

Location: https://data.dianomi.com/frontend/bidswitch?uid=d3d875d8-4851-4570-b0ce-32e5766f697e&cookie_age=0
Date: Tue, 03 Jan 2023 00:51:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame DFC2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=

281 B
410 B

254ms
247ms

Document
text/html

23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Requested by: Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xC71B9D5922244A9D866CD3703144FD80&third_party_tracking=1&consent_string=&smartad_id=7237&partner_id=1759
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.dianomi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 03 Jan 2023 00:51:16 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 03 Jan 2023 00:51:16 GMT
location: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
server: AkamaiGHost

GET
H2 200 pixel Show response
data.dianomi.com/frontend/ Frame 52B9 0
44 B 400ms
396ms XHR
text/plain 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.dianomi.com/frontend/pixel?r=https%3A%2F%2Fedition.cnn.com%2F&can_programmatic=1&geo_country=9&smartad_variant_id=9626&device_type=computer&organization=netprotect&magnite_site_id=397002&referer=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&geo_state=new%20south%20wales&publisher_id=1759&adgroup_ids=82470%2C120021%2C119793&impression_id=Y7N8AeUTNBrYz2oBTOEZigAAACE&adgroup_variant_ids=199342%2C282470%2C281595&geo_ccod=au&geo_dma=&hosting_facility=0&include_rtb=1&smartad_id=7237

Requested by

Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xC71B9D5922244A9D866CD3703144FD80&third_party_tracking=1&consent_string=&smartad_id=7237&partner_id=1759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 0
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.dianomi.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7837beb7184e6a45-SYD
access-control-allow-headers: dianomi-force-dmp

GET
H3

200

396846.gif
idsync.rlcdn.com/ Frame 52B9
Redirect Chain

https://idsync.rlcdn.com/425276.gif?partner_uid=4a9c879306eb72b03c42b9587382efe7
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=fe6b8b55-8a85-4be3-8cbe-2e5b3178c732

42 B
60 B

275ms
275ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=fe6b8b55-8a85-4be3-8cbe-2e5b3178c732
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=7237&numAds=3&cf=1759.524.cnninlt&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-7237-Y7N8AYsi75GRi1DALLdAnwAAAD80
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Tue, 03 Jan 2023 00:51:16 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=fe6b8b55-8a85-4be3-8cbe-2e5b3178c732
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

bidswitch
data.dianomi.com/frontend/ Frame B44A
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
https://data.dianomi.com/frontend/bidswitch?uid=d3d875d8-4851-4570-b0ce-32e5766f697e&cookie_age=0

68 B
131 B

401ms
400ms

Image
image/png

104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.dianomi.com/frontend/bidswitch?uid=d3d875d8-4851-4570-b0ce-32e5766f697e&cookie_age=0

Requested by

Protocol

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 68
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7837bec11abf6a45-SYD
access-control-allow-headers: dianomi-force-dmp

Redirect headers

Location: https://data.dianomi.com/frontend/bidswitch?uid=d3d875d8-4851-4570-b0ce-32e5766f697e&cookie_age=0
Date: Tue, 03 Jan 2023 00:51:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame A766
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=

281 B
410 B

254ms
249ms

Document
text/html

23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Requested by: Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x9FD7E9F5BF4B4A93A51512D541FD2378&third_party_tracking=1&consent_string=&smartad_id=10328&partner_id=1759
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.dianomi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 03 Jan 2023 00:51:16 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 03 Jan 2023 00:51:16 GMT
location: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
server: AkamaiGHost

GET
H2 200 pixel Show response
data.dianomi.com/frontend/ Frame B44A 0
112 B 395ms
392ms XHR
text/plain 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.dianomi.com/frontend/pixel?r=https%3A%2F%2Fedition.cnn.com%2F&can_programmatic=1&geo_country=9&smartad_variant_id=12885&device_type=computer&organization=netprotect&magnite_site_id=397002&referer=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&geo_state=new%20south%20wales&publisher_id=1759&adgroup_ids=&impression_id=Y7N8AUcQWtk0PZkEh-lv8AAAADE&adgroup_variant_ids=&geo_ccod=au&geo_dma=&hosting_facility=0&include_rtb=0&smartad_id=10328

Requested by

Host: data.dianomi.com
URL: https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x9FD7E9F5BF4B4A93A51512D541FD2378&third_party_tracking=1&consent_string=&smartad_id=10328&partner_id=1759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 0
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.dianomi.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7837beb718506a45-SYD
access-control-allow-headers: dianomi-force-dmp

GET
H3

200

458249.gif
idsync.rlcdn.com/ Frame B44A
Redirect Chain

https://idsync.rlcdn.com/425276.gif?partner_uid=7a484648117a4395a84edd714d85b85d
https://pippio.com/api/sync?pid=5324&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIhPjNnQYSBAgCEABCAEoA
https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIhPjNnQYSBAgCEABCAEoA&google_error=3
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=dd154850-7b6e-4045-90c5-3e46181c389d

42 B
60 B

275ms
275ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=dd154850-7b6e-4045-90c5-3e46181c389d
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=10328&numAds=1&cf=1759.524.cnninlt&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&unitId=dianomi-10328-Y7N8AYsi75GRi1DALLdAnwAAAD81
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=dd154850-7b6e-4045-90c5-3e46181c389d
date: Tue, 03 Jan 2023 00:51:17 GMT
via: 1.1 google
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
content-type: text/html; charset=utf-8

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 1F97
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UFM2dW9GcGU
https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=UFM2dW9GcGU&google_tc=
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEBCX1t-HhxzBcEjx5IpM6xI&google_cver=1

0
337 B

274ms
274ms

Image
text/plain

52.41.136.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEBCX1t-HhxzBcEjx5IpM6xI&google_cver=1
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 52.41.136.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-136-75.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n002-pdx-prod.krxd.net
date: Tue, 03 Jan 2023 00:51:17 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1672707077
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEBCX1t-HhxzBcEjx5IpM6xI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame 1F97 42 B
297 B 277ms
276ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=PS6uoFpe
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 26357
stags.bluekai.com/site/ Frame 1F97 62 B
428 B 779ms
373ms Image
image/gif 23.8.97.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/26357?id=PS6uoFpe
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.8.97.76 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-8-97-76.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 03 Jan 2023 00:51:16 GMT
content-length: 62
content-type: image/gif

GET
H2 204 load
loadm.exelator.com/ Frame 1F97 0
324 B 815ms
263ms Image
text/plain 54.150.10.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load?_kdpid=e4942ff0-4070-4896-a7ef-e6a5a30ce9f9&buid=PS6uoFpe&p=204&g=270&j=0
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.10.110 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-10-110.ap-northeast-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

204

9
sync.search.spotxchange.com/audience_sync/ Frame 1F97
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=spotx
https://sync.search.spotxchange.com/audience_sync/9?uid=PS6uoFpe

0
505 B

198ms
197ms

Image
text/plain

103.71.26.125
SPOTX-AS-AP SpotX...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/audience_sync/9?uid=PS6uoFpe
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: HTTP/1.1
Server: 103.71.26.125 , Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 03 Jan 2023 00:51:17 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 45
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://sync.search.spotxchange.com/audience_sync/9?uid=PS6uoFpe
date: Tue, 03 Jan 2023 00:51:16 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a009-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 1F97
Redirect Chain

https://bea4.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dfreewheel%26partner_uid%3D%23%7Buser.id%7D
https://beacon.krxd.net/usermatch.gif?partner=freewheel&partner_uid=w82c8_7184222182913424031

0
338 B

859ms
279ms

Image
text/plain

52.41.136.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=freewheel&partner_uid=w82c8_7184222182913424031
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 52.41.136.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-136-75.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n010-pdx-prod.krxd.net
date: Tue, 03 Jan 2023 00:51:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1672707076
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:16 GMT
Content-Type: text/html
Location: https://beacon.krxd.net/usermatch.gif?partner=freewheel&partner_uid=w82c8_7184222182913424031
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 1F97
Redirect Chain

https://ps.eyeota.net/match?bid=i0r4o4v&uid=PS6uoFpe
https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=PS6uoFpe
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlF3UFpPaGRWanlCTUI3VFlEcmFtSHhtM1p4elFXYVc3WWF3X3hPSkJ4VWM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=i0r4o4v&google_gid=CAESEBSfsPvANyo5fWMKIjaWNo0&google_cver=1
https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26
https://ps.eyeota.net/match?uid=8906080515655609534&bid=2cr76e1&dc_rc=2&dc_mr=5&dc_orig=i0r4o4v&
https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26
https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26
https://ps.eyeota.net/match?bid=9sn4omv&uid=c7Dw6d8D1Pcvwq5&newuser=1&dc_rc=3&dc_mr=5&dc_orig=i0r4o4v&
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=4&dc_mr=5&dc_orig=i0r4o4v&
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=8148565974731273334&newuser=1&dc_rc=4&dc_mr=5&dc_orig=i0r4o4v&
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=7625981f-53e3-4e76-986a-4c6debaf17a1&bid=1e2n4ou

70 B
440 B

204ms
204ms

Image
image/gif

54.251.140.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=7625981f-53e3-4e76-986a-4c6debaf17a1&bid=1e2n4ou
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: HTTP/1.1
Server: 54.251.140.206 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 03 Jan 2023 00:51:20 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:20 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ps.eyeota.net/match?uid=7625981f-53e3-4e76-986a-4c6debaf17a1&bid=1e2n4ou
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 191

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 1F97
Redirect Chain

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
https://beacon.krxd.net/usermatch.gif?adnxs_uid=8906080515655609534

0
337 B

875ms
280ms

Image
text/plain

52.41.136.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?adnxs_uid=8906080515655609534
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 52.41.136.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-136-75.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n014-pdx-prod.krxd.net
date: Tue, 03 Jan 2023 00:51:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1672707076
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Tue, 03 Jan 2023 00:51:16 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 173.245.209.33; 173.245.209.33; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 523cffcb-a423-4a3e-8972-111c864bb71d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://beacon.krxd.net/usermatch.gif?adnxs_uid=8906080515655609534
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK mapuid
ib.adnxs.com/ Frame 1F97 43 B
1 KB 390ms
237ms Image
image/gif 104.254.150.228
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/mapuid?member=1780&user=PS6uoFpe

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:16 GMT
AN-X-Request-Uuid: 0e8bff2d-2bfa-40cb-a126-53d4a1eef875
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 173.245.209.33; 173.245.209.33; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ Frame 1F97 31 KB
11 KB 299ms
98ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?302023
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:15:36 GMT
content-encoding: br
age: 2140
x-guploader-uploadid: ADPycdvZr_JlNNp7b-ktgDXLKsEbD8Whq0N-JAvyE6Pt5iB0Uq1F51_JvrbiG6ztOzdDhZgV1MiVjwztcIkZeiFTu73SxIohqVio
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10465
last-modified: Tue, 09 Aug 2022 21:49:07 GMT
server: UploadServer
etag: W/"fe36d3317b1b052708eb2260e253aa63"
vary: Accept-Encoding
x-goog-generation: 1660081747697868
x-goog-hash: crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
content-type: application/javascript
cache-id: SYD-85eb07e
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: none

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 1F97 0
447 B 785ms
195ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 0ed95c36ed1932be3ba76fc523a6e179
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sync
sync.navdmp.com/ Frame 1F97
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=navegg
https://sync.navdmp.com/sync?prtid=30&salid=PS6uoFpe

6 B
133 B

667ms
464ms

Image
application/javascript

104.16.12.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?prtid=30&salid=PS6uoFpe
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 104.16.12.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7837bec0fc3caac4-SYD
content-length: 6
content-type: application/javascript

Redirect headers

location: https://sync.navdmp.com/sync?prtid=30&salid=PS6uoFpe
date: Tue, 03 Jan 2023 00:51:16 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a019-ash-prod.krxd.net

GET
H2

200

RX-a8552f0b-08e4-44ca-8aed-38a4655f0607-004
sync.targeting.unrulymedia.com/csync/ Frame 1F97
Redirect Chain

https://sync.1rx.io/usersync/krux/PS6uoFpe?dspret=1
https://sync.1rx.io/usersync/krux/PS6uoFpe?zcc=1&cb=1672707076774
https://sync.targeting.unrulymedia.com/csync/RX-a8552f0b-08e4-44ca-8aed-38a4655f0607-004

43 B
378 B

577ms
191ms

Image
image/gif

74.118.186.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-a8552f0b-08e4-44ca-8aed-38a4655f0607-004
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 74.118.186.45 , Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-a8552f0b-08e4-44ca-8aed-38a4655f0607-004
pragma: no-cache
date: Tue, 03 Jan 2023 00:51:17 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET a.gif
kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/ Frame 1F97 0
0

GET
H2

200

tpid=PS6uoFpe
sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/ Frame 1F97
Redirect Chain

https://sync.crwdcntrl.net/map/c=9164/TP=KRUX/tpid=PS6uoFpe
https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/tpid=PS6uoFpe

49 B
543 B

205ms
205ms

Image
image/gif

54.169.2.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/tpid=PS6uoFpe
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 54.169.2.85 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-2-85.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:17 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.18.13
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:17 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/tpid=PS6uoFpe
cache-control: no-cache
x-server: 10.42.16.75
content-length: 0
expires: 0

GET
H/1.1 200
OK pxj
ib.adnxs.com/ Frame 1F97 43 B
890 B 245ms
244ms Image
image/gif 104.254.150.228
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/pxj?bidder=140&seg=381342&action=setuid(%27PS6uoFpe%27)&bust=1672707076

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:16 GMT
AN-X-Request-Uuid: 51e7d806-8ae3-4472-9eda-fad95307e45d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 173.245.209.33; 173.245.209.33; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 1F97
Redirect Chain

https://sync.im-apps.net/imid/redirect?cid=1000751&tid=sfid
https://beacon.krxd.net/usermatch.gif?partner=intimatemerger&partner_uid=uZODeAiVQFWUgLSPY9ZR0w

0
337 B

274ms
274ms

Image
text/plain

52.41.136.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=intimatemerger&partner_uid=uZODeAiVQFWUgLSPY9ZR0w
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 52.41.136.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-136-75.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n017-pdx-prod.krxd.net
date: Tue, 03 Jan 2023 00:51:17 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1672707077
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?partner=intimatemerger&partner_uid=uZODeAiVQFWUgLSPY9ZR0w
Date: Tue, 03 Jan 2023 00:51:17 GMT
Cache-Control: private, max-age=3000
Connection: keep-alive
Content-Length: 0

GET
H3

200

ps
tag.yieldoptimizer.com/ps/ Frame 1F97
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adara
https://tag.yieldoptimizer.com/ps/ps?t=s&p=2818&uid=PS6uoFpe
https://tag.yieldoptimizer.com/ps/ps?tc=291280564&t=s&p=2818&uid=PS6uoFpe

162 B
162 B

391ms
192ms

Image
text/javascript

35.190.20.9
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=291280564&t=s&p=2818&uid=PS6uoFpe
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H3
Server: 35.190.20.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.20.190.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:17 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: text/javascript;charset=ISO-8859-1
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:17 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=291280564&t=s&p=2818&uid=PS6uoFpe
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET dmp_uid
collector.effectivemeasure.net/sync_webhook/salesforce/ Frame 1F97 0
0

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 74E9
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&dcc=t

325 B
1 KB

351ms
350ms

Document
text/html

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&dcc=t

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

f9b5efad6229c66c898c766813b8257ebc95b8ef9899e2ca8f063d7a94fd9bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://edition.cnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 325
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 03 Jan 2023 00:51:17 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: WR75W4BJBH1MTR727SKY

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 03 Jan 2023 00:51:17 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 91X3558F10VD36RB7PS5

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 586ms
193ms Script
application/javascript 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=edition.cnn.com

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 577ms
193ms Script
application/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=edition.cnn.com

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 134 KB
23 KB 565ms
565ms XHR
text/plain 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1983139644857659&correlator=3799732343039318&eid=31071093%2C31071256&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&us_privacy=1---&iu_parts=8663477%2CCNNi%2Cbusiness%2Cleaf&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C970x250%7C970x90%7C970x66%7C728x90%7C1x2%7C1x1%2C320x50%7C300x1050%7C300x850%7C300x600%7C300x250%7C1x2%2C320x50%7C300x601%7C300x600%7C300x251%7C300x250%7C1x2%2C320x50%7C1x2%7C1x1%2C200x60%2C640x360%7C1x1&fluid=height%2Cheight%2Cheight%2Cheight%2C0%2C0&ifi=1&adks=1835644374%2C3953840843%2C3503370927%2C1657970319%2C2797156910%2C2479049009&didk=998842919~3084472110~2751159218~1728207678~3451467994~2276852663&sfv=1-0-40&prev_scp=pos%3Dbnr_atf_01%26amznbid%3D2%26amznp%3D2%26id%3Dba19ff6f-8b00-11ed-963d-0264d93e907e%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26amzniid%3D%26amznsz%3D0x0%7Cpos%3Drect_atf_01%26amznbid%3D2%26amznp%3D2%26id%3Dba19ff70-8b00-11ed-963d-0264d93e907e%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26amzniid%3D%26amznsz%3D0x0%7Cpos%3Drect_btf_01%26amznbid%3D2%26amznp%3D2%26id%3Dba19ff71-8b00-11ed-963d-0264d93e907e%26vw%3D40%2C50%26amzniid%3D%26amznsz%3D0x0%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.15%26hb_adid_appnexus%3D3191982c6601cc3%26hb_bidder_appnexus%3Dappnexus%7Cpos%3Dnat_btf_01%26id%3Dba19ff72-8b00-11ed-963d-0264d93e907e%7Cpos%3Dns_atf_01%26id%3Dba19ff73-8b00-11ed-963d-0264d93e907e%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cpos%3Dout_vid_01%26id%3Dba19ff74-8b00-11ed-963d-0264d93e907e&eri=1&cust_params=wm_vw%3Dstlr%26transId%3D16727070758542796051403516%26prx_to%3D1%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_581_KW%252CIAS_1506123_PG%252CIAS_7342_KW%252CIAS_66_KW%252CIAS_1500690_PG%252CIAS_3469_KW%252CIAS_1507080_PG%252CIAS_1230_KW%252CIAS_1199_KW%252CIAS_7294_KW%252CIAS_9499_KW%252CIAS_18895_1753_KW%252CIAS_4836_KW%252CIAS_7045_KW%252CIAS_809_KW%252CIAS_1507654_PG%252CIAS_1507653_PG%252CIAS_1508285_PG%252CIAS_5445_KW%26hbg%3DEU%26ksg%3D%26source_id%3Darticle_34813AEB-28B3-C3B8-F62B-5D9BFD435525%26short_source_id%3Dar_34813AEB-28B3-C3B8-F62B-5D9BFD435525%26cdpfl%3Dhhfff-lrfff%26wmsegs%3D%26guid%3D63b37c020cbd630a3f8e290013316679%26protocol%3Dssl%26refdom%3Dother%26spec%3D%26pg%3Darticle_leaf&sc=1&cookie_enabled=1&abxe=1&dt=1672707076035&lmt=1672707076&dlt=1672707070461&idt=4243&adxs=-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933&adys=-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&frm=20&vis=1&psz=1600x-1%7C336x4%7C336x4%7C0x0%7C0x0%7C0x0&msz=0x-1%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=644%2C644%2C644%2C132%2C132%2C132&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=63431388.1672707076&ga_sid=1672707076&ga_hid=1234525168&ga_fc=false&cbidsp=CsEBCAESEwoMc2hhcmV0aHJvdWdoELsGIAISEwoMc2hhcmV0aHJvdWdoELsGIAISDwoIYXBwbmV4dXMQ3QQgAhINCgZjcml0ZW8Q3AcgAhIJCgJpeBChBCACEgkKAml4EKEEIAISCQoCaXgQoQQgAhIOCgdydWJpY29uEKMHIAISDwoIcHVibWF0aWMQtgcgAhgCIiQ4MWM3ZThlZS0yMjVlLTQ5N2UtOTczMC1kMWY2ZWYxOTc3OTEqBAgDIABKAED-CA..~CqsBCAESEwoMc2hhcmV0aHJvdWdoELsGIAISEwoMc2hhcmV0aHJvdWdoELsGIAISDwoIYXBwbmV4dXMQ3QQgAhINCgZjcml0ZW8Q3AcgAhIJCgJpeBChBCACEg4KB3J1Ymljb24QowcgAhIPCghwdWJtYXRpYxC2ByACGAIiJDRmNDE3YjgyLTA0NDYtNDJiZC05NjAyLWM2MzEzNmQ3M2QxMyoECAMgAEoAQP4I~Cs4CCAESEwoMc2hhcmV0aHJvdWdoELsGIAISEwoMc2hhcmV0aHJvdWdoELsGIAISpgEKCGFwcG5leHVzENsEGpQBCg8zMTkxOTgyYzY2MDFjYzMQrakJGgNVU0QiEmhiX2JpZGRlcl9hcHBuZXh1cyIQaGJfYWRpZF9hcHBuZXh1cyIOaGJfcGJfYXBwbmV4dXMiEGhiX3NpemVfYXBwbmV4dXMiEmhiX3NvdXJjZV9hcHBuZXh1cyISaGJfZm9ybWF0X2FwcG5leHVzKAE6BgisAhDYBCABEg0KBmNyaXRlbxDcByACEgkKAml4EKEEIAISCQoCaXgQoQQgAhIOCgdydWJpY29uEKMHIAISDwoIcHVibWF0aWMQtgcgAhgCIiQzYmM3MTBkNC0wZDkzLTQ1ZGEtOWQ5OC0xOTRmNjZlN2I3NDQqBAgDIABKAED-CA..~~~

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

cafe /

Resource Hash

5bde06f5992f3fb6be2a177208d5ffa2ef7a71468edc3188619c4e8a549c1653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23344
x-xss-protection: 0
google-lineitem-id: 6181062696,6181062696,4941921533,-2,-2,6059072529
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138417680837,138417680834,138258660467,-2,-2,138397584362
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://edition.cnn.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
510c3175b65350249b6687330b9e84ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B66C 6 KB
3 KB 582ms
191ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://510c3175b65350249b6687330b9e84ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edition.cnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Jan 2023 00:51:16 GMT
expires: Wed, 03 Jan 2024 00:51:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ 137 B
452 B 1345ms
342ms XHR
application/json 23.22.46.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiMWQ1ZTcwNDAtZTU1Yi00YmYxLWIxNjUtNjRkZjcwNTY5NmIzOjE2NzI3MDcwNzMuNzIxNTA2OCJ9fQ%3D%3D&site_id=cnn
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.46.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-46-186.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 50d075ff162fd4b9df3cc80339d9764eac4415a7875050eb48f3702809b74402

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 03 Jan 2023 00:51:17 GMT
Server: nginx
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length: 137

GET
H3 200 ui Show response
registry.api.cnn.io/bundles/fave/ui-e1c2b922/ 429 KB
120 KB 98ms
98ms Script
application/javascript 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://registry.api.cnn.io/bundles/fave/ui-e1c2b922/ui
Requested by: Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fa18840f88fd0b61330f628cc89e2252d99af01ce97676c14e1c18ebfb98294

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: Y0M98MCJXES8EDFG
age: 1203
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 122443
x-amz-id-2: TsuhUAP5ow3P/2+S9BhomAvwlpGf8gKnQycqdCvCK77KyRpwp2e/9L0E2RIxx2UHkFozx6lHYO0=
x-served-by: cache-iad-kiad7000084-IAD, cache-syd10180-SYD
last-modified: Tue, 20 Dec 2022 18:08:19 GMT
server: AmazonS3
x-timer: S1672707076.208980,VS0,VE0
vary: origin,accept-encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 199, 4

GET
H2 200 video Show response
fave.api.cnn.io/v1/ 4 KB
2 KB 336ms
99ms XHR
application/json 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fave.api.cnn.io/v1/video?id=business/2021/11/01/barclays-ceo-jes-staley-jeffrey-epstein.cnnbusiness&customer=cnn&edition=domestic&env=prod
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 640ddb2f838627e96786a0e66900c7b84857bb0200667288457fde64789a752e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100146-IAD, cache-syd10178-SYD
date: Tue, 03 Jan 2023 00:51:16 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3488
x-timer: S1672707076.478858,VS0,VE1
vary: origin,accept-encoding, Accept-Encoding
x-cache: HIT, HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=60
accept-ranges: bytes
content-length: 1592
x-cache-hits: 13, 1

POST
H/1.1 200 963.json Show response
id5-sync.com/g/v2/ 461 B
1 KB 1157ms
387ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/963.json

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e6f6447ebd757fb43d0977a7a1d8be5f1e6b9a6e7c4a8986b174641df1ed5059

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://edition.cnn.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ 88 KB
29 KB 933ms
309ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 Jan 2023 00:51:17 GMT

GET
H3 200 utsync.ashx Show response
ml314.com/ Frame 1F97 270 B
292 B 302ms
103ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=748&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fcdn.krxd.net%2Fpartnerjs%2Fxdi%2Fproxy.3d2100fd7107262ecb55ce6847f01fa5.html%23!kxcid%3Dtefghq6ia%26kxt%3Dhttps%253A%252F%252Fedition.cnn.com%26kxcl%3Dcdn%26kxp%3D&pv=1672707076223_5blfqclos&bl=en-us&cb=4539708&return=https%3A%2F%2Fml314.com%2Fcsync.ashx%3Ffp%3DPS6uoFpe%26person_id%3D%5BPersonID%5D%26eid%3D748%26return%3Dhttps%253A%252F%252Fbeacon.krxd.net%252Fusermatch.gif%253Fpartner%253Dmadisonlogic%2526partner_uid%253D%5BPersonID%5D&ht=&d=&dc=&si=1672707076223_5blfqclos&cid=&s=1600x1200&rp=https%3A%2F%2Fedition.cnn.com%2F&v=2.5.2.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?302023
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 30856a03dcb2aab2a94d2e8dae6f2b7cd4a43400fd09188bd60926b1bd6480f0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:15 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 270
expires: 0

GET
H2 200 180511194112-barclays-ceo-staley.jpg
media.cnn.com/api/v1/images/stellar/prod/ 43 KB
43 KB 99ms
99ms Image
image/jpeg 151.101.195.5
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.cnn.com/api/v1/images/stellar/prod/180511194112-barclays-ceo-staley.jpg?q=x_0,y_156,h_1857,w_3300,c_crop/h_540,w_960
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.5 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 424a01412b98352c082f54895440661e2d0fecbd2d90a374c7b507b182d654db

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100178-IAD, cache-syd10156-SYD
date: Tue, 03 Jan 2023 00:51:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 42161
x-timer: S1672707077.589105,VS0,VE1
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-content-hub-dam: build-env=prod; unique-deployment-key=dam0002; build-version=v2.35.0; build-commit-hash=6d393567f
accept-ranges: bytes
content-length: 43790
x-cache-hits: 31, 1

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 1F97
Redirect Chain

https://ml314.com/csync.ashx?fp=PS6uoFpe&person_id=3632613727204802565&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3632613727204802565
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3632613727204802565

0
337 B

422ms
280ms

Image
text/plain

52.41.136.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3632613727204802565
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 52.41.136.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-136-75.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n011-pdx-prod.krxd.net
date: Tue, 03 Jan 2023 00:51:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=50 t=1672707076
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Tue, 03 Jan 2023 00:51:16 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3632613727204802565
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211
expires: Tue, 03 Jan 2023 19:51:16 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame DFC2 34 KB
10 KB 247ms
247ms Script
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 94a73b6b67576e687d6bbb8de62ab8901629628e398544c08e146331dd6d0720

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
content-encoding: gzip
last-modified: Tue, 03 Jan 2023 00:46:33 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=86118
content-length: 10067
expires: Wed, 04 Jan 2023 00:46:34 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 480F 34 KB
10 KB 276ms
276ms Script
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 94a73b6b67576e687d6bbb8de62ab8901629628e398544c08e146331dd6d0720

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
content-encoding: gzip
last-modified: Tue, 03 Jan 2023 00:46:33 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=86118
content-length: 10067
expires: Wed, 04 Jan 2023 00:46:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC4D 0
0 195ms
194ms Fetch
image/gif 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtse3jxS8CU1FzOA04z1t3qH-h4N9z0fcZOC0tSM0q0JndzOzJILSdy9YFd35v5gQCfgZ463WKCtV5zWyHFdCCVx6gwi0OGGBdfS3L-oFrKfq2CX2sKGBR33GcXO-9ndbU1hi8Ow9iVET4Wd_EGK11ufX8K-mwpl9_oes79rrm5xCrEwJwVWPYwGyn5EqzhZAoEENp74eFeetsa7-h_Gm2CiZtg65BfRNv-ny8OuJefq7RrKoxzN5GNvScUc4IzP99PdjR2ZVfH-Wg278B9t3sAxqlYYbIs_3dFNOb9WiZNnW_4U8C88u1Hb14UU2T76iFq_fbGV4XdgY6B3d78ld6kg&sai=AMfl-YQ6YISOsvR2uWQHq81v0CFlp-2UbSOueqx1CH_tBE3Yox0wdsr_P36THRvdhfvDHVrpd-DWi6MKwOWmtgZ8zHR6oFfreuoPhUAch0I_F1RM9McGluFl6bxJNRuZfu7J3-v1xVniXCRmXN5SJ3jZ75o&sig=Cg0ArKJSzIFBneo0gLJdEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Jan 2023 00:51:16 GMT

GET
H2 200 61820499_03537e5f9f16f6f99dbed24e87c8af0a_creative_def.js Show response
s0.2mdn.net/ads/richmedia/studio/creative/61791623/ Frame DC4D 4 KB
2 KB 574ms
191ms Script
text/javascript 74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/creative/61791623/61820499_03537e5f9f16f6f99dbed24e87c8af0a_creative_def.js

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e4d5d7caa8528568907eb96ff61017c5c1c988c0c83eaa8386d7e14c7ffcaf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 06:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1365
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 11:04:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Jan 2023 06:05:19 GMT

GET
H2 200 html_inpage_rendering_lib_200_260.js Show response
s0.2mdn.net/879366/ Frame DC4D 183 KB
63 KB 924ms
542ms Script
text/javascript 74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61aa815692e9edf603f12550ad0976ccde355df6e118e42f018a691738997d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 22:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64774
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 21:01:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Jan 2023 22:12:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC4D 153 KB
47 KB 576ms
192ms Script
text/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 Jan 2023 00:51:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 07D3 0
0 195ms
194ms Fetch
image/gif 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUPJP4tZwMOEsya45ylzXrh9iP84sMX-ivL2lqK7ROIYZL5CtWgFPBy66_VIEbME2pONDC9v7gjCklintgSJCvyg__kDKHjyAQjSrESfAp1O208dxWvZMySLf3vN2VFw3l5-XFg3XxQ7buY8A79iwZ3A8EFqfecpgyr7K7d0pzoW0334BerlJNswgSmtAN6U6vWlPZlqgkyS4mFLQsIylAuxsvz8GjFoz-t8P1DHVA9l4pZMVgY2C_Ztgwl2KNM4G4PrFmsiFe6wEul-TCxajrqycX7Q00_60KSwChzQZ4zCf2fcDW9r8njuiO-yUdPhyNuZDFRXCstRqm4dD2HCBe5A&sai=AMfl-YSB3rdcEy7i8fq7QNQGDtUE89yiV8nAqoRZ0OVufoEnstp3BeaBPr3apBjIt-eEaz4xpH7nhnrbqD_QysG0zbw-xoWOSowpW_UHjw1EFI5_41TzZ3hgxhXs335jcybTkoBqi9Wsk6TyiO4u5MQ7Bws&sig=Cg0ArKJSzOiEkVyz1HS1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Jan 2023 00:51:16 GMT

GET
H2 200 61817354_261eefeebc8da81a83844c219d37f881_creative_def.js Show response
s0.2mdn.net/ads/richmedia/studio/creative/61313748/ Frame 07D3 3 KB
1 KB 993ms
640ms Script
text/javascript 74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/creative/61313748/61817354_261eefeebc8da81a83844c219d37f881_creative_def.js

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7712f61946f8374cc243e2ba1e9116583bce398ba7982e87a7a56139ddbb05e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 09:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1314
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 11:03:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Jan 2023 09:28:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_260.js Show response
s0.2mdn.net/879366/ Frame 07D3 183 KB
63 KB 512ms
192ms Script
text/javascript 74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61aa815692e9edf603f12550ad0976ccde355df6e118e42f018a691738997d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 22:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64774
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 21:01:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Jan 2023 22:12:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 07D3 153 KB
47 KB 982ms
628ms Script
text/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 Jan 2023 00:51:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 76B0 0
0 195ms
194ms Fetch
image/gif 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSMfgd9jB66fty1sQXmx2vUfDNozArlcD5MQhagRcQtSwkZTIIa_mdj1nhx4oK7B1xOrlYlSPOBwaaAxfvNyXN7d3dIO6IKYINSJj4RVxG6fguqegGlUSC3LKjikhxXYam-UQ2q04INRD_iitQ2leizAQfOdkKDbYUh4u1m7m3ytD4CrKBaJvI_GWqZvgpQZq1XUzLfOMlILqw7T3wijKbzL2jFdYJmGDIhJjUKS5KdT9GssnCOSUhFUJcg1QFnD7AEXg7IQD05TTJw-MzwNT4c-93gJIB1NVNdQybYSe8HEDU4l1iMV-pzk-Eslqf4ZHORrU&sai=AMfl-YRqEc_h0h0NZXqCky3lVifD7ljJXBEbu5lVscoflDrgCUhAYHRFa7rvsQ-jjnbp-xl9Y9SnUG9RTh1RMhEwF-6CqvfUG965IdRcSoDSFyi7KsOUI9kUMYg8Ci7pfg3KXm35POJin7kioylslXzaL4k&sig=Cg0ArKJSzHFLlhVU5Or-EAE&uach_m=[UACH]&adurl=

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Jan 2023 00:51:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 76B0 3 KB
2 KB 574ms
190ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 14:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 14:09:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76B0 153 KB
47 KB 801ms
474ms Script
text/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 Jan 2023 00:51:17 GMT

GET
H2 200 33911536141169662
tpc.googlesyndication.com/simgad/ Frame 76B0 42 KB
42 KB 554ms
191ms Image
image/jpeg 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/33911536141169662

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a20e142c026a3e291bc2ebce86b357e69eb10025725358ed9874eac288812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 02:46:26 GMT
x-content-type-options: nosniff
age: 338691
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42537
x-xss-protection: 0
last-modified: Thu, 31 Jan 2019 02:55:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Dec 2023 02:46:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 285C 0
0 195ms
194ms Fetch
image/gif 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUUHV98I262DZerBJk7PA7XdAaG2BapS2m-bb8aM5Qff8bgwRwVO3cAJGfN65W_b92y5QMSlk0w41ThL_UiYyhq12MhHT9jyvbmwI4nIJuLGevqJlQDAsZnxy6cE1JcmfSgeYzMmteAHSplQ0ggIgcIywac9fl2zQx6lcrgq_rbCzwA4R8OHA-FRFnSXDVAzf0q6WPK0yogyAe2Xk9ayXlww4tHhG0bZ_gq-NoVSFWXOqOvZtEka89AQ_-rrppfdsCOpUFwzqUM9SJXFoJszOax97y7lytA98j7ZcTlrfAGNQegn_e40p25yADKx1K-V9ZqdY&sai=AMfl-YTMJP6T9AnbZj-R14tccaFKxpCTKbj44eE-gZ6LWcxNDpQehFbrE9NqN5udbM7jiUAhteiTUzDw8S6HXx8_LF0Qq0nmKIdNuZl_cRXwtl846chqMmxgqDQ2i7grgHDNz0cOpLo-FuX3j3ZsC_lhBBs&sig=Cg0ArKJSzEW8gaj2sAO7EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Jan 2023 00:51:16 GMT

GET
H2 200 tag Show response
a.teads.tv/page/7322/ Frame 285C 770 B
821 B 1092ms
283ms Script
application/javascript 23.207.181.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/7322/tag
Requested by: Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.181.47 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-181-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 62b7e0bfac9b6010909467397bf0cf9f7fc941e0d1e6c1fd28b2420c15a692da

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:18 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 479
expires: Tue, 03 Jan 2023 01:51:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 285C 153 KB
47 KB 1051ms
741ms Script
text/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-13-33-88-55.sin2.r.cloudfront.net

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 Jan 2023 00:51:17 GMT

GET
DATA 200
OK truncated
/ Frame 76B0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b6e9cb2077285494d3b636bd7407370a07d34b3e8adecccc1c70312c13b3886

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame A766 34 KB
10 KB 267ms
266ms Script
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 94a73b6b67576e687d6bbb8de62ab8901629628e398544c08e146331dd6d0720

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
content-encoding: gzip
last-modified: Tue, 03 Jan 2023 00:46:33 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=86118
content-length: 10067
expires: Wed, 04 Jan 2023 00:46:34 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 476ms
274ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: fa1f876cb70f7a711191b9dab191d9cc1c037ae4f5f5ea032dfe742f51c07f65

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 476ms
275ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=kVtrSEW9&w=5717806438940672&o=5762268746743808&cv=2.1.03-1-g6247d5c&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&sid=r1S77IJQOT&upapi=true
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 03 Jan 2023 00:51:17 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame A729 1 KB
1 KB 111ms
111ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20221208165346499

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949583
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
content-length: 1164
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7837bebee87e6a45-SYD
expires: Thu, 02 Feb 2023 10:51:16 GMT

GET
H2 200 X1IJY0gRMT4YQfm6aScrUQAAAAY.png
www.dianomi.com/img/uploads/ Frame A729 5 KB
5 KB 117ms
116ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/uploads/X1IJY0gRMT4YQfm6aScrUQAAAAY.png

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fe6349f1b901e2be50ec9204424b7e698dffdd210edb79ecd63b8ade1e5861f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949351
cf-polished: origFmt=png, origSize=23215
content-disposition: inline; filename="X1IJY0gRMT4YQfm6aScrUQAAAAY.webp"
content-length: 4784
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Sep 2020 09:31:16 GMT
server: cloudflare
etag: "5aaf-5ae7987ca2100"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7837bebf08956a45-SYD
expires: Thu, 02 Feb 2023 10:51:16 GMT

GET
DATA 200
OK truncated
/ Frame A729 194 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 610a27fa1d1948e2995168f02b2db335efa782172fe160535ce12823820e8eb7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 play_200px.png
www.dianomi.com/videofeed/icons/ Frame A729 8 KB
8 KB 130ms
127ms Image
image/png 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/videofeed/icons/play_200px.png

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fe91869eab90bb6c349d076d3d9acafbc1cdd644fc8494abda2667f1590fcbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5595
cf-polished: origSize=13554, status=vary_header_present
content-length: 8404
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Oct 2020 08:10:13 GMT
server: cloudflare
etag: "34f2-5b23dfe50a340"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7837bebf089e6a45-SYD
expires: Tue, 03 Jan 2023 04:51:16 GMT

GET
H2 200 learn_more_200px.png
www.dianomi.com/videofeed/icons/ Frame A729 7 KB
7 KB 116ms
114ms Image
image/png 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/videofeed/icons/learn_more_200px.png

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afd8736900c611a7514a3ae94e9432479c0d7852689fcd104695bdddd8a2f57e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6453
cf-polished: origSize=11011, status=vary_header_present
content-length: 7082
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Oct 2020 08:10:13 GMT
server: cloudflare
etag: "2b03-5b23dfe50a340"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7837bebf089f6a45-SYD
expires: Tue, 03 Jan 2023 04:51:16 GMT

GET
H2 200 x50.png
www.dianomi.com/img/a/sav2/282646/2/ Frame A729 6 KB
6 KB 122ms
120ms Image
image/webp 104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/282646/2/x50.png

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

651c2a04f6cc14961317bdc07625ba7f2dcad11552e99a0376afeb0cd4908a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:16 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 269490
cf-polished: origFmt=png, origSize=7849
content-disposition: inline; filename="x50.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 30 Dec 2022 21:59:46 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 7837bebf08a06a45-SYD
expires: Tue, 10 Jan 2023 00:51:16 GMT

GET
H2 206 thumbnail.mp4
videodelivery.net/2f1475910ae9b766c2dd15f2fb13d666/thumbnails/ Frame A729 709 KB
710 KB 373ms
163ms Media
video/mp4 104.16.203.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://videodelivery.net/2f1475910ae9b766c2dd15f2fb13d666/thumbnails/thumbnail.mp4?duration=120s&audio=1&width=650&fit=fill

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.203.35 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c688018ffda120b95f28e97de7342081fa3fb0c58a261813d681e3301b8bd042

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://edition.cnn.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
strict-transport-security: max-age=15552000
cf-cache-status: HIT
age: 6922
Content-Range: bytes 0-725601/725602
stream-dw-version: 2022.12.17
Content-Length: 725602
core-cache-status: HIT
last-modified: Mon, 02 Jan 2023 22:47:37 GMT
server: cloudflare
vary: origin, referer, Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=864000
access-control-expose-header: cf-ray
cf-ray: 7837bec36fe7a962-SYD
access-control-allow-headers: range
served-in-seconds: 1.505

GET
H2 200 time.json Show response
ljsp.lwcdn.com/web/public/countdown/ Frame A729 27 B
537 B 824ms
387ms Fetch
application/json 13.33.88.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ljsp.lwcdn.com/web/public/countdown/time.json

Requested by

Host: cdn.flowplayer.com
URL: https://cdn.flowplayer.com/releases/native/3/v3.4.1/flowplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.88.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bed6e158183a2266ab3ea3386e6af625718a18dbb2ae94f28a1740427736a19f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
via: 1.1 f376d87611123aa47c006262522a6a94.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 4
x-cache: Miss from cloudfront
content-length: 27
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: nginx
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=5, max-age=5
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,x-flowplayer-api-key
x-amz-cf-id: EpxM-iola1z6zgFKGnWf0tqmUXZsLXEJUHfOy7Ss_eHY3Tr25vecXQ==

GET
H2

200

rubicon
data.dianomi.com/frontend/ Frame DFC2
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=dianomi&gdpr=0&gdpr_consent=&gdpr=0&us_privacy=1---&khaos=LCFILS5L-1Z-JUDL
https://data.dianomi.com/frontend/rubicon?uid=LCFILS5L-1Z-JUDL&gdpr=0&us_privacy=1---

68 B
335 B

397ms
396ms

Image
image/png

104.18.35.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.dianomi.com/frontend/rubicon?uid=LCFILS5L-1Z-JUDL&gdpr=0&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=

Protocol

Server

104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 68
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7837bec10ab56a45-SYD
access-control-allow-headers: dianomi-force-dmp

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://data.dianomi.com/frontend/rubicon?uid=LCFILS5L-1Z-JUDL&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 83041abbe8494cb29eff3083edd6dff6
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DFC2
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/zn-RakqxAhef_3VnVzBkwcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Gv28v_lE2oLqVkGqPI9LTfOhHV60j1w6LgM7rw--~A

42 B
689 B

542ms
194ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Gv28v_lE2oLqVkGqPI9LTfOhHV60j1w6LgM7rw--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 03 Jan 2023 00:51:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Gv28v_lE2oLqVkGqPI9LTfOhHV60j1w6LgM7rw--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame DFC2
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=G1l5OTxMQ2eX7TBESLw0Tw&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G1l5OTxMQ2eX7TBESLw0Tw&gdpr=0

43 B
479 B

315ms
315ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G1l5OTxMQ2eX7TBESLw0Tw&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:18 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EQSWW78VMEYT6HSHQ3Q6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=G1l5OTxMQ2eX7TBESLw0Tw&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DFC2
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
https://match.adsrvr.org/track/cmb/rubicon?gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=&expires=30

42 B
689 B

766ms
192ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:17 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFC2
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENGSUxTNUwtMVotSlVETA==&gdpr=0&us_privacy=1---

170 B
188 B

194ms
193ms

Image
image/png

142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENGSUxTNUwtMVotSlVETA==&gdpr=0&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=

Protocol

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENGSUxTNUwtMVotSlVETA==&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame DFC2
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0Qg8tb5LS3y6bEkJ255Pug&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0Qg8tb5LS3y6bEkJ255Pug&gdpr=0

43 B
479 B

383ms
383ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0Qg8tb5LS3y6bEkJ255Pug&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 045XSVWN3GD7XQGM1BQG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0Qg8tb5LS3y6bEkJ255Pug&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame DFC2
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCFILS5L-1Z-JUDL&gdpr=0&us_privacy=1---

0
574 B

503ms
294ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCFILS5L-1Z-JUDL&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 1D7B58F912BF4E74A5BFB5687AF4EBBD Ref B: SYD03EDGE1519 Ref C: 2023-01-03T00:51:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXxUXcy2gc2U9x+/srevA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCFILS5L-1Z-JUDL&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFC2
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjU0ODJiZDMwNzc0ODgzM2NkNTg3NDk3MTIzYmYwOWRhMWY2Yzc4Mw&gdpr=0&us_privacy=1---

170 B
188 B

195ms
195ms

Image
image/png

142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjU0ODJiZDMwNzc0ODgzM2NkNTg3NDk3MTIzYmYwOWRhMWY2Yzc4Mw&gdpr=0&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=

Protocol

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjU0ODJiZDMwNzc0ODgzM2NkNTg3NDk3MTIzYmYwOWRhMWY2Yzc4Mw&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 548ddf114c6f6bfbb66a4cdeb6a219f4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DFC2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAf1lFsSD7y3_nrOhLV6WxI&google_cver=1

42 B
689 B

777ms
193ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAf1lFsSD7y3_nrOhLV6WxI&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEAf1lFsSD7y3_nrOhLV6WxI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK selectors Show response
onsiterecs.api.boomtrain.com/api/v1/ 17 B
232 B 1324ms
324ms XHR
application/json 54.221.140.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onsiterecs.api.boomtrain.com/api/v1/selectors?url=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&site_id=cnn
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.221.140.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-140-179.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1c6443e56a8d88c1734afadf22d91420afa0c321e7387077aca580735a046b57

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://edition.cnn.com
Date: Tue, 03 Jan 2023 00:51:18 GMT
Server: nginx
Connection: keep-alive
Content-Length: 17
Vary: Origin
Content-Type: application/json

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 0736 2 KB
3 KB 326ms
326ms Document
text/html 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

d14dbd524762c06f5170a5174b37fcf1d7bf89cd4ea6a1fdfd6e95deb7f94180

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 2333
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 03 Jan 2023 00:51:17 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: BAN8JVET09YJVH81FEV7

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 1264ms
631ms XHR
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 Jan 2023 00:51:18 GMT

GET
DATA 200
OK truncated
/ Frame DC4D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 802bd808ad6be61032bcf4a62b5380b61c8dfd283cf38e3fae8bfa280f2e25bb

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 88C3 47 KB
13 KB 588ms
197ms Script
application/javascript 13.251.90.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925660&campId=970x250&pubId=38829637&chanId=52128877&placementId=6181062696&pubCreative=138417680837&pubOrder=3125039887&cb=1625792271&adsafe_par&impId=ba19ff6f-8b00-11ed-963d-0264d93e907e&custom=bnr_atf_01&custom2=&custom3=&custom4=&custom5=stlr&custom6=article_leaf
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.90.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-90-192.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3984ab8fb614bdecf94ee3dbd0fbccda3bc647233c39bd7e4b134493d296dee6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:18 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 76B0 0
0 195ms
195ms Fetch
image/gif 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBQDvrRB_WsQds-qQbLY0LyKPDAr9WBj54qOLvtQDKybYtE2annTZLZvJ9sE5jU5OtYAUD7Ji3tiXjV8vU-1BOIx3ZRtFqFSNfoiB3bpuzPITNcVtzZPx-JeHbBMxO2TyDCLASh2SIxv6Ove6t5AWqPbqRpb-YYYyiiH774pA3dRumh5JZLz-46vSqEynHOjhC227wi2dhZe4IVHusE9SQLLjYp0gUK2KEbP2wIZJfDEHCnbYKPdyivxww0a6525A1RHqlM114uzyBXKxDSUGDOCcgKd7LI_6b9BRnK476v1C3wKx-5TOtKs9VuqdLEg-P8SqEcA&sai=AMfl-YRGKJI7uA6K11vie9717-GPGKUmC6Xr0KhZDucADXJ9mN0_xTRLm0Tlh8JwxYVeOiNYnhL1LTW0zjLw5CKfm3edKI81p6Ukrcmcmxh_VzzVtmhvRemdD0jCMCsi7I17pUSRPIgJpUhO1OsJefScPvU&sig=Cg0ArKJSzHrJLy9g9ChVEAE&uach_m=[UACH]&adurl=

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Jan 2023 00:51:17 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 75D8 47 KB
13 KB 647ms
389ms Script
application/javascript 13.251.90.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925660&campId=300x250&pubId=38600317&chanId=52128877&placementId=4941921533&pubCreative=138258660467&pubOrder=2480051010&cb=70704495&adsafe_par&impId=ba19ff71-8b00-11ed-963d-0264d93e907e&custom=rect_btf_01&custom2=&custom3=&custom4=&custom5=stlr&custom6=article_leaf
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.90.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-90-192.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 14c5e7116bee28b025147d02d718d3518eac306bc0d5ad723105dc2bd73fc5ae

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:18 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61313748/20210505072929871/ Frame BCA1 64 KB
15 KB 494ms
192ms Document
text/html 74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61313748/20210505072929871/index.html?e=69&leftOffset=0&topOffset=0&c=8WPWDj17LE&t=1&renderingType=2

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97f6e5ffc4feda631779b4c98699ac380fc7b89625e9a051ce99aab2114c16af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edition.cnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 14815
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Jan 2023 00:51:18 GMT
expires: Wed, 04 Jan 2023 00:51:18 GMT
last-modified: Wed, 05 May 2021 14:29:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adServer.bs
bs.serving-sys.com/Serving/ Frame 07D3 42 B
646 B 754ms
197ms Image
image/gif 13.251.75.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=display&c=19&pli=1078707184&gdpr=&gdpr_consent=&adid=1089127613&ord=459691283
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.75.90 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-75-90.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:18 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 42
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 p-D1yc5zQgjmqr5.gif
pixel.quantserve.com/pixel/ Frame 07D3 35 B
372 B 590ms
195ms Image
image/gif 103.229.10.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-D1yc5zQgjmqr5.gif?labels=_campaign.media.Display.DFP.Advertiser%20ID.38829637.Campaign%20ID.3125039887

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 07D3 0
0 195ms
195ms Fetch
image/gif 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWR2FjlttwgBLjfFQ1S4Ytxi2muuPrLJO_ONZrWl_Nm_o2FlhmICdFQWMWlWOQExQfVVTBxcVMIqTf_QC6PJCORONAhVh8_ujq9BhkqgnennTBcRCUD8Mgp5H_tTeZvwIOKFl5LmUU4gPOVy6zRhpKKA8d68-2wKANIWLkzDuVBHD6h8WL4Ox-JQQiB5Lg626kv3LJx6AnkjCW67KIlOZ0bMCYPh004ezSuV6s11dI_3yOfmD3DY9ujdmYn5BopN3WRHP-63E3oZ2Ah4CRhUoAq4EYd-ZgIf06Zd9bNkk7rqG0Yyt1XcRlqhKkcsethhWPUW_e6A&sai=AMfl-YQEQ2KNxk_uihs3UpFKVrzhVGJNdPIUjdhadSvDsqWYEycyLaw9SyzX56YvNq5IbQEQIh4pjs4_-5RUVOsah6Uc5d_PWvj78GXvWYRF8GETJ47O0-T4bhO8tS4gvoQoQzI8NdEY7ax8Op5A-RPTqoA&sig=Cg0ArKJSzHDyu_2PJ-p1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Jan 2023 00:51:18 GMT

GET
DATA 200
OK truncated
/ Frame 07D3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8659791b91d08a357984a078b9769b31288c0e663ab9218955e95830489e33ef

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 970x250.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/ Frame 4F7A 80 KB
18 KB 493ms
191ms Document
text/html 74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/970x250.html?e=69&leftOffset=0&topOffset=0&c=s0m5fe7F32&t=1&renderingType=2

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aa2f7f10d6297182dcdd4a96fd16acf5ad71189a8b42bdfc01a47b00c4d101b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edition.cnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 18677
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Jan 2023 00:51:18 GMT
expires: Wed, 04 Jan 2023 00:51:18 GMT
last-modified: Wed, 19 May 2021 14:09:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 p-D1yc5zQgjmqr5.gif
pixel.quantserve.com/pixel/ Frame DC4D 35 B
372 B 525ms
196ms Image
image/gif 103.229.10.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-D1yc5zQgjmqr5.gif?labels=_campaign.media.Display.DFP.Advertiser%20ID.38829637.Campaign%20ID.3125039887

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 adServer.bs
bs.serving-sys.com/Serving/ Frame DC4D 42 B
646 B 687ms
198ms Image
image/gif 13.251.75.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=display&c=19&pli=1078707183&gdpr=&gdpr_consent=&adid=1089127618&ord=430750702
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.75.90 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-75-90.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:18 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 42
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 1D6B 47 KB
13 KB 519ms
390ms Script
application/javascript 13.251.90.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925660&campId=300x600&pubId=38829637&chanId=52128877&placementId=6181062696&pubCreative=138417680834&pubOrder=3125039887&cb=943030734&adsafe_par&impId=ba19ff70-8b00-11ed-963d-0264d93e907e&custom=rect_atf_01&custom2=&custom3=&custom4=&custom5=stlr&custom6=article_leaf
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.90.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-90-192.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 607fd9c80d2668949e5cda926d44b309645a083dc133cd19862d7937e54c5f21

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:18 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame D3EC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

2 KB
1 KB

329ms
229ms

Document
text/html

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82392c17d7c51251392d737c84c492ede7ef269fd2cd10a0f7384b817ec3d6be

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7837bec8c83daaf9-SYD
content-encoding: br
content-type: text/html
date: Tue, 03 Jan 2023 00:51:18 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QufKwCxRvNHr6ndBHdG8X1a5ma00QM7NsWBV%2BjgPNgUK6d0nBc%2FOJnLNS9roiVhQwu1DFmJ1LzIblDMpllehJi5mMuMg%2BNaaL5WPbeXmmbDr4BIpwQiuIuXVJyEgUEKCMerNLTUEGpqTxA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7837bec6de91a941-SYD
content-length: 0
date: Tue, 03 Jan 2023 00:51:18 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qItC3x1rMIm6Gv%2BUc7zZllh5Sjxy9NqDjUJj9ZzSLuf7kfnLyLXXr9y8rUJPOV7WR4V7B4xeXkum8pPcCQs33z2Jl5yP12YuIhpB0dFs1%2BZs4WlTEjXHTnog7uuMHpBsFcddSJL6EugCJw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
match.sharethrough.com/jwumXNuB/v1/ Frame CCBE 427 B
612 B 587ms
194ms Document
text/html 18.140.14.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.140.14.246 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-14-246.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: dcfb682b30b21d915e08024d644968f3054ab35c5b1925c2444c6104f2b7ff06

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-length: 427
date: Tue, 03 Jan 2023 00:51:18 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 09EA 16 KB
6 KB 969ms
271ms Document
text/html 23.207.180.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.207.180.199 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-180-199.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=102879
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 03 Jan 2023 00:51:18 GMT
expires: Wed, 04 Jan 2023 05:25:57 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 tamptsync Show response
sync-amz.ads.yieldmo.com/ Frame 9DA7 891 B
760 B 644ms
195ms Document
text/html 52.74.226.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.226.129 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-226-129.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 68cf5b4a794f191d70714edfc8f37ff29ea736a861505c0b37c5c3071a07ef5b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 03 Jan 2023 00:51:18 GMT
pragma: no-cache
vary: accept-encoding

GET
H2 200 usync.html Show response
eus.rubiconproject.com/ Frame 4003 281 B
410 B 248ms
244ms Document
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 03 Jan 2023 00:51:18 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 043B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1wUmtaWm1GRTJ1TG5aZWxIclVDWkQyX1VnTG1Ed2FKUX5B

43 B
720 B

321ms
320ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1wUmtaWm1GRTJ1TG5aZWxIclVDWkQyX1VnTG1Ed2FKUX5B

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 03 Jan 2023 00:51:18 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 0ACW7BXA0A6782JV0RTK

Redirect headers

age: 0
content-length: 0
date: Tue, 03 Jan 2023 00:51:18 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1wUmtaWm1GRTJ1TG5aZWxIclVDWkQyX1VnTG1Ed2FKUX5B
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 206E
Redirect Chain

https://ssbsync-us.smartadserver.com/api/sync?callerId=2
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3019041179730735901&gdpr=0&gdpr_consent=

43 B
479 B

435ms
331ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3019041179730735901&gdpr=0&gdpr_consent=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 03 Jan 2023 00:51:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 724XAYH4TK0QS742S4CB

Redirect headers

content-length: 0
date: Tue, 03 Jan 2023 00:51:18 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3019041179730735901&gdpr=0&gdpr_consent=

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame C7CA
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=8906080515655609534&ex=appnexus.com

43 B
479 B

332ms
332ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=8906080515655609534&ex=appnexus.com

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 03 Jan 2023 00:51:18 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: X9RETDT2F36CFMP8ZN7Z

Redirect headers

AN-X-Request-Uuid: 7d41b89c-5f35-4ea4-857e-e9e423dc9f6e
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Tue, 03 Jan 2023 00:51:18 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://s.amazon-adsystem.com/ecm3?id=8906080515655609534&ex=appnexus.com
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 173.245.209.33; 173.245.209.33; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 5A76
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3629917585617201438583

43 B
720 B

593ms
350ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3629917585617201438583

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 03 Jan 2023 00:51:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: Z8263YJD0K2ZYKJJZDCY

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 03 Jan 2023 00:51:18 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3629917585617201438583
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
DATA 200
OK truncated
/ Frame 285C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1605f77afa3f825a49274610428b3d523464d82c9c4397c90ac4958a61009b7a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 optout_check Show response
beacon.krxd.net/ 81 B
240 B 273ms
273ms Script
text/javascript 52.41.136.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns._default.kxjsonp_optOutCheck
Requested by: Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.136.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-136-75.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: d138d8e3e2de52d2ac51dbfd52f252fb9ee0007c9971c5e670dc22fe2b49669e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n015-pdx-prod.krxd.net
date: Tue, 03 Jan 2023 00:51:18 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=31 t=1672707078
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 362 B
508 B 316ms
316ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=f3b6d00d-676f-48d8-80ef-2b48af61105e&technographics=1&callback=Krux.ns._default.kxjsonp_userdata
Requested by: Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 29c66e3b9910c5afcd18fa7fb17fc6a15e18d471fc108f5fd7cc777e52edf1df

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Tue, 03 Jan 2023 00:51:18 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: userdata-a010-ash-prod.krxd.net, cache-syd10162-SYD
age: 0
x-timer: S1672707078.088124,VS0,VE218
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
content-length: 280
x-cache-hits: 0, 0

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame BB4B 47 KB
13 KB 224ms
197ms Script
application/javascript 13.251.90.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925660&campId=1x1&pubId=50463277&chanId=52128877&placementId=6059072529&pubCreative=138397584362&pubOrder=2719891907&cb=33537992&adsafe_par&impId=ba19ff74-8b00-11ed-963d-0264d93e907e&custom=out_vid_01&custom2=&custom3=&custom4=&custom5=stlr&custom6=article_leaf
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.90.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-90-192.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 99594c4b8f1f6647dc5f1a7bf5b20cb944a4086009f8324cf03f8b31a8edf783

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:18 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 f3b6d00d-676f-48d8-80ef-2b48af61105e Show response
consumer.krxd.net/consent/set/ 259 B
358 B 277ms
276ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/set/f3b6d00d-676f-48d8-80ef-2b48af61105e?idt=device&dt=kxcookie&dc=1&al=1&tg=1&cd=1&sh=1&re=1&callback=Krux.ns._default.kxjsonp_consent_set_1
Requested by: Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d6a6ae08b46715e31fcb846ec79f829160b94c8abaa93f1b9734531963e1842d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: consumer-a008-pdx-prod.krxd.net, cache-syd10153-SYD
date: Tue, 03 Jan 2023 00:51:18 GMT
content-encoding: gzip
via: 1.1 varnish
x-timer: S1672707078.111024,VS0,VE179
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=10
x-age: 0
accept-ranges: bytes
content-length: 220
x-cache-hits: 0, 0

GET
H/1.1 200
OK u
bea4.cnn.com/ad/ 0
413 B 1568ms
274ms Image
text/html 34.223.199.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bea4.cnn.com/ad/u?mode=echo&cr=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dfreewheel%26partner_uid%3D%23%7Buser.id%7D
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.199.223 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-199-223.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:19 GMT
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 4003 34 KB
10 KB 259ms
259ms Script
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 94a73b6b67576e687d6bbb8de62ab8901629628e398544c08e146331dd6d0720

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:18 GMT
content-encoding: gzip
last-modified: Tue, 03 Jan 2023 00:46:33 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=86116
content-length: 10067
expires: Wed, 04 Jan 2023 00:46:34 GMT

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame BCA1 110 KB
38 KB 191ms
191ms Script
text/javascript 74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61313748/20210505072929871/index.html?e=69&leftOffset=0&topOffset=0&c=8WPWDj17LE&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61313748/20210505072929871/index.html?e=69&leftOffset=0&topOffset=0&c=8WPWDj17LE&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 11:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Jan 2023 11:36:54 GMT

GET
H2 200 createjs-2015.11.26.min.js Show response
code.createjs.com/ Frame BCA1 186 KB
48 KB 979ms
376ms Script
text/javascript 72.247.127.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/createjs-2015.11.26.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61313748/20210505072929871/index.html?e=69&leftOffset=0&topOffset=0&c=8WPWDj17LE&t=1&renderingType=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.127.224 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-127-224.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:19 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Tue, 03 Jan 2023 01:06:19 GMT

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 274ms
274ms Image
text/plain 52.41.136.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=tefghq6ia&_kpid=f3b6d00d-676f-48d8-80ef-2b48af61105e&_kcp_s=CNN%20Business%20Edition&_kcp_d=edition.cnn.com&_knifr=25&_kua_kx_tz=0&geo_country=au&geo_region=nsw&geo_dma=36117&rtsegs=vc7sfzs7v&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%2010&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=au&_kua_kx_geo_region=nsw&_kua_kx_geo_dma=36117&_kpa_url_path_1=2022&_kpa_url_path_2=12&_kpa_url_path_3=29&_kpa_meta_keywords=banking%20institutions%2C%20banking%2C%20finance%20and%20investments%2C%20brand%20safety-nsf%20crime%2C%20brand%20safety-nsf%20death%2C%20brand%20safety-nsf%20mature%2C%20brand%20safety-nsf%20other%2C%20brand%20safety-nsf%20sensitive%2C%20brand%20safety-nsf%20violence%2C%20business%20figures%2C%20business%2C%20economy%20and%20trade%2C%20caribbean%2C%20companies%2C%20consumer%20banking%2C%20continents%20and%20regions%2C%20crime%2C%20law%20enforcement%20and%20corrections%2C%20crimes%20against%20persons%2C%20criminal%20offenses%2C%20death%20and%20dying%2C%20deaths%20and%20fatalities%2C%20domestic%20alerts%2C%20domestic-business%2C%20domestic-international%20news%2C%20human%20rights%2C%20human%20rights%20violations%2C%20human%20trafficking%2C%20iab-bereavement%2C%20iab-business%2C%20iab-business%20and%20finance%2C%20iab-business%20banking%20%26%20finance%2C%20iab-consumer%20banking%2C%20iab-crime%2C%20iab-family%20and%20relationships%2C%20iab-financial%20industry%2C%20iab-industries%2C%20iab-law%2C%20iab-personal%20finance%2C%20iab-politics%2C%20international%20alerts%2C%20international%20relations%20and%20national%20security%2C%20international-business%2C%20jeffrey%20epstein%2C%20jpmorgan%20chase%20%26%20co%2C%20law%20and%20legal%20system%2C%20lawsuits%20and%20claims%2C%20sex%20crimes%2C%20slavery%2C%20society%2C%20the%20americas%2C%20trial%20and%20procedure%2C%20virgin%20islands%2C%20u.s.&_kpa_domain=cnn.com&_kpa_cnn_international_site=cnn_international&_kpa_cnn_international_rollup=business&_kpa_cnn_international_section=leaf&t_navigation_type=0&t_dns=38&t_tcp=196&t_http_request=-1&t_http_response=424&t_content_ready=2536&t_window_load=0&t_redirect=0&interchange_ran=true&userdata_was_requested=true&userdata_did_respond=true&store_user_after=x4p0sn8vk&store_segs_after=vc7sfzs7v&_kurl_=https%3A%2F%2Fwww.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&userdata_user=PS6uoFpe%2Cx4p0sn8vk&sview=1&kplt0=37159&kplt1=40069&kplt2=37163&kplt3=38056&kplt4=38449&kplt5=38581&kplt6=41813&kplt7=42189&kplt8=44661&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2Ff3b6d00d-676f-48d8-80ef-2b48af61105e%2C836%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C276%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C320%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fset%2Ff3b6d00d-676f-48d8-80ef-2b48af61105e%2C279
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.136.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-136-75.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n011-pdx-prod.krxd.net
date: Tue, 03 Jan 2023 00:51:18 GMT
cache-control: private, no-cache, no-store
x-request-time: D=77 t=1672707078
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 4F7A 110 KB
38 KB 202ms
201ms Script
text/javascript 74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/970x250.html?e=69&leftOffset=0&topOffset=0&c=s0m5fe7F32&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/970x250.html?e=69&leftOffset=0&topOffset=0&c=s0m5fe7F32&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 11:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Jan 2023 11:36:54 GMT

GET
H2 200 createjs-2015.11.26.min.js Show response
code.createjs.com/ Frame 4F7A 186 KB
48 KB 828ms
297ms Script
text/javascript 72.247.127.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/createjs-2015.11.26.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/970x250.html?e=69&leftOffset=0&topOffset=0&c=s0m5fe7F32&t=1&renderingType=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.127.224 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-127-224.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:19 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Tue, 03 Jan 2023 01:06:19 GMT

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 594 KB
130 KB 271ms
270ms Script
text/javascript 23.207.181.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.181.47 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-181-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5fcd41ae31209fd89836356458c60916d252e4f463b54ddbbce3faac9f901cea

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:18 GMT
content-encoding: br
last-modified: Thu, 15 Dec 2022 14:13:39 GMT
x-amz-request-id: G9W72HP9S4CQTMBQ
etag: "15339442ae8f3f9c972f9ce6eef80959"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: f
accept-ranges: bytes
content-length: 132771
x-amz-id-2: dtLMZt77r8juWmzLEMBNxcsweAdReW0TF4kKs8DWz0e0bHNRB9+4klyCWGcJ/NrR+SbM0d/G8mo=
expires: Tue, 03 Jan 2023 01:21:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 285C 0
0 195ms
195ms Fetch
image/gif 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5wF1gqVB-23ZWAdEmua6wMKS5FxT20YnoxXyMGSOu2G-HAmO3oRcjNsM1YmXbDYm1fY6smgJJMlmTvz-FN6jCJtOHY_c08_MSUj0IyLSMaHPuCkv50L2qXWkNP8zaQVaJ_5lBsKq8vCjvcRYGOMdBEmehGefC2rXhm19d49UC1N1NEvozCmCDYVUYxaFiLCWNrwVyCJXsonh0h-g1KKXcbjHbQ-T3ISEEOjmrU00OEd_GAu4sd5M89oIrmrUMLcOtZ2zRHYUPBQ36bFB1DwbU-iwPZmrTtR7sqhkyeJvbe8QHI7QAbr3LZAiNN2-nk3rnyFs5dg&sai=AMfl-YSQH6noZoar63Ri98WnjkXbwJiZ3Bp48g6ddburJdddaYwvDzRwq-cRskFpuADwOayfGjLeox03VuNJxmH4te2lMIzqAeDphfdYBtdj4QruROh-PTA1ptSLFiAadt3KbsLgvFCn-ZhHvcABzb9LxlY&sig=Cg0ArKJSzPed4SuR-GPTEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.209.124.34.bc.googleusercontent.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Jan 2023 00:51:18 GMT

GET
H2 200 main.19.8.377.js Show response
static.adsafeprotected.com/ Frame 88C3 199 KB
62 KB 457ms
457ms Script
application/javascript 52.84.45.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.377.js
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.45.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-45-31.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id: dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding: gzip
via: 1.1 281d355987643c0eb0bbf0ab368dda60.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P1
age: 1817680
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Dec 2022 16:54:47 GMT
server: AmazonS3
etag: W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: pj09l-IaaL6lypKOiNBmK4AQ7uLu1bTTbM6mKV5lp-NN678sUTfavw==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4003
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=LCFILS5L-1Z-JUDL
https://s.amazon-adsystem.com/ecm3?id=LCFILS5L-1Z-JUDL&ex=d-rubiconproject.com&status=ok&us_privacy=1---

43 B
720 B

765ms
315ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LCFILS5L-1Z-JUDL&ex=d-rubiconproject.com&status=ok&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: D0SPYHPPY0XB4MA73TBA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LCFILS5L-1Z-JUDL&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
Expires: 0

GET
H2 200 main.19.8.377.js Show response
static.adsafeprotected.com/ Frame BB4B 199 KB
62 KB 900ms
899ms Script
application/javascript 52.84.45.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.377.js
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.45.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-45-31.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id: dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding: gzip
via: 1.1 281d355987643c0eb0bbf0ab368dda60.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P1
age: 1817680
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Dec 2022 16:54:47 GMT
server: AmazonS3
etag: W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: WdX4nNE2v-89c9Gqc17FmhnzrkYT8V3ekRGkf4PP-w3Yc_MFEwtNnQ==

GET
H2 200 2023-01-03 Show response
production.dataviz.cnn.io/markets/index/DJII-USA,SP500-CME,COMP-USA/ 2 KB
874 B 309ms
309ms Fetch
application/json 65.8.11.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production.dataviz.cnn.io/markets/index/DJII-USA,SP500-CME,COMP-USA/2023-01-03
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.11.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-11-129.kul50.r.cloudfront.net
Software: uvicorn /
Resource Hash: 076cca9d50fa9aa02b5302178344f7b0316e5c7ccbaaa03769d0856cfe5d2649

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:15 GMT
content-encoding: gzip
via: 1.1 13935e9a2646099caef6302426761de0.cloudfront.net (CloudFront)
server: uvicorn
x-amz-cf-pop: KUL50-C2
age: 3
etag: W/3882738187192123413
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
x-api-cache: Hit
cache-control: max-age=5
x-amz-cf-id: IjOIJzursOh9AEQX7InCTKL47TrXiYcGwZWbQq6QE2fsc7T4xaeC0w==
expires: Tue, 03 Jan 2023 00:51:20 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame CCBE 43 B
479 B 332ms
331ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=10ac1974-8b19-4ba5-b42f-9e3d62c462bd

Requested by

Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:18 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T9NSSXK5DAJXGYAJXP8B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pubmatic
um.simpli.fi/ Frame CCBE
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMsM7xF-7f7mLS7PehVcgag&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

43 B
609 B

365ms
193ms

Image
image/gif

34.124.209.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID

Protocol

Server

34.124.209.251 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:20 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 02 Jan 2023 00:51:20 GMT

Redirect headers

location: https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date: Tue, 03 Jan 2023 00:51:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 207
content-type: text/html; charset=utf-8

GET
H2

200

v1
match.sharethrough.com/sync/ Frame CCBE
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=

68 B
279 B

194ms
194ms

Image
image/png

18.140.14.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 18.140.14.246 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-14-246.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:18 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H2

200

v1
match.sharethrough.com/sync/ Frame CCBE
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=52568843-4de7-4d69-9795-722ca16236cc&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}

68 B
279 B

196ms
195ms

Image
image/png

18.140.14.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=52568843-4de7-4d69-9795-722ca16236cc&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 18.140.14.246 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-14-246.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:19 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

x-servername: track006-sjc
pragma: no-cache
date: Tue, 03 Jan 2023 00:50:36 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
content-type: text/html; charset=utf-8
location: https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=52568843-4de7-4d69-9795-722ca16236cc&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-length: 296
expires: -1

GET
H2

200

v1
match.sharethrough.com/sync/ Frame CCBE
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=

68 B
279 B

195ms
194ms

Image
image/png

18.140.14.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 18.140.14.246 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-14-246.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:18 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 9DA7 43 B
720 B 333ms
332ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g34b3b2369a539160fc6

Requested by

Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:18 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MT1RYS33KJGW7GNS8SCR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame 9DA7
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=yieldmo
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo
https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=249a4043-65e7-4138-8f35-ca7387c320e6&gdpr=&gdpr_pd=&gdpr_consent=

43 B
551 B

197ms
197ms

Image
image/gif

52.221.146.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=249a4043-65e7-4138-8f35-ca7387c320e6&gdpr=&gdpr_pd=&gdpr_consent=
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol: H2
Server: 52.221.146.18 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-146-18.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 03 Jan 2023 00:51:20 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

Redirect headers

Location: //ads.yieldmo.com/v000/sync?pn_id=mf&userid=249a4043-65e7-4138-8f35-ca7387c320e6&gdpr=&gdpr_pd=&gdpr_consent=
Date: Tue, 03 Jan 2023 00:51:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame 9DA7
Redirect Chain

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
https://ads.yieldmo.com/v000/sync?userid=8906080515655609534&pn_id=an

43 B
323 B

1001ms
201ms

Image
image/gif

52.221.146.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?userid=8906080515655609534&pn_id=an
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol: H2
Server: 52.221.146.18 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-146-18.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 03 Jan 2023 00:51:19 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

Redirect headers

Date: Tue, 03 Jan 2023 00:51:18 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 173.245.209.33; 173.245.209.33; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9ae3d853-a5a8-4dd4-b4a1-ac60ca845954
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ads.yieldmo.com/v000/sync?userid=8906080515655609534&pn_id=an
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 9DA7 170 B
188 B 197ms
194ms Image
image/png 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=ZzM0YjNiMjM2OWE1MzkxNjBmYzY=

Requested by

Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
ads.yieldmo.com/ Frame 9DA7
Redirect Chain

https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=1194c18ef1e20c2&is_secure=true&networkId=42851&version=1
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAJlSxTVoG0YQNcYpYDAAAAAAA&expiration=1672793479&is_secure=true

43 B
332 B

267ms
197ms

Image
image/gif

52.221.146.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/sync?pn_id=eps&id=AAAJlSxTVoG0YQNcYpYDAAAAAAA&expiration=1672793479&is_secure=true
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol: H2
Server: 52.221.146.18 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-146-18.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 03 Jan 2023 00:51:19 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:19 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://ads.yieldmo.com/sync?pn_id=eps&id=AAAJlSxTVoG0YQNcYpYDAAAAAAA&expiration=1672793479&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

sync
sync-adform.ads.yieldmo.com/ Frame 9DA7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1283
https://c1.adform.net/serving/cookie/match?CC=1&party=1283
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=3958891285216491490

43 B
540 B

315ms
195ms

Image
image/gif

52.74.226.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=3958891285216491490
Requested by: Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol: H2
Server: 52.74.226.129 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-226-129.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync-amz.ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 03 Jan 2023 00:51:20 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=3958891285216491490
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 main.19.8.377.js Show response
static.adsafeprotected.com/ Frame 75D8 199 KB
62 KB 1070ms
1069ms Script
application/javascript 52.84.45.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.377.js
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.45.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-45-31.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id: dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding: gzip
via: 1.1 281d355987643c0eb0bbf0ab368dda60.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P1
age: 1817680
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Dec 2022 16:54:47 GMT
server: AmazonS3
etag: W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: EadAAGLN_EA8nzn8cZxku2eKgRoabUelyU3EzQfha3J88INAQkrylw==

GET
H2 200 main.19.8.377.js Show response
static.adsafeprotected.com/ Frame 1D6B 199 KB
62 KB 1256ms
1256ms Script
application/javascript 52.84.45.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.377.js
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.45.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-45-31.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id: dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding: gzip
via: 1.1 281d355987643c0eb0bbf0ab368dda60.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P1
age: 1817680
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Dec 2022 16:54:47 GMT
server: AmazonS3
etag: W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 8oAdF7quxiL18WsaJm2Jc1PmkXSZeTDuJ9mh6CuCBXaz0jsivzxj-w==

POST
H2 204 events
ihi.flowplayer.com/v1/health/ Frame A729 0
35 B 1176ms
377ms Ping
text/plain 52.49.117.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ihi.flowplayer.com/v1/health/events
Requested by: Host: cdn.flowplayer.com
URL: https://cdn.flowplayer.com/releases/native/3/v3.4.1/flowplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.117.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-117-216.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 03 Jan 2023 00:51:19 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D3EC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y7N8BqwQYUMeBHmgYSYOGAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED2h6SbMylSJx2PULgeiY-M&google_cver=1

43 B
766 B

197ms
197ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED2h6SbMylSJx2PULgeiY-M&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED2h6SbMylSJx2PULgeiY-M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D3EC
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7625981f-53e3-4e76-986a-4c6debaf17a1&expiration=1675299078&gdpr=0&gdpr_consent=

43 B
766 B

588ms
196ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7625981f-53e3-4e76-986a-4c6debaf17a1&expiration=1675299078&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7625981f-53e3-4e76-986a-4c6debaf17a1&expiration=1675299078&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame D3EC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y7N8BqwQYUMeBHmgYSYOGAAAEqkAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHSuwDkus-__OqFH3Dw7OE8&google_cver=1

43 B
847 B

215ms
215ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHSuwDkus-__OqFH3Dw7OE8&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndwggLFi3%2B68t9ElU0k%2FcdlnbV9RSqXnxVI3Izc3dogbJQj5uIzLCrwSE2Hbb1EeSfUAElINYBHa4Qn0hq6X%2FgQWQDj9LNTQIuwGPDO28qiysMh6Duvohur%2FX3kW5dgyQBQHFOJad%2Fl%2Bcw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7837becb9c8faaf9-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHSuwDkus-__OqFH3Dw7OE8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame D3EC 43 B
855 B 530ms
315ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7N8BqwQYUMeBHmgYSYOGAAAEqkAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Q1PG7T9YF07YX2T6RG78
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK us.php
gu.dyntrk.com/adx/ie/ Frame D3EC 0
215 B 595ms
195ms Image
text/plain 23.106.69.73
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.106.69.73 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: proxy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
x-rc: 10
server: proxy
content-length: 0
content-type: text/plain

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame D3EC 0
0

GET
H2

200

crum
dsum.casalemedia.com/ Frame D3EC
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=2c6578a1-3a61-8dff-9853d619

43 B
871 B

537ms
218ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=2c6578a1-3a61-8dff-9853d619
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H2
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gmw5H0pcvNP7%2BOPD9qwPrgcHQ5uZIuoOWa5wuqUxg7d9pqiAqfovgy3AgRE6%2BGtFV4Ul6PGIilEgZzqyO7xn%2B0FSFc4npee0qFq7WeV5wihcnzYgjCdqEngmVffmenGPyQhbZFUh"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7837becf4c08a96e-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Tue, 03 Jan 2023 00:51:19 GMT
via: 1.1 google
server: nginx/1.22.1
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=2c6578a1-3a61-8dff-9853d619
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D3EC
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688345479&external_user_id=c5815bdd-c0b7-4936-8850-1fa2caff48b2

43 B
766 B

303ms
197ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688345479&external_user_id=c5815bdd-c0b7-4936-8850-1fa2caff48b2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

date: Tue, 03 Jan 2023 00:51:19 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688345479&external_user_id=c5815bdd-c0b7-4936-8850-1fa2caff48b2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame D3EC 43 B
720 B 567ms
330ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y7N8BqwQYUMeBHmgYSYOGAAAEqkAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B50325QF3HRQZ2KD92P3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 09EA 2 KB
2 KB 718ms
200ms Script
text/html 67.199.150.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60428949&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.81 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 6e13ebd1bd25e13c2771f4172ebd2265c498346b80b40ab5a6f5a3ca23b8e291

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 03 Jan 2023 00:51:19 GMT
content-length: 1764
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A8DE 52 KB
17 KB 1303ms
274ms Document
text/html 23.207.180.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.207.180.187 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-180-187.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://edition.cnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 03 Jan 2023 00:51:20 GMT
ETag: "623de86a-cf34"
Expires: Wed, 04 Jan 2023 00:51:22 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5E14 16 KB
6 KB 275ms
270ms Document
text/html 23.207.180.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160262
Requested by: Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.207.180.199 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-180-199.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://edition.cnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=102878
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 03 Jan 2023 00:51:19 GMT
expires: Wed, 04 Jan 2023 05:25:57 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 0B69 3 KB
2 KB 309ms
104ms Document
text/html 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://edition.cnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 1149
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7837becd5e53a7f6-SYD
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 03 Jan 2023 00:51:19 GMT
expires: Tue, 03 Jan 2023 04:51:19 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 usync.html Show response
eus.rubiconproject.com/ Frame 6AFB 281 B
410 B 249ms
247ms Document
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://edition.cnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 03 Jan 2023 00:51:19 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=aff94688-02ef-4526-ad9d-a04002012c8a&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}

68 B
279 B

195ms
194ms

Image
image/png

18.140.14.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=aff94688-02ef-4526-ad9d-a04002012c8a&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 18.140.14.246 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-14-246.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:19 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

x-servername: track005-sjc
pragma: no-cache
date: Tue, 03 Jan 2023 00:50:36 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
content-type: text/html; charset=utf-8
location: https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=aff94688-02ef-4526-ad9d-a04002012c8a&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-length: 296
expires: -1

GET
H2

200

SPug
image4.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMsM7xF-7f7mLS7PehVcgag&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=80279269-0739-4625-9396-96E627874FEF&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Kvucd8NE2uVCiFM_CFTtoeA3gkg_Vo4-~A&gdpr=0&gdpr_consent=

0
128 B

298ms
297ms

Image
text/plain

103.231.98.195
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Kvucd8NE2uVCiFM_CFTtoeA3gkg_Vo4-~A&gdpr=0&gdpr_consent=
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Kvucd8NE2uVCiFM_CFTtoeA3gkg_Vo4-~A&gdpr=0&gdpr_consent=
date: Tue, 03 Jan 2023 00:51:20 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCOEEwN0hadmdBQUNEclh1dzNGUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Csas%2Cpp%2Cshr&bee_sync_current_partner=adx&b...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Csas%2Cpp%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB8A07HZvgAACDrXuw3FQ&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB8A07HZvgAACDrXuw3FQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cshr%26bee_sync_curr...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cshr&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3019041179730735901&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB8A07HZvgAACDrXuw3FQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D3019041179730735901%26gdpr%3D0%26gdpr_consent%3D%26bee_...
https://match.prod.bidr.io/cookie-sync?userid=3019041179730735901&gdpr=0&gdpr_consent=&bee_sync_partners=shr&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAB8A07HZvgAA...
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAB8A07HZvgAACDrXuw3FQ&gdpr=0

68 B
279 B

194ms
194ms

Image
image/png

18.140.14.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAB8A07HZvgAACDrXuw3FQ&gdpr=0
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 18.140.14.246 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-14-246.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:24 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAB8A07HZvgAACDrXuw3FQ&gdpr=0
Date: Tue, 03 Jan 2023 00:51:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://x.bidswitch.net/sync?ssp=sharethrough&user_id=be68624c-ab8d-45c8-82ff-0a52c76f09f5&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d3d875d8-4851-4570-b0ce-32e5766f697e&ssp=sharethrough&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522308695222332015&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522308695222332015&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=b3d8fbd6-c14d-40ab-988c-3db2697914d2&ssp=sharethrough&gdpr_consent=&gdpr=0
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522308695222332015&ssp=sharethrough&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232733304385000534406&ssp=sharethrough&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=419&user_id=10522308695222332015&ssp=sharethrough&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=d3d875d8-4851-4570-b0ce-32e5766f697e&seat_user_id=&seat_key=&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy=

68 B
279 B

195ms
195ms

Image
image/png

18.140.14.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=d3d875d8-4851-4570-b0ce-32e5766f697e&seat_user_id=&seat_key=&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 18.140.14.246 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-14-246.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:22 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=d3d875d8-4851-4570-b0ce-32e5766f697e&seat_user_id=&seat_key=&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy=
Date: Tue, 03 Jan 2023 00:51:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=15
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-7e742496-715d-42b9-4951-e5baa8a0d799$ip$173.245.209.33

68 B
279 B

195ms
194ms

Image
image/png

18.140.14.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-7e742496-715d-42b9-4951-e5baa8a0d799$ip$173.245.209.33
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 18.140.14.246 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-14-246.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:20 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Location: https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-7e742496-715d-42b9-4951-e5baa8a0d799$ip$173.245.209.33
Date: Tue, 03 Jan 2023 00:51:20 GMT
Connection: keep-alive
Content-Length: 172
Content-Type: text/html; charset=utf-8

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 6AFB 34 KB
10 KB 260ms
259ms Script
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 94a73b6b67576e687d6bbb8de62ab8901629628e398544c08e146331dd6d0720

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:19 GMT
content-encoding: gzip
last-modified: Tue, 03 Jan 2023 00:46:33 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=86115
content-length: 10067
expires: Wed, 04 Jan 2023 00:46:34 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 9C51 2 KB
1 KB 215ms
214ms Document
text/html 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fedition.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 459b0116a4864605b38450611ab44069fdf7d5570595e6ad121b2eef37d4aeeb

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7837bece1fabaaf9-SYD
content-encoding: br
content-type: text/html
date: Tue, 03 Jan 2023 00:51:19 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1V7xZfhGKQE9sLbgYFBpqm%2FdQ3jZo%2Bs3YQlpZg0qcvFAr7w21F%2Bq3E9%2Bvjl2Av8sTLqsRutkQr7Qm8kFE0oxk6YRv%2FLyEZMcafjt%2BPQsU%2FUpKyuuWiyz%2FB7PyeAM18P0gx%2F6ML5dpxt%2F0A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 clouds.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/ Frame 4F7A 33 KB
33 KB 191ms
191ms Image
image/jpeg 74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/clouds.jpg?1621432289394

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e68127160c729ede60a17dab7ce83a0c51729623b11e199ea296234cc02e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/970x250.html?e=69&leftOffset=0&topOffset=0&c=s0m5fe7F32&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 06:05:20 GMT
x-content-type-options: nosniff
age: 67559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33449
x-xss-protection: 0
last-modified: Wed, 19 May 2021 14:09:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Jan 2023 06:05:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC4D 0
0 200ms
200ms Fetch
image/gif 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxwgLniLekiCExysLwp-vCOAzd3rkDuVy100JeihW703RjVWYRcczP3z2QFHLf6Qn3seshHXqJuBhhcD5JMM2dKN0DAUnukgjfn-EC3pEJE3vF3Svaa-QF_iN4StThN5oidvbxQqhXqRHPDfnQM228MrgJ2nnBfHW-nhb_v64pig1bxfOoLAVLjQ7VVrWegOzh-yJMYK4sabf_Cn8WsX_Zma4yE3WikzMuLRHMoFGz_Bg4cj2rBQ7SDjaVtU4rrF1jvw2vdplTjW747J4NL4NN0X0x8Qb0icc7LpF4MmjxrFVpaLfN-CzkQRb8DqIsvmj73FPYTg&sai=AMfl-YTSxpMkqfT23UdydbxQYib_azrisqoXV0NLjJF22SKMrND6yRsMktrGHSS_a7dBHKhuD2ikKmDRRl4UjvsMxj4OrrOKjbmZLaaSjWkpyrgKtLOwwP0WlSmnEh2wa0U-T8XaPL6xHGa3Kv3oBeBaSns&sig=Cg0ArKJSzOt71n0D7KTCEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-52-74-108-197.ap-southeast-1.compute.amazonaws.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Jan 2023 00:51:19 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 1086ms
337ms Image
image/gif 23.213.141.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=bcf392ac-4829-4c08-9215-e019bf9d56ff&pageId=7322&pid=43054&debug_metadata=6XBEfbwcfg&fv=1110&ts=1672707079567&f=1&referer=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.141.184 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-141-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:20 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 1087ms
339ms Image
image/gif 23.213.141.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=bcf392ac-4829-4c08-9215-e019bf9d56ff&pageId=7322&pid=43054&slot=native&fv=1110&ts=1672707079575&f=1&referer=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.141.184 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-141-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 03 Jan 2023 00:51:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/7322/ 623 B
891 B 485ms
484ms XHR
application/json 23.207.181.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/7322/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fedition.cnn.com%2F2022%2F12%2F29%2Fbusiness%2Fjeffrey-epstein-jpmorgan-virgin-islands%2Findex.html&page=%7B%22id%22%3A7322%2C%22placements%22%3A%5B%7B%22id%22%3A43054%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A869%2C%22height%22%3A489%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22us_privacy%22%3A%221---%22%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=bcf392ac-4829-4c08-9215-e019bf9d56ff&formatVersion=1110&env=js-web&netBw=9.6&ttfb=100
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.181.47 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-181-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 506aa7dc554b9bf29c9e7f8aaa95e611a70fbb6092e1c085a3bfc3d4dc2686f5

Request headers

Accept: application/json; charset=UTF-8
Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:19 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://edition.cnn.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 428
expires: Tue, 03 Jan 2023 00:51:19 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9C51
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8906080515655609534

43 B
766 B

197ms
196ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8906080515655609534
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fedition.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Date: Tue, 03 Jan 2023 00:51:20 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 173.245.209.33; 173.245.209.33; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 71e1e776-7c63-45f4-8324-8139c4cc7077
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8906080515655609534
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Y7N8BqwQYUMeBHmgYSYOGAAAEqkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9C51 43 B
600 B 199ms
198ms Image
image/gif 52.74.108.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y7N8BqwQYUMeBHmgYSYOGAAAEqkAAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fedition.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.74.108.197 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9C51
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=325a63b3-7c07-4a00-adb9-d2776229436f

43 B
766 B

268ms
197ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=325a63b3-7c07-4a00-adb9-d2776229436f
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fedition.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

Date: Tue, 03 Jan 2023 00:51:20 GMT
Server: MT3 277 3f0ad7a master nrt-pixel-x15 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=325a63b3-7c07-4a00-adb9-d2776229436f
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 03 Jan 2023 00:51:19 GMT

GET
H2

200

Y7N8BqwQYUMeBHmgYSYOGAAAEqkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9C51
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y7N8BqwQYUMeBHmgYSYOGAAAEqkAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://pr-bh.ybp.yahoo.com/sync/casale/Y7N8BqwQYUMeBHmgYSYOGAAAEqkAAAIB

43 B
600 B

197ms
197ms

Image
image/gif

52.74.108.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y7N8BqwQYUMeBHmgYSYOGAAAEqkAAAIB

Requested by

Protocol

Server

52.74.108.197 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-108-197.ap-southeast-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/Y7N8BqwQYUMeBHmgYSYOGAAAEqkAAAIB
date: Tue, 03 Jan 2023 00:51:19 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame 9C51 42 B
181 B 631ms
196ms Image
image/gif 13.229.33.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fedition.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.229.33.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-229-33-180.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:20 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9C51
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y7N8BwAIwMzA1wAo
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y7N8BwAIwMzA1wAo&_test=Y7N8BwAIwMzA1wAo

43 B
766 B

361ms
195ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y7N8BwAIwMzA1wAo&_test=Y7N8BwAIwMzA1wAo
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fedition.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

x-served-by: cache-syd10144-SYD
pragma: no-cache
date: Tue, 03 Jan 2023 00:51:20 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1672707080.198023,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y7N8BwAIwMzA1wAo&_test=Y7N8BwAIwMzA1wAo
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9C51
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688345479&external_user_id=c5815bdd-c0b7-4936-8850-1fa2caff48b2

43 B
766 B

197ms
197ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688345479&external_user_id=c5815bdd-c0b7-4936-8850-1fa2caff48b2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fedition.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

date: Tue, 03 Jan 2023 00:51:19 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688345479&external_user_id=c5815bdd-c0b7-4936-8850-1fa2caff48b2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9C51
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=rxNhPhd2TIF2k8KJYh9dt6310SE

43 B
766 B

309ms
195ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=rxNhPhd2TIF2k8KJYh9dt6310SE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fedition.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=rxNhPhd2TIF2k8KJYh9dt6310SE
Date: Tue, 03 Jan 2023 00:51:20 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 9C51 43 B
352 B 311ms
105ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y7N8BqwQYUMeBHmgYSYOGAAA%264777
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fedition.cnn.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:19 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 8254
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7837bed14ceea87a-SYD
content-length: 43
expires: Wed, 04 Jan 2023 00:51:19 GMT

GET
H3 200 green.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/ Frame 4F7A 45 KB
46 KB 191ms
191ms Image
image/jpeg 74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/green.jpg?1621432289394

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

594b43539b8b30ee7f98d95ffa58f49f2c5572616b8dc3a8f39dd2c87250b845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/970x250.html?e=69&leftOffset=0&topOffset=0&c=s0m5fe7F32&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 06:05:20 GMT
x-content-type-options: nosniff
age: 67559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46567
x-xss-protection: 0
last-modified: Wed, 19 May 2021 14:09:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Jan 2023 06:05:20 GMT

GET
H3 200 300x600_II_atlas_.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61313748/20210505072929871/ Frame BCA1 277 KB
277 KB 218ms
217ms Image
image/jpeg 74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61313748/20210505072929871/300x600_II_atlas_.jpg?1620155264354

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

193.244.178.107.bc.googleusercontent.com

Software

sffe /

Resource Hash

6bb79c530fe8452d9fa9c84515996f86ab2405a3cd95bd6e009f240061340b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61313748/20210505072929871/index.html?e=69&leftOffset=0&topOffset=0&c=8WPWDj17LE&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 09:28:01 GMT
x-content-type-options: nosniff
age: 55398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 283938
x-xss-protection: 0
last-modified: Wed, 05 May 2021 14:29:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Jan 2023 09:28:01 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame D2A0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:368f63b3-7c08-4b00-b8c3-c28c6178bba1&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3958891285216491490
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d3d875d8-4851-4570-b0ce-32e5766f697e
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d3d875d8-4851-4570-b0ce-32e5766f697e
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=834ca1e7-f8c4-4c19-967e-c7a05af922de&user_group=1&ssp=pubmatic&bsw_param=d3d875d8-4851-4570-b0ce-32e5766f697e
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d3d875d8-4851-4570-b0ce-32e5766f697e&gdpr=&gdpr_consent=&gdpr_pd=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

307ms
307ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,max-age=86400
date: Tue, 03 Jan 2023 00:51:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Tue, 03 Jan 2023 00:51:24 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

v1 Show response
match.sharethrough.com/sync/ Frame AF85
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7N8BwAIybRK2gAF&gdpr=0&gdpr_consent=&_test=Y7N8BwAIybRK2gAF
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3D80279269-0739-4625-9396-96E627874FEF
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=80279269-0739-4625-9396-96E627874FEF

68 B
279 B

194ms
194ms

Document
image/png

18.140.14.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=80279269-0739-4625-9396-96E627874FEF
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.140.14.246 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-14-246.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-cache
content-length: 68
content-type: image/png
date: Tue, 03 Jan 2023 00:51:21 GMT

Redirect headers

cache-control: no-store, no-cache, private
date: Tue, 03 Jan 2023 00:51:20 GMT
location: https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=80279269-0739-4625-9396-96E627874FEF
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H/1.1 200
OK ecm3 Show response
s.amazon-adsystem.com/ Frame 2F5C 43 B
479 B 330ms
328ms Document
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID80279269-0739-4625-9396-96E627874FEF

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 03 Jan 2023 00:51:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: QNJ81GE2W2KB07FBCXQT

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 09EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gCeSaQc5RiWTlpbmJ4dP7w%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

10 KB
10 KB

279ms
278ms

Image
text/html

23.207.180.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 23.207.180.199 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-180-199.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:20 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=102877
accept-ranges: bytes
content-length: 5554
expires: Wed, 04 Jan 2023 05:25:57 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 09EA
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=80279269-0739-4625-9396-96E627874FEF
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=80279269-0739-4625-9396-96E627874FEF
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b3d8fbd6-c14d-40ab-988c-3db2697914d2%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7625981f-53e3-4e76-986a-4c6debaf17a1&ttd_puid=b3d8fbd6-c14d-40ab-988c-3db2697914d2%2C

95 B
122 B

232ms
231ms

Image
image/png

107.178.244.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7625981f-53e3-4e76-986a-4c6debaf17a1&ttd_puid=b3d8fbd6-c14d-40ab-988c-3db2697914d2%2C

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

Server

107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:20 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7625981f-53e3-4e76-986a-4c6debaf17a1&ttd_puid=b3d8fbd6-c14d-40ab-988c-3db2697914d2%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 353

GET
H2 200 qmap
sync.crwdcntrl.net/ Frame 09EA 49 B
264 B 208ms
204ms Image
image/gif 54.169.2.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=80279269-0739-4625-9396-96E627874FEF&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.2.85 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-2-85.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.8.152
content-length: 49
expires: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 09EA
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=80279269-0739-4625-9396-96E627874FEF&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=80279269-0739-4625-9396-96E627874FEF&sInitiator=external&gdpr=0&gdpr_consent=

42 B
570 B

281ms
281ms

Image
image/gif

119.9.108.180
RACKSPACE-AP Rack...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=80279269-0739-4625-9396-96E627874FEF&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Server: 119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:17 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:17 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=80279269-0739-4625-9396-96E627874FEF&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 09EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMsM7xF-7f7mLS7PehVcgag&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3D80279269-0739-4625-9396-96E627874FEF
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=80279269-0739-4625-9396-96E627874FEF

68 B
279 B

194ms
194ms

Image
image/png

18.140.14.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=80279269-0739-4625-9396-96E627874FEF
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 18.140.14.246 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-14-246.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:20 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=80279269-0739-4625-9396-96E627874FEF
date: Tue, 03 Jan 2023 00:51:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pubmatic
um.simpli.fi/ Frame 09EA 43 B
611 B 580ms
190ms Image
image/gif 34.124.209.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.124.209.251 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

251.209.124.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:20 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 02 Jan 2023 00:51:20 GMT

GET
H2 200 80279269-0739-4625-9396-96E627874FEF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 09EA 43 B
600 B 200ms
197ms Image
image/gif 52.74.108.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/80279269-0739-4625-9396-96E627874FEF?gdpr=0&gdpr_consent=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.74.108.197 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-108-197.ap-southeast-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 09EA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3D80279269-0739-4625-9396-96E627874FEF
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=80279269-0739-4625-9396-96E627874FEF

68 B
279 B

196ms
196ms

Image
image/png

18.140.14.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=80279269-0739-4625-9396-96E627874FEF
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 18.140.14.246 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-14-246.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:21 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=80279269-0739-4625-9396-96E627874FEF
date: Tue, 03 Jan 2023 00:51:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 ice.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/ Frame 4F7A 14 KB
14 KB 214ms
214ms Image
image/jpeg 74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/ice.jpg?1621432289394

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d0c8a1478db6041e84d91b21cd89fad29c3863aa831d0c9af8203bf8142c6a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/970x250.html?e=69&leftOffset=0&topOffset=0&c=s0m5fe7F32&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 06:05:20 GMT
x-content-type-options: nosniff
age: 67559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14523
x-xss-protection: 0
last-modified: Wed, 19 May 2021 14:09:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Jan 2023 06:05:20 GMT

GET
H2 200 iframe Show response
sync.teads.tv/ Frame CCDB 2 KB
1 KB 1189ms
452ms Document
text/html 23.213.141.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?pid=43054&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=bcf392ac-4829-4c08-9215-e019bf9d56ff&vid=ddafea11-fd15-4f80-98db-516f3c1e12f6&us_privacy=1---&1672707080069
Requested by: Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.141.184 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-141-184.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 0ec3099f598fe8d12fec0a6284e48a18615a3901bb0d011f481afe725af041de

Request headers

Referer: https://edition.cnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 708
content-type: text/html; charset=UTF-8
date: Tue, 03 Jan 2023 00:51:21 GMT
expires: Tue, 03 Jan 2023 00:51:21 GMT
pragma: no-cache
server: akka-http/10.2.9
vary: Accept-Encoding

GET
H3 200 planet.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/ Frame 4F7A 23 KB
23 KB 191ms
190ms Image
image/jpeg 74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/planet.jpg?1621432289394

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99bfa242048a38ab755266810fea19cbfef3c67e5dcbfdf5ec1509fa03c4be49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/970x250.html?e=69&leftOffset=0&topOffset=0&c=s0m5fe7F32&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 06:05:20 GMT
x-content-type-options: nosniff
age: 67560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23944
x-xss-protection: 0
last-modified: Wed, 19 May 2021 14:09:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Jan 2023 06:05:20 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A8DE 0
861 B 237ms
237ms Script
text/html 104.254.150.228
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:20 GMT
AN-X-Request-Uuid: 2f34678d-e148-4fe1-8206-6900a9beb6d1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 173.245.209.33; 173.245.209.33; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sea.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/ Frame 4F7A 34 KB
34 KB 191ms
191ms Image
image/jpeg 74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/sea.jpg?1621432289394

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7102d86a91c9aaff790f5a9a20d50ec9bbf5fbe9e47fbbd3a4b1740a0ee0e24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/970x250.html?e=69&leftOffset=0&topOffset=0&c=s0m5fe7F32&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 06:05:20 GMT
x-content-type-options: nosniff
age: 67560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35163
x-xss-protection: 0
last-modified: Wed, 19 May 2021 14:09:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Jan 2023 06:05:20 GMT

GET
H3 200 stars.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/ Frame 4F7A 9 KB
9 KB 192ms
191ms Image
image/jpeg 74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/stars.jpg?1621432289394

Requested by

Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2098fadd5d5245620a510d19eeb89637d3f7ea62eb4a5fed765085fa65d7d23c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61791623/20210519070907004/970x250.html?e=69&leftOffset=0&topOffset=0&c=s0m5fe7F32&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 06:05:20 GMT
x-content-type-options: nosniff
age: 67560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8816
x-xss-protection: 0
last-modified: Wed, 19 May 2021 14:09:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Jan 2023 06:05:20 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCDB
Redirect Chain

https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=ddafea11-fd15-4f80-98db-516f3c1e12f6&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_co...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZGRhZmVhMTEtZmQxNS00ZjgwLTk4ZGItNTE2ZjNjMWUxMmY2&us_privacy=1---

170 B
188 B

194ms
194ms

Image
image/png

142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZGRhZmVhMTEtZmQxNS00ZjgwLTk4ZGItNTE2ZjNjMWUxMmY2&us_privacy=1---

Requested by

Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=43054&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=bcf392ac-4829-4c08-9215-e019bf9d56ff&vid=ddafea11-fd15-4f80-98db-516f3c1e12f6&us_privacy=1---&1672707080069

Protocol

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:21 GMT
server: akka-http/10.2.9
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZGRhZmVhMTEtZmQxNS00ZjgwLTk4ZGItNTE2ZjNjMWUxMmY2&us_privacy=1---
cache-control: max-age=0, no-cache, no-store
content-length: 205
expires: Tue, 03 Jan 2023 00:51:21 GMT

GET
H2

200

um
sync.teads.tv/ Frame CCDB
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1672707081079
https://sync.teads.tv/um?eid=22&uid=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=

23 B
172 B

320ms
320ms

Image
image/gif

23.213.141.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=22&uid=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=43054&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=bcf392ac-4829-4c08-9215-e019bf9d56ff&vid=ddafea11-fd15-4f80-98db-516f3c1e12f6&us_privacy=1---&1672707080069
Protocol: H2
Server: 23.213.141.184 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-141-184.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Tue, 03 Jan 2023 00:51:21 GMT
pragma: no-cache
date: Tue, 03 Jan 2023 00:51:21 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.teads.tv/um?eid=22&uid=7625981f-53e3-4e76-986a-4c6debaf17a1&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 217

GET
H2

200

um
sync.teads.tv/ Frame CCDB
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1672707081079
https://sync.teads.tv/um?fp=1&eid=80&uid=046ea6f6-1f26-4972-9006-43a5b039f964&gdpr=0&gdpr_consent=

23 B
172 B

320ms
319ms

Image
image/gif

23.213.141.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?fp=1&eid=80&uid=046ea6f6-1f26-4972-9006-43a5b039f964&gdpr=0&gdpr_consent=
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=43054&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=bcf392ac-4829-4c08-9215-e019bf9d56ff&vid=ddafea11-fd15-4f80-98db-516f3c1e12f6&us_privacy=1---&1672707080069
Protocol: H2
Server: 23.213.141.184 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-141-184.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Tue, 03 Jan 2023 00:51:22 GMT
pragma: no-cache
date: Tue, 03 Jan 2023 00:51:22 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:21 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync.teads.tv/um?fp=1&eid=80&uid=046ea6f6-1f26-4972-9006-43a5b039f964&gdpr=0&gdpr_consent=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1856488
content-length: 0
expires: Tue, 03 Jan 2023 00:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame CCDB
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/teads/ddafea11-fd15-4f80-98db-516f3c1e12f6?gdpr=0&gdpr_consent=&_t=1672707081079
https://sync.teads.tv/um?eid=132&uid=y-ACw_iapE2oRBlU9ajAz4cUqExiUK0oDG._4-~A

23 B
172 B

319ms
319ms

Image
image/gif

23.213.141.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=132&uid=y-ACw_iapE2oRBlU9ajAz4cUqExiUK0oDG._4-~A
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=43054&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=bcf392ac-4829-4c08-9215-e019bf9d56ff&vid=ddafea11-fd15-4f80-98db-516f3c1e12f6&us_privacy=1---&1672707080069
Protocol: H2
Server: 23.213.141.184 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-141-184.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Tue, 03 Jan 2023 00:51:21 GMT
pragma: no-cache
date: Tue, 03 Jan 2023 00:51:21 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

date: Tue, 03 Jan 2023 00:51:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.teads.tv/um?eid=132&uid=y-ACw_iapE2oRBlU9ajAz4cUqExiUK0oDG._4-~A
content-length: 0

GET
H2

200

pixel.gif
load77.exelator.com/ Frame CCDB
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=ddafea11-fd15-4f80-98db-516f3c1e12f6_ap_au&gdpr_consent=&us_privacy=1---&_t=1672707081079
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=ddafea11-fd15-4f80-98db-516f3c1e12f6_ap_au&gdpr_consent=&us_privacy=1---&_t=1672707081079&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
344 B

940ms
308ms

Image
image/gif

89.187.162.137
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=43054&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=bcf392ac-4829-4c08-9215-e019bf9d56ff&vid=ddafea11-fd15-4f80-98db-516f3c1e12f6&us_privacy=1---&1672707080069
Protocol: H2
Server: 89.187.162.137 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 599610281.sgp.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-nzt: AVm7oocCjh//rD0LAA
x-accel-expires: @1673007198
date: Tue, 03 Jan 2023 00:51:22 GMT
x-77-pop: singaporeSG
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: a953bd23742529da0a7cb363f50d6c20
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-77-cache: HIT
x-age: 736684
accept-ranges: bytes
content-length: 43

Redirect headers

date: Tue, 03 Jan 2023 00:51:21 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 44858
tags.bluekai.com/site/ Frame CCDB 62 B
368 B 410ms
406ms Image
image/gif 23.8.97.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/44858?id=ddafea11-fd15-4f80-98db-516f3c1e12f6_ap_au&limit=1&gdpr_consent=&us_privacy=1---&_t=1672707081079
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=43054&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=bcf392ac-4829-4c08-9215-e019bf9d56ff&vid=ddafea11-fd15-4f80-98db-516f3c1e12f6&us_privacy=1---&1672707080069
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.8.97.76 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-8-97-76.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 03 Jan 2023 00:51:21 GMT
content-length: 62
content-type: image/gif

GET
H3 400 474599.gif
idsync.rlcdn.com/ Frame CCDB 0
0 277ms
276ms Image
text/plain 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/474599.gif?partner_uid=ddafea11-fd15-4f80-98db-516f3c1e12f6_au&cv=&us_privacy=1---&_t=1672707081079
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=43054&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=bcf392ac-4829-4c08-9215-e019bf9d56ff&vid=ddafea11-fd15-4f80-98db-516f3c1e12f6&us_privacy=1---&1672707080069
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame CCDB 43 B
502 B 333ms
245ms Image
image/gif 35.76.241.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212301178&puid=ddafea11-fd15-4f80-98db-516f3c1e12f6_au&_tid=ddafea11-fd15-4f80-98db-516f3c1e12f6&gdpr_consent=&us_privacy=1---&_t=1672707081079
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=43054&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=bcf392ac-4829-4c08-9215-e019bf9d56ff&vid=ddafea11-fd15-4f80-98db-516f3c1e12f6&us_privacy=1---&1672707080069
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.76.241.249 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-76-241-249.ap-northeast-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:21 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame CCDB 0
336 B 275ms
273ms Image
text/plain 52.41.136.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=teadspartner&partner_uid=ddafea11-fd15-4f80-98db-516f3c1e12f6_au&gdpr_consent=&us_privacy=1---&_t=1672707081079
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=43054&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=bcf392ac-4829-4c08-9215-e019bf9d56ff&vid=ddafea11-fd15-4f80-98db-516f3c1e12f6&us_privacy=1---&1672707080069
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.136.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-136-75.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n016-pdx-prod.krxd.net
date: Tue, 03 Jan 2023 00:51:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1672707081
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CCDB
Redirect Chain

https://sync.teads.tv/um?fp=1&eid=3&google_nid=teadstv_ab&uid=&vid=ddafea11-fd15-4f80-98db-516f3c1e12f6&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZGRhZmVhMTEtZmQxNS00ZjgwLTk4ZGItNTE2ZjNjMWUxMmY2&us_privacy=1---

170 B
188 B

194ms
194ms

Image
image/png

142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZGRhZmVhMTEtZmQxNS00ZjgwLTk4ZGItNTE2ZjNjMWUxMmY2&us_privacy=1---

Requested by

Protocol

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:21 GMT
server: akka-http/10.2.9
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZGRhZmVhMTEtZmQxNS00ZjgwLTk4ZGItNTE2ZjNjMWUxMmY2&us_privacy=1---
cache-control: max-age=0, no-cache, no-store
content-length: 204
expires: Tue, 03 Jan 2023 00:51:21 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A8DE 0
861 B 347ms
347ms Script
text/html 104.254.150.228
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 00:51:21 GMT
AN-X-Request-Uuid: 37b187eb-9893-4457-8fc3-26f0935130aa
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 173.245.209.33; 173.245.209.33; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 09EA 0
128 B 304ms
296ms Script
text/plain 103.231.98.195
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:21 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5E14 2 KB
2 KB 197ms
196ms Script
text/html 67.199.150.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4722765&p=160262&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160262
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.81 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 4453da70ec8f26edf6875232f607bddcdbf122f4b815a7d5db1e35a620ed504a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 03 Jan 2023 00:51:22 GMT
content-length: 1954
content-type: text/html; charset=UTF-8

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 84E1 35 B
467 B 491ms
488ms Document
image/gif 185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=80279269-0739-4625-9396-96E627874FEF&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160262

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Tue, 03 Jan 2023 00:51:22 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 2629
Redirect Chain

https://cm.ambientdsp.com/cm/send?vc=pmj
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=yfcabol3t2g
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8906080515655609534
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

308ms
308ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160262
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,max-age=86400
date: Tue, 03 Jan 2023 00:51:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Tue, 03 Jan 2023 00:51:22 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame CA29
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8906080515655609534&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

308ms
308ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160262
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

date: Tue, 03 Jan 2023 00:51:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Tue, 03 Jan 2023 00:51:22 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame BC66
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pGQWeaU0RHy_YkN49GFZfvZgFX-_bkMp9DUJEAvp
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

309ms
308ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160262
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

date: Tue, 03 Jan 2023 00:51:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Tue, 03 Jan 2023 00:51:22 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 0AAD
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

310ms
309ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160262
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

date: Tue, 03 Jan 2023 00:51:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Tue, 03 Jan 2023 00:51:22 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame A5BF
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rxNhPhd2TIF2k8KJYh9dt6310SE
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

309ms
308ms

Document
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160262
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

date: Tue, 03 Jan 2023 00:51:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Tue, 03 Jan 2023 00:51:22 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H/1.1 200
OK send Show response
sync-dsp.ad-m.asia/dsp/api/sync/ Frame B2A3 43 B
243 B 1276ms
325ms Document
image/gif 220.150.223.50
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160262
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS: 50.223.150.220.in-addr.arpa
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Tue, 03 Jan 2023 00:51:23 GMT
Pragma: no-cache
Server: nginx
expires: -1

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 99EE
Redirect Chain

https://gocm.c.appier.net/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6tf9rMKEC5266ec2C3yzYw

42 B
296 B

311ms
310ms

Document
image/gif

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6tf9rMKEC5266ec2C3yzYw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160262
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 03 Jan 2023 00:51:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-store
content-length: 153
content-type: text/html; charset=utf-8
date: Tue, 03 Jan 2023 00:51:23 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6tf9rMKEC5266ec2C3yzYw
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 0973 43 B
368 B 440ms
230ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160262
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Tue, 03 Jan 2023 00:51:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 5E14
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=325a63b3-7c07-4a00-adb9-d2776229436f

0
128 B

297ms
297ms

Image
text/plain

103.231.98.195
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=325a63b3-7c07-4a00-adb9-d2776229436f
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:22 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 03 Jan 2023 00:51:22 GMT
Server: MT3 277 3f0ad7a master nrt-pixel-x7 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=325a63b3-7c07-4a00-adb9-d2776229436f
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 03 Jan 2023 00:51:21 GMT

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 5E14
Redirect Chain

https://idsync.rlcdn.com/420486.gif?partner_uid=80279269-0739-4625-9396-96E627874FEF
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJxyDqTd55chhQTjf5P9HV4&google_cver=1

42 B
60 B

275ms
275ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJxyDqTd55chhQTjf5P9HV4&google_cver=1
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:23 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJxyDqTd55chhQTjf5P9HV4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 5E14
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8148565974731273334&gdpr=0&gdpr_consent=&us_privacy=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
43 B

308ms
307ms

Image
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Tue, 03 Jan 2023 00:51:22 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 5E14
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=80279269-0739-4625-9396-96E627874FEF&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=f606ee6459f20c2&is_secure=true&networkId=17100&version=1&nuid=80279269-0739-4625-9396-96E627874FEF&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJoC_CWi79IwNgjJY8AAAAAAA&expiration=1672793482&nuid=80279269-0739-4625-9396-96E627874FEF&...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
43 B

307ms
307ms

Image
text/plain

103.231.98.197
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: edition.cnn.com
URL: https://edition.cnn.com/2022/12/29/business/jeffrey-epstein-jpmorgan-virgin-islands/index.html
Protocol: H2
Server: 103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Tue, 03 Jan 2023 00:51:21 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 2023-01-03 Show response
production.dataviz.cnn.io/markets/index/DJII-USA,SP500-CME,COMP-USA/ 2 KB
876 B 308ms
308ms Fetch
application/json 65.8.11.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production.dataviz.cnn.io/markets/index/DJII-USA,SP500-CME,COMP-USA/2023-01-03
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.11.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-11-129.kul50.r.cloudfront.net
Software: uvicorn /
Resource Hash: 076cca9d50fa9aa02b5302178344f7b0316e5c7ccbaaa03769d0856cfe5d2649

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:20 GMT
content-encoding: gzip
via: 1.1 13935e9a2646099caef6302426761de0.cloudfront.net (CloudFront)
server: uvicorn
x-amz-cf-pop: KUL50-C2
age: 3
etag: W/-6100010198451334376
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
x-api-cache: Hit
cache-control: max-age=5
x-amz-cf-id: pqWUMxgEqmJ28UtXrq94U2__OD_GXYruOzUhAH_aI0J-fUW7hKX-xQ==
expires: Tue, 03 Jan 2023 00:51:25 GMT

GET
H2 200 current Show response
production.dataviz.cnn.io/index/fearandgreed/ 236 B
588 B 314ms
314ms Fetch
application/json 65.8.11.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production.dataviz.cnn.io/index/fearandgreed/current
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.11.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-11-129.kul50.r.cloudfront.net
Software: uvicorn /
Resource Hash: 2d9b902e90fce9ec57f1e4adc6560e8bb2bb7d5bf327699c02082d0d255b008b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:23 GMT
via: 1.1 13935e9a2646099caef6302426761de0.cloudfront.net (CloudFront)
server: uvicorn
x-amz-cf-pop: KUL50-C2
age: 4
etag: W/2111243889785622538
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
x-api-cache: Hit
cache-control: max-age=5
content-length: 236
x-amz-cf-id: sWBQVEzbuX-4mKdAWD6k5MaQ7V9ADP2ySPtprEfFCw_xyQg-BjblOQ==
expires: Tue, 03 Jan 2023 00:51:24 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ 0
73 B 485ms
191ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/c15ddde9-ec7d-4a49-b8ca-7a21bc4b943b/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 03 Jan 2023 00:51:24 GMT
content-length: 0
vary: Origin

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 5E14 0
128 B 298ms
297ms Script
text/plain 103.231.98.195
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=160262&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160262
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 metrics
signal-metrics-collector-beta.s-onetag.com/ 0
72 B 231ms
192ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by: Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/cnn-beacon.min.js?affiliateId=276894
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edition.cnn.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 03 Jan 2023 00:51:24 GMT
content-length: 0
vary: Origin

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 590ms
205ms XHR
application/json 172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

cafe /

Resource Hash

7df832e900b1c20088a9fb4ea825daff0d8f1f67d2166e8cbe5295665228824f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11195
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B027 15 KB
6 KB 928ms
309ms Document
text/html 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=edition.cnn.com

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://edition.cnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 03 Jan 2023 00:51:24 GMT
server: Kestrel
server-processing-duration-in-ticks: 694450
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 493ms
192ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://edition.cnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:51:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 Jan 2023 00:51:25 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame B027 425 B
550 B 311ms
310ms Fetch
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=cnn.com&sn=ChromeSyncframe&so=0&topUrl=edition.cnn.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=edition.cnn.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

67616a24cabe31ea4d574d0afc55f047096c8c09b1d9726ee6f2b429b2d88733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=edition.cnn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 00:51:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1636015
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CD43 13 KB
5 KB 193ms
190ms Document
text/html 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: d2uap9jskdzp2.cloudfront.net
URL: https://d2uap9jskdzp2.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS