urlscan.io logo urlscan.io
SecurityTrails logo

www.newsweek.com Open in urlscan Pro
99.83.219.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966#:~:text=The%20suspect%2...
Effective URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Submission: On November 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 116 IPs in 13 countries across 101 domains to perform 647 HTTP transactions. The main IP is 99.83.219.100, located in United States and belongs to AMAZON-02, US. The main domain is www.newsweek.com.
TLS certificate: Issued by Amazon on June 21st 2021. Valid for: a year.
This is the only time www.newsweek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 99.83.219.100 16509 (AMAZON-02)
45 151.139.128.11 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.186.42 16509 (AMAZON-02)
6 142.250.185.130 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
3 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
9 13.224.198.4 16509 (AMAZON-02)
1 35.186.195.222 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
5 35.190.72.161 15169 (GOOGLE)
2 34.95.69.49 15169 (GOOGLE)
2 34.206.115.172 14618 (AMAZON-AES)
13 2606:2800:234... 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
2 4 13.225.78.101 16509 (AMAZON-02)
1 104.111.219.144 16625 (AKAMAI-AS)
5 13.225.78.129 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.190.36.172 15169 (GOOGLE)
2 2600:9000:20e... 16509 (AMAZON-02)
2 3.226.53.204 14618 (AMAZON-AES)
1 2.16.186.19 20940 (AKAMAI-ASN1)
1 2.16.186.18 20940 (AKAMAI-ASN1)
20 104.19.133.78 13335 (CLOUDFLAR...)
1 23.23.108.37 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
22 2.16.186.10 20940 (AKAMAI-ASN1)
3 13.224.186.84 16509 (AMAZON-02)
3 2.16.186.34 20940 (AKAMAI-ASN1)
6 13.224.186.53 16509 (AMAZON-02)
6 107.23.223.65 14618 (AMAZON-AES)
16 13.225.78.18 16509 (AMAZON-02)
3 205.185.216.10 20446 (HIGHWINDS3)
8 2.18.233.180 16625 (AKAMAI-AS)
2 5 185.94.180.126 35220 (SPOTX-AMS)
2 35.244.174.68 15169 (GOOGLE)
5 104.244.42.200 13414 (TWITTER)
29 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 52.59.79.223 16509 (AMAZON-02)
2 185.64.190.78 62713 (AS-PUBMATIC)
6 2600:9000:21f... 16509 (AMAZON-02)
12 213.174.135.1 39572 (ADVANCEDH...)
5 6 37.157.5.142 198622 (ADFORM)
2 2 213.155.156.169 1299 (TWELVE99 ...)
1 24 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 3 151.101.66.49 54113 (FASTLY)
4 7 52.49.53.128 16509 (AMAZON-02)
13 15 142.250.186.98 15169 (GOOGLE)
1 1 162.55.6.210 24940 (HETZNER-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 216.52.31.73 29791 (VOXEL-DOT...)
3 3 213.19.147.44 26120 (RHYTHMONE)
6 10 15.197.193.217 16509 (AMAZON-02)
1 1 195.5.165.20 44968 (IPROM-AS)
2 2 87.98.242.60 16276 (OVH)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 169.197.150.8 398989 (DEEPINTENT)
5 5 185.29.132.241 30419 (MEDIAMATH...)
4 198.47.127.20 3257 (GTT-BACKB...)
3 4 51.79.83.225 16276 (OVH)
2 2 54.194.226.253 16509 (AMAZON-02)
2 2 34.254.143.3 16509 (AMAZON-02)
2 4 169.50.137.184 36351 (SOFTLAYER)
4 4 185.33.221.89 29990 (ASN-APPNEX)
1 1 3.126.56.137 16509 (AMAZON-02)
3 2a00:1288:110... 34010 (YAHOO-IRD)
3 3 2620:116:800d... 16509 (AMAZON-02)
11 11 18.197.219.57 16509 (AMAZON-02)
1 1 52.57.216.146 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 4 2001:678:cb4:... 56396 (AMOBEE)
4 4 66.155.71.25 13768 (COGECO-PEER1)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 34.102.253.54 15169 (GOOGLE)
2 2 185.33.221.15 29990 (ASN-APPNEX)
1 34.254.143.235 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
16 34.239.242.184 14618 (AMAZON-AES)
5 2a06:8640:476... 55081 (24SHELLS)
2 213.174.135.2 39572 (ADVANCEDH...)
2 54.243.44.20 14618 (AMAZON-AES)
4 209.58.175.20 59253 (LEASEWEB-...)
1 108.128.238.12 16509 (AMAZON-02)
1 2 208.92.55.233 13360 (TRITONDIG...)
1 2.16.186.9 20940 (AKAMAI-ASN1)
2 192.132.33.46 18568 (BIDTELLECT)
2 2606:2800:134... 15133 (EDGECAST)
2 13.224.186.129 16509 (AMAZON-02)
2 15 2.18.234.21 16625 (AKAMAI-AS)
2 2 2.19.35.65 16625 (AKAMAI-AS)
4 104.109.78.125 16625 (AKAMAI-AS)
4 34.237.48.88 14618 (AMAZON-AES)
12 18.233.199.60 14618 (AMAZON-AES)
2 185.64.189.111 62713 (AS-PUBMATIC)
1 2 34.248.112.127 16509 (AMAZON-02)
20 184.31.84.150 16625 (AKAMAI-AS)
24 185.94.180.124 35220 (SPOTX-AMS)
26 185.64.189.112 62713 (AS-PUBMATIC)
5 59 34.98.64.218 15169 (GOOGLE)
1 2 209.54.180.3 16509 (AMAZON-02)
1 2 52.45.237.203 14618 (AMAZON-AES)
17 2a02:fa8:8806... 41041 (VCLK-EU-SE)
7 208.80.55.87 13360 (TRITONDIG...)
30 104.19.132.78 13335 (CLOUDFLAR...)
3 69.173.144.139 26667 (RUBICONPR...)
2 2 35.212.212.222 15169 (GOOGLE)
1 104.19.217.61 13335 (CLOUDFLAR...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 109.206.161.21 50245 (SERVEREL-AS)
1 1 185.86.137.107 201081 (SMARTADSE...)
2 2 54.246.208.198 16509 (AMAZON-02)
1 104.16.199.73 13335 (CLOUDFLAR...)
1 1 198.148.27.140 19189 (PULSEPOINT)
2 4 35.186.253.211 15169 (GOOGLE)
5 5 18.196.197.61 16509 (AMAZON-02)
2 2 54.36.172.109 16276 (OVH)
1 34.98.67.61 15169 (GOOGLE)
1 1 154.59.122.79 174 (COGENT-174)
1 52.4.236.19 14618 (AMAZON-AES)
1 192.173.28.145 13360 (TRITONDIG...)
1 51.178.20.140 16276 (OVH)
1 1 2a04:4e42:400... 54113 (FASTLY)
1 151.101.1.44 54113 (FASTLY)
1 38.27.122.101 174 (COGENT-174)
1 1 54.81.207.173 14618 (AMAZON-AES)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2 54.236.81.149 14618 (AMAZON-AES)
1 1 3.227.93.166 14618 (AMAZON-AES)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 13.224.186.114 16509 (AMAZON-02)
2 18.207.50.145 14618 (AMAZON-AES)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 54.159.124.237 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
647 116
1    99.83.219.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4fb2973ac9c49f88.awsglobalaccelerator.com
www.newsweek.com
45    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
g.newsweek.com
d.newsweek.com
gc.newsweek.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    13.224.186.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-42.fra2.r.cloudfront.net
ats.rlcdn.com
6    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2600:9000:20eb:6e00:8:bd4:5580:21 (United States)

ASN16509 (AMAZON-02, US)
d275im4r3zngba.cloudfront.net
3    2600:9000:20eb:4200:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr-wrapper.privacymanager.io
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    13.224.198.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-4.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    35.186.195.222 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 222.195.186.35.bc.googleusercontent.com
query.fqtag.com
1    2600:9000:21f3:1800:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr.privacymanager.io
5    35.190.72.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com
fqtag.com
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    34.206.115.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-115-172.compute-1.amazonaws.com
myaccount.newsweek.com
stats.newsweek.com
13    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:20eb:1e00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
4    13.225.78.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-101.fra2.r.cloudfront.net
sb.scorecardresearch.com
1    104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
5    13.225.78.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-129.fra2.r.cloudfront.net
geo.privacymanager.io
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    35.190.36.172 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 172.36.190.35.bc.googleusercontent.com
cdn.fqtag.com
2    2600:9000:20eb:5200:1b:d3ea:d40:93a1 (United States)

ASN16509 (AMAZON-02, US)
vendors.privacymanager.io
2    3.226.53.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-53-204.compute-1.amazonaws.com
trinitymedia.ai
1    2.16.186.19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-19.deploy.static.akamaitechnologies.com
recirculation.spot.im
1    2.16.186.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-18.deploy.static.akamaitechnologies.com
launcher.spot.im
20    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
1    23.23.108.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-108-37.compute-1.amazonaws.com
ping.chartbeat.net
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
8    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
recommendationengine.googleapis.com
fonts.googleapis.com
22    2.16.186.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-10.deploy.static.akamaitechnologies.com
api-2-0.spot.im
3    13.224.186.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-84.fra2.r.cloudfront.net
pix.spot.im
direct-events-collector.spot.im
3    2.16.186.34 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-34.deploy.static.akamaitechnologies.com
publisher-assets.spot.im
6    13.224.186.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-53.fra2.r.cloudfront.net
pix.spot.im
events-collector.spot.im
6    107.23.223.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-223-65.compute-1.amazonaws.com
metrics-logger.spot.im
16    13.225.78.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-18.fra2.r.cloudfront.net
cmp-consent-tool.privacymanager.io
3    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
vd.trinitymedia.ai
8    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
di.rlcdn.com
5    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
29    2a02:26f0:6c00::210:ba28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static-cdn.spot.im
4    52.59.79.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-79-223.eu-central-1.compute.amazonaws.com
depart.trinitymedia.ai
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    2600:9000:21f3:f000:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
12    213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.spotim.market
p.safeservingcdn.com
player.adtelligent.com
6    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.169 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com
d5p.de17a.com
24    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
7    52.49.53.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-53-128.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
15    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    162.55.6.210 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.210.6.55.162.clients.your-server.de
csync.loopme.me
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    216.52.31.73 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: sjc-delivery-7.sys.adgear.com
cm.adgrx.com
3    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
10    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    87.98.242.60 (Saarbrücken, Germany)

ASN16276 (OVH, FR)
PTR: ip60.ip-87-98-242.eu
green.erne.co
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
5    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
4    51.79.83.225 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh
pixel.onaudience.com
2    54.194.226.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
4    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
4    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
3    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
11    18.197.219.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-219-57.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    52.57.216.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-216-146.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
4    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    34.254.143.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-235.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
16    34.239.242.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-242-184.compute-1.amazonaws.com
track1.aniview.com
5    2a06:8640:476:0:ec4:7aff:fe7e:de5e (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.adtelligent.com
2    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
p.getadcdn.com
2    54.243.44.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-44-20.compute-1.amazonaws.com
go1.aniview.com
4    209.58.175.20 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ghb.adtelligent.com
1    108.128.238.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-238-12.eu-west-1.compute.amazonaws.com
synchrobox.adswizz.com
2    208.92.55.233 (Canada)

ASN13360 (TRITONDIGITAL, CA)
playerservices.live.streamtheworld.com
1    2.16.186.9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-9.deploy.static.akamaitechnologies.com
images.spot.im
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
pbs.twimg.com
2    13.224.186.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-129.fra2.r.cloudfront.net
delivery-cdn-cf.adswizz.com
15    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
js-sec.indexww.com
2    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    34.237.48.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-48-88.compute-1.amazonaws.com
sync.aniview.com
12    18.233.199.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-199-60.compute-1.amazonaws.com
s2s.aniview.com
2    185.64.189.111 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
2    34.248.112.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-112-127.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
20    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
24    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
26    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
59    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
spot-im-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
2    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    52.45.237.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-237-203.compute-1.amazonaws.com
um2.eqads.com
17    2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
7    208.80.55.87 (Canada)

ASN13360 (TRITONDIGITAL, CA)
yield-op-idsync.live.streamtheworld.com
30    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
1    104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    185.86.137.107 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    54.246.208.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-208-198.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
5    18.196.197.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-197-61.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    54.36.172.109 (France)

ASN16276 (OVH, FR)
PTR: pl01.roqad.pl
ws.rqtrk.eu
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    52.4.236.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-236-19.compute-1.amazonaws.com
rtb.adentifi.com
1    192.173.28.145 (Canada)

ASN13360 (TRITONDIGITAL, CA)
cmod.live.streamtheworld.com
1    51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu
gu.dyntrk.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    54.81.207.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-207-173.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    54.236.81.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-81-149.compute-1.amazonaws.com
a.audrte.com
1    3.227.93.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-93-166.compute-1.amazonaws.com
sync.ipredictive.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    13.224.186.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-114.fra2.r.cloudfront.net
api.pushnami.com
2    18.207.50.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-50-145.compute-1.amazonaws.com
trc.pushnami.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    54.159.124.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-124-237.compute-1.amazonaws.com
psp.pushnami.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
72 spot.im
recirculation.spot.im
launcher.spot.im
api-2-0.spot.im
pix.spot.im
direct-events-collector.spot.im
publisher-assets.spot.im
events-collector.spot.im
metrics-logger.spot.im
static-cdn.spot.im
images.spot.im
687 KB
67 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
vid.pubmatic.com
hbopenbid.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
69 KB
63 openx.net
spot-im-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
rtb.openx.net
14 KB
50 mgid.com
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
883 KB
48 newsweek.com
www.newsweek.com
g.newsweek.com
d.newsweek.com
myaccount.newsweek.com
gc.newsweek.com
video.newsweek.com Failed
stats.newsweek.com
746 KB
40 aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
sync.aniview.com
s2s.aniview.com
447 KB
31 casalemedia.com
ssum.casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
16 KB
29 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
30 KB
27 privacymanager.io
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
vendors.privacymanager.io
cmp-consent-tool.privacymanager.io
512 KB
22 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
429 KB
18 dotomi.com
pubmatic-match.dotomi.com
web.hb.ad.cpe.dotomi.com
7 KB
18 twitter.com
platform.twitter.com
syndication.twitter.com
440 KB
11 adtelligent.com
s.adtelligent.com
player.adtelligent.com
ghb.adtelligent.com
sync.adtelligent.com Failed
9 KB
11 bidswitch.net
x.bidswitch.net
5 KB
11 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
45 KB
10 streamtheworld.com
playerservices.live.streamtheworld.com
yield-op-idsync.live.streamtheworld.com
cmod.live.streamtheworld.com
9 KB
10 adsrvr.org
match.adsrvr.org
4 KB
10 googleapis.com
imasdk.googleapis.com
recommendationengine.googleapis.com
fonts.googleapis.com
319 KB
9 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
22 KB
9 trinitymedia.ai
trinitymedia.ai
vd.trinitymedia.ai
depart.trinitymedia.ai
237 KB
8 spotim.market
sync.spotim.market Failed
player.spotim.market
hb.spotim.market Failed
344 KB
8 fqtag.com
query.fqtag.com
fqtag.com
cdn.fqtag.com
181 KB
7 pushnami.com
api.pushnami.com
trc.pushnami.com
psp.pushnami.com
100 KB
7 bidr.io
match.prod.bidr.io
3 KB
6 adnxs.com
ib.adnxs.com
secure.adnxs.com
5 KB
6 adform.net
c1.adform.net
3 KB
6 geoedge.be
rumcdn.geoedge.be
292 KB
5 w55c.net
pm.w55c.net
4 KB
5 adswizz.com
synchrobox.adswizz.com
delivery-cdn-cf.adswizz.com
synchroscript.deliveryengine.adswizz.com
21 KB
5 mathtag.com
sync.mathtag.com
3 KB
4 indexww.com
js-sec.indexww.com
6 KB
4 sitescout.com
pixel-sync.sitescout.com
1 KB
4 turn.com
ad.turn.com
2 KB
4 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
1 KB
4 simpli.fi
um.simpli.fi
2 KB
4 onaudience.com
pixel.onaudience.com
2 KB
4 scorecardresearch.com
sb.scorecardresearch.com
1 KB
3 quantserve.com
pixel.quantserve.com
1 KB
3 everesttech.net
sync-tm.everesttech.net
1003 B
3 google-analytics.com
www.google-analytics.com
20 KB
3 rlcdn.com
ats.rlcdn.com
di.rlcdn.com
58 KB
2 facebook.com
www.facebook.com
403 B
2 facebook.net
connect.facebook.net
114 KB
2 audrte.com
a.audrte.com
1 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 taboola.com
trc.taboola.com
match.taboola.com
652 B
2 rqtrk.eu
ws.rqtrk.eu
1 KB
2 360yield.com
ad.360yield.com
613 B
2 e-volution.ai
sync.e-volution.ai
918 B
2 zeotap.com
mwzeom.zeotap.com
627 B
2 creativecdn.com
creativecdn.com
687 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
759 B
2 eqads.com
um2.eqads.com
563 B
2 twimg.com
cdn.syndication.twimg.com
pbs.twimg.com
5 KB
2 bttrack.com
bttrack.com
760 B
2 getadcdn.com
p.getadcdn.com
12 KB
2 safeservingcdn.com
p.safeservingcdn.com
12 KB
2 gstatic.com
fonts.gstatic.com
60 KB
2 exelator.com
loada.exelator.com
2 KB
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 erne.co
green.erne.co
496 B
2 1rx.io
sync.1rx.io
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 clean.gg
i.clean.gg
104 B
1 cloudflare.com
cdnjs.cloudflare.com
4 KB
1 ipredictive.com
sync.ipredictive.com
522 B
1 stackadapt.com
sync.srv.stackadapt.com
649 B
1 bnmla.com
match.bnmla.com
114 B
1 dyntrk.com
gu.dyntrk.com
215 B
1 adentifi.com
rtb.adentifi.com
88 B
1 acuityplatform.com
ums.acuityplatform.com
707 B
1 mookie1.com
odr.mookie1.com
324 B
1 contextweb.com
bh.contextweb.com
496 B
1 idealmedia.io
cm.idealmedia.io
412 B
1 smartadserver.com
ssbsync.smartadserver.com
347 B
1 4dex.io
mp.4dex.io
477 B
1 lentainform.com
cm.lentainform.com
495 B
1 gumgum.com
rtb.gumgum.com
238 B
1 playground.xyz
ads.playground.xyz
433 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com
322 B
1 deepintent.com
match.deepintent.com
44 B
1 iprom.net
core.iprom.net
517 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 adgrx.com
cm.adgrx.com
408 B
1 ad4m.at
ad4m.at
915 B
1 loopme.me
csync.loopme.me
217 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
334 B
1 google.de
www.google.de
376 B
1 google.com
www.google.com
376 B
1 googlesyndication.com
pagead2.googlesyndication.com
13 KB
1 chartbeat.net
ping.chartbeat.net
201 B
1 2mdn.net
s0.2mdn.net
17 KB
1 fastclick.net
secure.cdn.fastclick.net
17 KB
1 chartbeat.com
static.chartbeat.com
14 KB
1 googletagmanager.com
www.googletagmanager.com
67 KB
1 cloudfront.net
d275im4r3zngba.cloudfront.net
38 KB
0 targetspot.com Failed
nodeny.targetspot.com Failed
647 101
Domain Requested by
41 spot-im-d.openx.net 5 redirects player.aniview.com
www.newsweek.com
30 s-img.mgid.com www.newsweek.com
jsc.mgid.com
29 static-cdn.spot.im www.newsweek.com
d275im4r3zngba.cloudfront.net
26 hbopenbid.pubmatic.com player.aniview.com
24 search.spotxchange.com player.aniview.com
22 api-2-0.spot.im d275im4r3zngba.cloudfront.net
22 d.newsweek.com www.newsweek.com
g.newsweek.com
22 g.newsweek.com www.newsweek.com
g.newsweek.com
d275im4r3zngba.cloudfront.net
20 htlb.casalemedia.com player.aniview.com
17 web.hb.ad.cpe.dotomi.com player.aniview.com
16 track1.aniview.com www.newsweek.com
player.aniview.com
16 simage2.pubmatic.com ads.pubmatic.com
16 cmp-consent-tool.privacymanager.io d275im4r3zngba.cloudfront.net
cmp-consent-tool.privacymanager.io
15 cm.g.doubleclick.net 13 redirects www.newsweek.com
u.openx.net
13 platform.twitter.com d275im4r3zngba.cloudfront.net
platform.twitter.com
12 s2s.aniview.com player.aniview.com
11 x.bidswitch.net 11 redirects
10 match.adsrvr.org 6 redirects ssum.casalemedia.com
u.openx.net
www.newsweek.com
9 c.amazon-adsystem.com www.newsweek.com
c.amazon-adsystem.com
8 eu-u.openx.net u.openx.net
8 cm.mgid.com d275im4r3zngba.cloudfront.net
www.newsweek.com
8 cdn.mgid.com www.newsweek.com
d275im4r3zngba.cloudfront.net
8 image2.pubmatic.com 1 redirects ads.pubmatic.com
8 player.spotim.market www.newsweek.com
player.spotim.market
8 ads.pubmatic.com d275im4r3zngba.cloudfront.net
ads.pubmatic.com
www.newsweek.com
7 yield-op-idsync.live.streamtheworld.com playerservices.live.streamtheworld.com
www.newsweek.com
7 match.prod.bidr.io 4 redirects ads.pubmatic.com
u.openx.net
7 fonts.googleapis.com www.newsweek.com
static-cdn.spot.im
vd.trinitymedia.ai
d275im4r3zngba.cloudfront.net
client
7 pix.spot.im d275im4r3zngba.cloudfront.net
launcher.spot.im
6 us-u.openx.net u.openx.net
6 player.aniview.com d275im4r3zngba.cloudfront.net
www.newsweek.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 rumcdn.geoedge.be d275im4r3zngba.cloudfront.net
www.newsweek.com
6 metrics-logger.spot.im d275im4r3zngba.cloudfront.net
6 securepubads.g.doubleclick.net www.newsweek.com
d275im4r3zngba.cloudfront.net
5 pm.w55c.net 5 redirects
5 ssum-sec.casalemedia.com ssum.casalemedia.com
js-sec.indexww.com
5 s.adtelligent.com www.newsweek.com
d275im4r3zngba.cloudfront.net
5 sync.mathtag.com 5 redirects
5 syndication.twitter.com platform.twitter.com
www.newsweek.com
5 sync.search.spotxchange.com 2 redirects www.newsweek.com
5 geo.privacymanager.io d275im4r3zngba.cloudfront.net
5 fqtag.com www.newsweek.com
cdn.fqtag.com
d275im4r3zngba.cloudfront.net
4 rtb.openx.net 2 redirects u.openx.net
4 u.openx.net www.newsweek.com
4 js-sec.indexww.com www.newsweek.com
4 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
um2.eqads.com
4 sync.aniview.com www.newsweek.com
ssum.casalemedia.com
4 eus.rubiconproject.com www.newsweek.com
eus.rubiconproject.com
d275im4r3zngba.cloudfront.net
4 ghb.adtelligent.com p.safeservingcdn.com
p.getadcdn.com
4 pixel-sync.sitescout.com 4 redirects
4 ad.turn.com 4 redirects
4 ib.adnxs.com 4 redirects
4 um.simpli.fi 2 redirects ads.pubmatic.com
ssum.casalemedia.com
4 pixel.onaudience.com 3 redirects ads.pubmatic.com
4 depart.trinitymedia.ai d275im4r3zngba.cloudfront.net
vd.trinitymedia.ai
4 sb.scorecardresearch.com 2 redirects www.newsweek.com
3 api.pushnami.com d275im4r3zngba.cloudfront.net
3 pixel.quantserve.com 3 redirects
3 pr-bh.ybp.yahoo.com ads.pubmatic.com
u.openx.net
3 sync-tm.everesttech.net 2 redirects ssum.casalemedia.com
3 vd.trinitymedia.ai d275im4r3zngba.cloudfront.net
trinitymedia.ai
3 publisher-assets.spot.im d275im4r3zngba.cloudfront.net
www.newsweek.com
3 www.google-analytics.com d275im4r3zngba.cloudfront.net
www.newsweek.com
www.google-analytics.com
3 gdpr-wrapper.privacymanager.io www.newsweek.com
d275im4r3zngba.cloudfront.net
cmp-consent-tool.privacymanager.io
2 psp.pushnami.com d275im4r3zngba.cloudfront.net
2 www.facebook.com
2 trc.pushnami.com d275im4r3zngba.cloudfront.net
2 connect.facebook.net d275im4r3zngba.cloudfront.net
2 a.audrte.com 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 ws.rqtrk.eu 2 redirects
2 ad.360yield.com 2 redirects
2 sync.e-volution.ai 2 redirects
2 mwzeom.zeotap.com www.newsweek.com
ads.pubmatic.com
2 creativecdn.com 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 token.rubiconproject.com www.newsweek.com
eus.rubiconproject.com
2 simage4.pubmatic.com ads.pubmatic.com
2 um2.eqads.com 1 redirects ssum.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 synchroscript.deliveryengine.adswizz.com 1 redirects delivery-cdn-cf.adswizz.com
2 vid.pubmatic.com player.aniview.com
2 secure-assets.rubiconproject.com 2 redirects
2 ssum.casalemedia.com 1 redirects www.newsweek.com
2 delivery-cdn-cf.adswizz.com vd.trinitymedia.ai
synchroscript.deliveryengine.adswizz.com
2 bttrack.com s.adtelligent.com
2 playerservices.live.streamtheworld.com 1 redirects www.newsweek.com
2 go1.aniview.com player.aniview.com
2 player.adtelligent.com player.spotim.market
2 p.getadcdn.com www.newsweek.com
p.getadcdn.com
2 p.safeservingcdn.com www.newsweek.com
p.safeservingcdn.com
2 fonts.gstatic.com fonts.googleapis.com
2 secure.adnxs.com 2 redirects
2 loada.exelator.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 green.erne.co 2 redirects
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 di.rlcdn.com www.newsweek.com
2 jsc.mgid.com www.newsweek.com
2 trinitymedia.ai d275im4r3zngba.cloudfront.net
2 vendors.privacymanager.io d275im4r3zngba.cloudfront.net
2 cdn.fqtag.com d275im4r3zngba.cloudfront.net
2 i.clean.gg d275im4r3zngba.cloudfront.net
2 imasdk.googleapis.com www.newsweek.com
d275im4r3zngba.cloudfront.net
1 cdnjs.cloudflare.com d275im4r3zngba.cloudfront.net
1 sync.ipredictive.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 match.bnmla.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 gu.dyntrk.com www.newsweek.com
1 cmod.live.streamtheworld.com www.newsweek.com
1 rtb.adentifi.com www.newsweek.com
1 ums.acuityplatform.com 1 redirects
1 odr.mookie1.com www.newsweek.com
1 bh.contextweb.com 1 redirects
1 cm.idealmedia.io www.newsweek.com
1 pixel.rubiconproject.com www.newsweek.com
1 ssbsync.smartadserver.com 1 redirects
1 mp.4dex.io www.newsweek.com
1 cm.lentainform.com www.newsweek.com
1 servicer.mgid.com d275im4r3zngba.cloudfront.net
1 c.mgid.com d275im4r3zngba.cloudfront.net
1 pbs.twimg.com www.newsweek.com
1 cdn.syndication.twimg.com platform.twitter.com
1 images.spot.im www.newsweek.com
1 synchrobox.adswizz.com vd.trinitymedia.ai
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 ad4m.at ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 events-collector.spot.im d275im4r3zngba.cloudfront.net
1 direct-events-collector.spot.im launcher.spot.im
1 recommendationengine.googleapis.com www.newsweek.com
1 www.google.de www.newsweek.com
1 www.google.com www.newsweek.com
1 stats.newsweek.com d275im4r3zngba.cloudfront.net
1 pagead2.googlesyndication.com srcdoc
1 stats.g.doubleclick.net www.google-analytics.com
1 ping.chartbeat.net www.newsweek.com
1 launcher.spot.im d275im4r3zngba.cloudfront.net
1 recirculation.spot.im d275im4r3zngba.cloudfront.net
1 s0.2mdn.net d275im4r3zngba.cloudfront.net
1 gc.newsweek.com d275im4r3zngba.cloudfront.net
1 secure.cdn.fastclick.net d275im4r3zngba.cloudfront.net
1 static.chartbeat.com d275im4r3zngba.cloudfront.net
1 myaccount.newsweek.com g.newsweek.com
1 gdpr.privacymanager.io gdpr-wrapper.privacymanager.io
1 query.fqtag.com www.newsweek.com
1 www.googletagmanager.com www.newsweek.com
1 d275im4r3zngba.cloudfront.net www.newsweek.com
1 ats.rlcdn.com www.newsweek.com
1 www.newsweek.com www.newsweek.com
0 nodeny.targetspot.com Failed www.newsweek.com
0 sync.adtelligent.com Failed s.adtelligent.com
0 hb.spotim.market Failed player.spotim.market
0 sync.spotim.market Failed www.newsweek.com
ads.pubmatic.com
0 video.newsweek.com Failed www.newsweek.com
647 176
Subject Issuer Validity Valid
*.newsweek.com
Amazon		 2021-06-21 -
2022-07-20		 a year crt.sh
g.newsweek.com
R3		 2021-11-13 -
2022-02-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.fqtag.com
R3		 2021-09-09 -
2021-12-08		 3 months crt.sh
d.newsweek.com
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2021-10-22 -
2022-01-20		 3 months crt.sh
newsweek.com
Amazon		 2020-12-29 -
2022-01-27		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2021-03-11 -
2022-03-15		 a year crt.sh
gc.newsweek.com
R3		 2021-11-12 -
2022-02-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
trinitymedia.ai
Sectigo ECC Domain Validation Secure Server CA		 2020-12-15 -
2021-12-15		 a year crt.sh
spot.im
R3		 2021-10-24 -
2022-01-22		 3 months crt.sh
*.spot.im
DigiCert SHA2 Secure Server CA		 2021-10-04 -
2022-10-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
vd.trinitymedia.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-12-15 -
2021-12-15		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
depart.trinitymedia.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-12-28 -
2021-12-28		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
gw.geoedge.be
Amazon		 2021-10-13 -
2022-11-10		 a year crt.sh
*.spotim.market
ZeroSSL RSA Domain Secure Site CA		 2021-09-30 -
2021-12-29		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-11-03 -
2022-02-02		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-04 -
2022-01-02		 3 months crt.sh
p.safeservingcdn.com
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
p.getadcdn.com
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-28 -
2021-11-27		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-09 -
2022-01-07		 3 months crt.sh
*.adswizz.com
Amazon		 2021-08-21 -
2022-09-19		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon		 2021-03-16 -
2022-04-14		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
*.live.streamtheworld.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2022-05-10		 2 years crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.dyntrk.com
R3		 2021-10-23 -
2022-01-21		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-22 -
2021-11-20		 3 months crt.sh
*.pushnami.com
Amazon		 2021-04-18 -
2022-05-17		 a year crt.sh

This page contains 70 frames:

Primary Page: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Frame ID: 79578038098F8948180EFECA86FB9487
Requests: 388 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: E1053D79E849B92DC5FA2461C4B675CB
Requests: 1 HTTP requests in this frame

Frame: https://jsc.mgid.com/n/e/newsweek.com.734388.js?t=2021101312
Frame ID: D673D6A766FC611312D53205BE901C53
Requests: 21 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.newsweek.com
Frame ID: 9518AAADD2A372B67410C91FF5826EED
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BA59CA639918D9B5BD18E741FA5C98FE
Requests: 1 HTTP requests in this frame

Frame: https://cmp-consent-tool.privacymanager.io/latest/index.html
Frame ID: 5AC5187C0BB834274AAF1E4F303CF834
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 610ABD32A138A724E3870D594C251C03
Requests: 23 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap
Frame ID: CA85331666B56D9899A4A5013605F25E
Requests: 1 HTTP requests in this frame

Frame: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&unitId=2601060880&userId=10531018-3866-43aa-8db6-53be8c16dd4c&isLegacyBrowser=false&version=20211111_d96f0eed84759cbdd8529e33c898a8bf0d5003f2&useCFCDN=0&themeId=140
Frame ID: 5D5904ADADE947C06AA3EE29F449C983
Requests: 23 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: 6FC1F28C1E02E47CAB6A948CCABA2B67
Requests: 12 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: D2303BA762EC8BC97A572D40D334DC2B
Requests: 12 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E8A3413E-B039-465D-BAAD-4DAC41B05914
Frame ID: 558D86B85F655A5C0884F8528BAF59C5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5023303151511653049
Frame ID: 95094BA9F3ACB0DBC0D62DCAC1CF148D
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 12896C6A8BFE7D3DD668AD076C1AFB04
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7030031783265892502
Frame ID: E5DB85D6FA2BFB661E1660D10DB223D0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YY_wqQAEOa-dogBR&gdpr=0&gdpr_consent=&_test=YY_wqQAEOa-dogBR
Frame ID: 285ED3B4B74012FF7953F2B70B71097C
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 9462274F784F80B1FB9C199CF308E2C8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: ACC452E61B8CE5060D6AC50E4DFBCE8E
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 505885B63A8475F8D05931AE7B85FFB9
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 92A2482C209B91D25099B575AC3CDCBE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-550987c7-3be2-4f4b-b182-16307aaa3443-003
Frame ID: BC246E6114AB6BBC1FB1FA6C0219C6D1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=55814649584895
Frame ID: CB3D228D08B1399E7BCD8493C76B9F2B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=XaiZl4WjbSGlhM0ClR0qXz2x
Frame ID: DC999B6DFB02965DE22C3DCF821F1708
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C07B0FF71F5227927270BB3EB1BBBBA3
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 1DC88F22F6FAA8539C85FFCEB35D0C31
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=E8A3413E-B039-465D-BAAD-4DAC41B05914
Frame ID: E45A4BACC44AF48956271C363E0F9941
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1459450061696417792&lang=en&origin=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0&siteScreenName=newsweek&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Frame ID: 0F9D17625079EEB8B2586157EF814AE4
Requests: 16 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=572165
Frame ID: 014EEC9F2100350C8B0B0F112A36EF21
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=654586
Frame ID: 4A0C18D2513780AD214E40F65F9F6842
Requests: 2 HTTP requests in this frame

Frame: https://p.safeservingcdn.com/prebidlink/18944/j.html?i=11598
Frame ID: 793FF2BD39E2A2443CA67587EDE269EA
Requests: 4 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=572165
Frame ID: CCDD2259AA47787277369A176E2F4AE5
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=654586
Frame ID: 4AC5E558B63A129F72C2A189FA500900
Requests: 2 HTTP requests in this frame

Frame: https://p.getadcdn.com/prebidlink/18944/j.html?i=11601
Frame ID: DCDABBB93B6BFCD9E43685B7DD549C50
Requests: 4 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 5141D12A80051CAAE1F344CCF5747E51
Requests: 3 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 40C72408372D24D52B82B316D718847C
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D&s=190025&C=1
Frame ID: B89E445F4D3C8400355836B30CC353F2
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: 8004F52963D10431E6DDBD6061FD913D
Requests: 3 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=55&key=7652432736333484131
Frame ID: 41E6CC46720C19A4E80BC626374055B2
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=2&key=f15a8bf8-447d-11ec-89bf-14f0ef8b0406
Frame ID: 00406394AC694C4AA5878000F46202D0
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
Frame ID: 25235CA7D396F52D200E4259C05D9E8B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 774CD7931ABCB50EA7E4EB7DF231787B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D1%26key%3D
Frame ID: D2BE815C11BC86BAD3D68E39F1F9B734
Requests: 1 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: FAE7CC442876AD77FC3F10B962A1072F
Requests: 2 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: CABE97FAFB5CE8A9535EF69A904E23F4
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1636806828086627336872
Frame ID: 0F700ED76835EDC08FDA84783DCEAAC2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 8CF9CCACFB82BDFD94504537BCC3E1FF
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 7B2C233F8BDF6AFAA2A457FB77155269
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Frame ID: 84B0EA5C5004ABCBC01A06E2A46651CB
Requests: 8 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5550CE20FD46C96C0DB961A907EF2135
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Frame ID: E6633BDF4E094946D9590726968DB54C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EC593F4DF5385CCE3A9D7F6D6507EFE3
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4B4F4035EA9D3F8258C559616B8C7B99
Requests: 7 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 85DBDF59AB3CFD35B6449BCCEB307385
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Frame ID: D802E764D40A4B34C0C0595C479B4DF9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Frame ID: 48265449D79EFB0B2C5764DFEDED4D9E
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 1CF0FEE8AA700A72019BB96C5D8C5ED6
Requests: 7 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: EC1EE2D78136CF7A6F410146B2C96615
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CE71BD0298532A5366292D57D9355BF9
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B735E06CF4F25451903F7439978801A6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://www.newsweek.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B02770AE1238273DBC2B6959333579FF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://www.newsweek.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1618C838EB8BD1AF357415D08176DFA9
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://www.newsweek.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5BAFCA4DC75EA47A99140DC9414CE04F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://www.newsweek.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5B8D4A55132AA293A584AC3B2D59DA99
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=74f28eae-bb41-4be8-98ef-2cc8ff2cdf47-tuct889362c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 77A0AA00DDA79F64C1CEFB656CCA1639
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: EBCC9CBC21F18D94AD50F10C1FDA676A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:LjRkZnva1MLSe85&gdpr=0&gdpr_consent=
Frame ID: 10DCCCF2600484D2C6A9737C7554C425
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DC16BD8812594D63B2B9EA6DEEC5A06C
Frame ID: B8ACAABD620E8DC6A7A2BFBADDFFD248
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=So-YXIF7Rb1uAbJtKWXtUFvHdkg
Frame ID: 82BDD7D01742AA598BC2D83FC158053A
Requests: 1 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 84669FE3445E03169F6678BD0CF350CF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 13F5BCBA3CE225772EED43B88E9D6CDA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FBI Email System Reportedly Hacked to Send Fake DHS Cyberattack Messages

Page Statistics

647
Requests

85 %
HTTPS

23 %
IPv6

101
Domains

176
Subdomains

116
IPs

13
Countries

6319 kB
Transfer

20672 kB
Size

158
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://sb.scorecardresearch.com/b?c1=2&c2=6972086&ns__t=1636806823505&ns_c=UTF-8&c8=FBI%20Email%20System%20Reportedly%20Hacked%20to%20Send%20Fake%20DHS%20Cyberattack%20Messages&c7=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6972086&ns__t=1636806823505&ns_c=UTF-8&c8=FBI%20Email%20System%20Reportedly%20Hacked%20to%20Send%20Fake%20DHS%20Cyberattack%20Messages&c7=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&c9=
Request Chain 122
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=7652432736333484131
Request Chain 123
  • https://sync.search.spotxchange.com/partner?source=211945 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=f15a8c34-447d-11ec-89bf-14f0ef8b0406
Request Chain 124
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPf157655a-447d-11ec-8f6a-02b4e0b7a90e HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPf157655a-447d-11ec-8f6a-02b4e0b7a90e&verify=true HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-nBsut8FE2uHQCtbGE5dmYbdVxvLWfBcg~A~UPf157655a-447d-11ec-8f6a-02b4e0b7a90e
Request Chain 125
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=f15a8ddf-447d-11ec-88db-186cd56e0506 HTTP 302
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=f15a8bf8-447d-11ec-89bf-14f0ef8b0406
Request Chain 172
  • https://c1.adform.net/serving/cookie/match?party=14&cid=E8A3413E-B039-465D-BAAD-4DAC41B05914 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E8A3413E-B039-465D-BAAD-4DAC41B05914
Request Chain 173
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5023303151511653049
Request Chain 175
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7030031783265892502
Request Chain 176
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YY_wqQAEOa-dogBR HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YY_wqQAEOa-dogBR&gdpr=0&gdpr_consent=&_test=YY_wqQAEOa-dogBR
Request Chain 177
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGS2RrN0RIMkVBQUNtbEctN2M0dw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 178
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 181
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5148039591 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5148039591 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/df68f151-ab4d-403f-9f99-5ef5e520a685 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-550987c7-3be2-4f4b-b182-16307aaa3443-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-550987c7-3be2-4f4b-b182-16307aaa3443-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-550987c7-3be2-4f4b-b182-16307aaa3443-003
Request Chain 182
  • https://core.iprom.net/cookiesync HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=55814649584895
Request Chain 183
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=XaiZl4WjbSGlhM0ClR0qXz2x
Request Chain 184
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6KNBPrA5Rl26rU2sQbBZFA%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6KNBPrA5Rl26rU2sQbBZFA%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 188
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=37b3618f-b0a9-4000-bde0-8190339c62d1
Request Chain 189
  • https://pixel.onaudience.com/?partner=214&mapped=E8A3413E-B039-465D-BAAD-4DAC41B05914 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f4a03b1560606725037a1ef00fd5a29c HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=df68f151-ab4d-403f-9f99-5ef5e520a685&icm HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9211cc3ed059bf1acbbcb99efaca1297
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RThBMzQxM0UtQjAzOS00NjVELUJBQUQtNERBQzQxQjA1OTE0&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RThBMzQxM0UtQjAzOS00NjVELUJBQUQtNERBQzQxQjA1OTE0&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELsC0JqqipN6JlWTxLSOEhI&google_cver=1
Request Chain 193
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d337618f-b0a9-4000-804c-2a0da40c5b92&gdpr=0&gdpr_consent=
Request Chain 194
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6227458662698629402
Request Chain 195
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=df68f151-ab4d-403f-9f99-5ef5e520a685
Request Chain 196
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7652432736333484131&gdpr=0&gdpr_consent=
Request Chain 197
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E8A3413E-B039-465D-BAAD-4DAC41B05914&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z65lbNlE2uUsXl18cPfPw5l17qhze6s-~A&gdpr=0&gdpr_consent=
Request Chain 199
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=p-11sfPsLLa87Xng8L9g46DvfuG85Hnvqb8RXAsY
Request Chain 200
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=aedfd784-7c69-4ba6-a150-35f267800208&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_2daa2267-df23-45b9-8bcc-56333d1b2257&bsw_param=aedfd784-7c69-4ba6-a150-35f267800208&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=aedfd784-7c69-4ba6-a150-35f267800208&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 202
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3878890920847137775&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 203
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 204
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:8a041eef-95b8-41a7-8c43-4863e3b33ce0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 205
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7652432736333484131
Request Chain 298
  • https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=172423 HTTP 302
  • https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=172423&bounce=true
Request Chain 300
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Request Chain 301
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Request Chain 317
  • https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D&s=190025&C=1
Request Chain 318
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 319
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=55&key=7652432736333484131
Request Chain 320
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D2%26key%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=2&key=f15a8bf8-447d-11ec-89bf-14f0ef8b0406
Request Chain 321
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
Request Chain 326
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827307&vwd=400&vht=300 HTTP 302
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827307&vwd=400&vht=300 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 332
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253 HTTP 302
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjI1N2Q4MjctZDE2MS02ZTEwLTcxOTUtMWI5NjhkZmFiMjU1
Request Chain 333
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647353&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253 HTTP 302
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647353&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 334
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253 HTTP 302
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 335
  • https://spot-im-d.openx.net/v/1.0/av?auid=545638986&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253 HTTP 302
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545638986&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 352
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY-wqxjwO3d87n6xxUDOxAAABJUAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY-wqxjwO3d87n6xxUDOxAAABJUAAAIB&dcc=t
Request Chain 354
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YY.wqxjwO3d87n6xxUDOxAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGpxxnf19RKxZi2WNy82lYM&google_cver=1&gdpr=1&google_hm=2
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YY-wqxjwO3d87n6xxUDOxAAABJUAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPPzA50Xg8d6VRCS12yIi3I&google_cver=1
Request Chain 357
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639398827
Request Chain 358
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 361
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 372
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827307&vwd=400&vht=300 HTTP 302
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827307&vwd=400&vht=300
Request Chain 373
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253 HTTP 302
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
Request Chain 374
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253 HTTP 302
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
Request Chain 375
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647353&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253 HTTP 302
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647353&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
Request Chain 376
  • https://spot-im-d.openx.net/v/1.0/av?auid=545638986&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253 HTTP 302
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545638986&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
Request Chain 447
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 449
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=ed3fc32a-1ee4-48c6-b18d-8d0449b3c158
Request Chain 451
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=R3Ih0TYimkeiWqiJQpMi&pi=mgid&tc=1
Request Chain 452
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=ladM0btP5Rx4 HTTP 302
  • https://mp.4dex.io/setuid?bidder=bidswitch&uid=aedfd784-7c69-4ba6-a150-35f267800208&gdpr=&gdpr_consent=&us_privacy=
Request Chain 453
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=df68f151-ab4d-403f-9f99-5ef5e520a685&ttl=1639398828
Request Chain 455
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=ladM0btP5Rx4 HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=2044897065896456539&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 456
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=XaiZl4WjbSGlhM0ClR0qXz2x&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=aedfd784-7c69-4ba6-a150-35f267800208&gdpr=&gdpr_consent=&us_privacy=
Request Chain 457
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=9b3313a6-e6bf-4ef0-978d-055bd6ef2df0
Request Chain 458
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGFkTTBidFA1Ung0&muidn=ladM0btP5Rx4 HTTP 302
  • https://cm.mgid.com/google?muidn=ladM0btP5Rx4&google_ula={guid},5&google_gid=CAESEEjExcwGFxMy4-xjLm61woo&google_cver=1
Request Chain 488
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFKdk7DH2EAACmlG-7c4w&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 489
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d337618f-b0a9-4000-804c-2a0da40c5b92
Request Chain 490
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NxsfrWMaRqosGxP8YEkK_zAZFP0sEhPzOUm6ZYNH
Request Chain 491
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6227458662698629402
Request Chain 494
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFKdk7DH2EAACmlG-7c4w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=1&ev=AAFKdk7DH2EAACmlG-7c4w&pid=558502&do=add
Request Chain 495
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d337618f-b0a9-4000-804c-2a0da40c5b92
Request Chain 496
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NxsfrWMaRqosGxP8YEkK_zAZFP0sEhPzOUm6ZYNH
Request Chain 497
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6227458662698629402
Request Chain 502
  • https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3878890920847137775&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 503
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=QW6B0bGQiZqCAQ2YlAFGjw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 505
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LjRkZnva1MLSe85
Request Chain 506
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=openx&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=aedfd784-7c69-4ba6-a150-35f267800208
Request Chain 507
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7652432736333484131
Request Chain 508
  • https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3878890920847137775&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 509
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=QW6B0bGQiZqCAQ2YlAFGjw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 511
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LjRkZnva1MLSe85
Request Chain 512
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=openx&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=aedfd784-7c69-4ba6-a150-35f267800208
Request Chain 513
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7652432736333484131
Request Chain 516
  • https://ib.adnxs.com/getuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=$UID&pubId=28113 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=7652432736333484131&pubId=28113
Request Chain 518
  • https://x.bidswitch.net/sync?ssp=triton&stn=T_I_M HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=aedfd784-7c69-4ba6-a150-35f267800208&ssp=triton&gdpr=&gdpr_consent=
Request Chain 520
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Daw%26uid%3D%24%7BUID%7D%26pubId%3D28113 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=aw&uid=45010bbee659c47fc5a3cef2f41b7944&pubId=28113
Request Chain 521
  • https://ums.acuityplatform.com/tum?umid=133&uid=f7914556-1b99-4301-8bca-4a7ca386e87b&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubId%3D28113 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=622165913475&pubId=28113
Request Chain 523
  • https://sync.mathtag.com/sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D28113 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=d337618f-b0a9-4000-804c-2a0da40c5b92&pubId=28113
Request Chain 524
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D28113 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=cto&uid=no-consent&pubId=28113
Request Chain 525
  • https://cm.g.doubleclick.net/pixel?google_nid=triton&google_sc&google_cm&stn=T_I_M HTTP 302
  • https://cmod.live.streamtheworld.com/cookiesync/pixel.gif?partner=dbm&uid=CAESECu_9824IzXmMKCNnw5Fd60&stn=T_I_M&google_cver=1
Request Chain 527
  • https://ad.turn.com/r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D28113 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=3878890920847137775&pubId=28113
Request Chain 530
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=74f28eae-bb41-4be8-98ef-2cc8ff2cdf47-tuct889362c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 532
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:LjRkZnva1MLSe85&gdpr=0&gdpr_consent=
Request Chain 533
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DC16BD8812594D63B2B9EA6DEEC5A06C
Request Chain 534
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=So-YXIF7Rb1uAbJtKWXtUFvHdkg
Request Chain 535
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E8A3413E-B039-465D-BAAD-4DAC41B05914&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E8A3413E-B039-465D-BAAD-4DAC41B05914&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E8A3413E-B039-465D-BAAD-4DAC41B05914&addseg=19,36,42
Request Chain 536
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E8A3413E-B039-465D-BAAD-4DAC41B05914&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E8A3413E-B039-465D-BAAD-4DAC41B05914&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 538
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E8A3413E-B039-465D-BAAD-4DAC41B05914 HTTP 302
  • https://a.audrte.com/p
Request Chain 539
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f3c3aacb-447d-11ec-9781-7194727bb9b2&gdpr=0&gdpr_consent=
Request Chain 544
  • https://sb.scorecardresearch.com/c2/6972086/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js

647 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
www.newsweek.com/ 		228 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.219.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4fb2973ac9c49f88.awsglobalaccelerator.com
Software
/
Resource Hash
bc239d6547dbb8200bc536bb57c6021eb12d93eb8c8ec785059534cd71f1da2f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-type
text/html; charset=UTF-8
content-length
51836
cache-control
public, max-age=3600
vary
Accept-Encoding
content-encoding
gzip
x-b
V6.3-1 web1
age
1998
x-cache
hit cached
x-cache-hits
149
x-forwarded-for
91.199.118.72
x-ua-device
desktop
x-debug
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=86400; includeSubDomains
accept-ranges
bytes
robotocondensed-bold-webfont.woff2
g.newsweek.com/www/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/www/fonts/robotocondensed-bold-webfont.woff2
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
584c77a6f70354f4e4f5a7630ab2a362c2d946d99e8bfee1f0fbed2e085e6987
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 16:24:02 GMT
server
Apache
etag
"1635179042"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds015.ml1.hn,1636806823.cds217.ml1.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
20051
robotocondensed-regular-webfont.woff2
g.newsweek.com/www/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/www/fonts/robotocondensed-regular-webfont.woff2
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
388af73744b09132aa6a876cf3534a0dc298c8f907d3f1d3747c9cc77e377709
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 09:49:37 GMT
server
Apache
etag
"1613382577"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds015.ml1.hn,1636806823.cds022.ml1.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
20051
Genericons.woff2
g.newsweek.com/www/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/www/fonts/Genericons.woff2
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
ceea53e44ec565f4238f76684d3c16fe2c0806d7d0208678105d6f64320b8e56
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Sat, 20 Feb 2021 07:01:41 GMT
server
Apache
etag
"1613804501"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds015.ml1.hn,1636806823.cds024.ml1.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
10711
btf.css
g.newsweek.com/sys/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/css/btf.css?v=1636752057
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
d9c2502c20756ad4e93fa04c37dfd7e8e11fa44cb2fd32f33231d496b8cb493d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 21:21:34 GMT
server
Apache
etag
"1636752094"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds207.ml1.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
1230
btf_article.css
g.newsweek.com/sys/css/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/css/btf_article.css?v=1636752057
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
9a7d43fb69c7d6aa3963384c2e2c75b4effa00916db86c0d5f155896243d3ed9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 21:21:34 GMT
server
Apache
etag
"1636752094"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds219.ml1.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
7771
editor.css
g.newsweek.com/sys/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/css/editor.css?v=1636752057
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
0e053801f5ad997ee119aa361de6af141f95d529dda51ffd9881efd7a28e0160
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 21:21:34 GMT
server
Apache
etag
"1636752094"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds223.ml1.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
5056
more_slideshows_inline.css
g.newsweek.com/sys/css/ 		788 B
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/css/more_slideshows_inline.css?v=1636752057
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
fc6686761d3664feb55c6717335a43fcc4f9546505e3c1fd2d5c8bdb807b3b24
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 21:21:34 GMT
server
Apache
etag
"1636752094"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds015.ml1.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
412
in_text_slideshows_inline.css
g.newsweek.com/sys/css/ 		1 KB
526 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/css/in_text_slideshows_inline.css?v=1636752057
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
c829f9d67ab7851c5ce62820191525d4581aa26bc0a18f6cba0b5af2c7912dd6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 21:21:34 GMT
server
Apache
etag
"1636752094"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds012.ml1.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
431
f975cb2dee59c2867351daea194bffe3.css
g.newsweek.com/sys/css/ 		62 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/css/f975cb2dee59c2867351daea194bffe3.css?v=1636752057
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
687d152ab8d45cbb766fb71b9c0fd9d14c9f19fdbb0fa250b8663f2a0ff726b2
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 21:23:11 GMT
server
Apache
etag
"1636752191"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds006.ml1.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
14805
07bba1a9c30c8f01d28d980808d6b064.js
g.newsweek.com/sys/js/ 		620 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/js/07bba1a9c30c8f01d28d980808d6b064.js?v=1636752057
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
90d12e4fe02622058f8601a9907aedb266e0a16d613d24122c6ddef19281369f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 21:23:11 GMT
server
Apache
etag
"1636752191"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds214.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
176616
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		368 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
clear
content-length
125138
x-xss-protection
0
expires
Sat, 13 Nov 2021 12:33:43 GMT
0de03fe31c255c3b42735734054fef19.js
g.newsweek.com/sys/js/ 		135 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/js/0de03fe31c255c3b42735734054fef19.js?v=1636752057
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
706140393e998e0f826da74293261c79caa5cee0100f4ab00312d3ab7267d199
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 21:21:34 GMT
server
Apache
etag
"1636752094"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds033.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
43385
ats.js
ats.rlcdn.com/ 		185 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
sCfIJpeEYSsr1Erp9JPQ5XALijjlTltt
content-encoding
br
etag
W/"a8f24de78b4dc3ecbbff83b08aa9e411"
age
40137
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6a2bb6c4-0bf5-4773-8a36-cefcec4742e6
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
014263e4dda4020061af64b081a8e627
last-modified
Fri, 05 Nov 2021 09:22:31 GMT
server
AmazonS3
date
Sat, 13 Nov 2021 01:24:47 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
4ad1795a3ae6c6b7b8c516c7d218d3ef7f69c9d8f4459e5652ddcd4b5ef110bd
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
content-type
application/x-javascript
x-amz-cf-id
JTtqNVutHS7UiJlekm1h9ZDBtJ75KrIt0_KpkWmycsRPl62fZY7fsQ==
prebid.js
g.newsweek.com/www/js/ 		446 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/www/js/prebid.js?v=6.1.0
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
de05b8db19b9e3d5e77196d517f5be875ab0a91d7eb005bfd6ef5fb9f500d933
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 08:17:54 GMT
server
Apache
etag
"1636618674"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds212.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
140233
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
2231cc2675089160d0dc3639efe8205cca08f8cced8ab45178afcfb3bfc8df27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1042 / 31 of 1000 / last-modified: 1636758328"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26737
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 Nov 2021 12:33:43 GMT
script.js
d275im4r3zngba.cloudfront.net/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d275im4r3zngba.cloudfront.net/script.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6e00:8:bd4:5580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b143f93af30376885fd8fe5a3d6dbe0518ba634eab0434d14b89058c3fe9722

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:25:01 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 17:01:24 GMT
server
AmazonS3
age
532
etag
W/"b6401b09ef748f6355694d9212ea6f8d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
aOdUucJffDM5vZBCmviW7WbYkicUgipIdFaMbT6lwvNSuG-c7HI8WQ==
gdpr-liveramp.js
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/gdpr-liveramp.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4200:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3823487585822362741e3a820aee8d41f4e0bf7a01a216543a3945f272c54f92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 17:12:15 GMT
content-encoding
gzip
age
69689
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="gdpr-liveramp.js"
last-modified
Fri, 25 Jun 2021 02:19:19 GMT
server
AmazonS3
etag
W/"effa2e5aeb22e39ae73ac61f37975ffa"
vary
Accept-Encoding
x-amz-version-id
I4oBr1zmFWGytRGLrBfcfmF0JqHZib56
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
content-type
text/javascript
x-amz-cf-id
coTTHl6Si8TVezqc9lx4BfmhNI4eZr2UqJO-ilCreClB1S6-ojKAhA==
prebid.js
g.newsweek.com/www/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/www/js/prebid.js?v=6.1.0
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 08:17:54 GMT
server
Apache
etag
"1636618674"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds015.ml1.hn,1636806823.cds212.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
140233
gtm.js
www.googletagmanager.com/ 		209 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVS8NW5
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9ae481dbf919991dab73fd3aeb7534daf1bcfcb2e5ee195ce9e3e07ea97b8e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
68509
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Nov 2021 12:33:43 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
okBBdl4mniljyIhAB_yWlERThSsUPvbQ
content-encoding
gzip
etag
fc2e1be4d234471752ea2ebee7e63d1e
age
880
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0KG6M0T6SG9EV15YJATM
date
Sat, 13 Nov 2021 12:19:33 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
gAgwwyZ-sg0y0_aAH5-bhcHVch3jgwImgVPSadaUoEPB7z1QuSwFLw==
b
query.fqtag.com/ 		82 B
163 B 		Script
General
Check archive.org
Download Go to
Full URL
https://query.fqtag.com/b?org=YQwTNw4Muk9XFo4QH9JJ&sk=Wxsob0fAt4ZFyMO18SqG&callback=fq_callback&p=www.newsweek.com_article&a=article&cmp=none&cb=1636806823218&url=none&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.195.222 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
222.195.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
via
1.1 google
alt-svc
clear
content-length
82
83694e4b1e95c0ef591612ee7fe04d07.js
g.newsweek.com/sys/js/ 		68 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/sys/js/83694e4b1e95c0ef591612ee7fe04d07.js?v=1636752057
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
6120f0aad9f193337754eb88657ba07ff36b316c6d1b152095ae1340c89a646f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 21:21:34 GMT
server
Apache
etag
"1636752094"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds024.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
18623
icon-search-glass.svg
g.newsweek.com/www/images/ 		485 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.newsweek.com/www/images/icon-search-glass.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
62650fd33dce4209d2585176f5f4fcee4fb5abdeba5f3140bec1dd5f9abe043a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 15:13:39 GMT
server
Apache
etag
"1629299619"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds220.ml1.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
293
flipboard_srrw.png
g.newsweek.com/img/home/ 		877 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.newsweek.com/img/home/flipboard_srrw.png
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
e4cf1c133b96419d7116640c9850740280ad5aed7e54b9749f7bb3211d6be4f7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 22:46:11 GMT
server
Apache
etag
"1632264371"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds013.ml1.c
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
900
fbi-seal-pictured-washington-dc.webp
d.newsweek.com/en/full/1931915/ 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1931915/fbi-seal-pictured-washington-dc.webp?w=790&f=d5d0d4c95f9f3ce610c7cb784c745f3f
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
9187af1b7e5239651f452112d72bc8e8a07ece15187d6b2c0eb2c928cfc014d5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
last-modified
Sat, 13 Nov 2021 11:38:20 GMT
server
Apache
x-cacheable
YES
etag
"1636803500"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds005.ml1.hn,1636806823.cds210.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
133634
gdpr.bundle.js
gdpr.privacymanager.io/1/ 		181 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr.privacymanager.io/1/gdpr.bundle.js
Requested by
Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/gdpr-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1800:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
998e1202c2e488520a53e1d57ca8727b4949a877a7859b792b2e09c24478d91e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
wY1rZLt2mzpfvPXqN_NRKWTVo5oxVsjI
content-encoding
gzip
etag
W/"7876225da1c7c1879fbf776652cdff49"
age
1589
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/TCFBuild-prod:3523e2ba-d311-4d06-945a-1b6c9f385d00
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d86d21112f5a5c12c97d5a1168d27bb8
last-modified
Fri, 12 Nov 2021 13:06:33 GMT
server
AmazonS3
date
Sat, 13 Nov 2021 12:07:15 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
6dbe31d0c82f8860b85124ddd28c8c000f6ab3aa72ba5d09201eac47f121e1fe
via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
P3u1qcmVo9g5-Q0z3CgAH0ZuYuDuzaT2yoZlypNRJvSB9tEigZxDtw==
implement-r.js
fqtag.com/tag/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fqtag.com/tag/implement-r.js?org=YQwTNw4Muk9XFo4QH9JJ&p=www.newsweek.com_article_risk_Y&a=article&cmp=none&rd=none&rt=display&sl=1&fq=1
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
b0110b50fad062a88efcd31a58682cbda18141baef55c5967418db23117b0103
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:43 GMT
via
1.1 google
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2172
x-xss-protection
0
expires
0
twitter.svg
g.newsweek.com/www/img/ 		744 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.newsweek.com/www/img/twitter.svg
Requested by
Host: g.newsweek.com
URL: https://g.newsweek.com/sys/css/editor.css?v=1636752057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
58baccb67ad903c46490adfc5aa6f2b33b749f10c1a381eb330d0f542a1811f4
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g.newsweek.com/sys/css/editor.css?v=1636752057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Thu, 21 Jan 2021 20:07:54 GMT
server
Apache
etag
"1611259674"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds208.ml1.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
454
opinion-headshot-bg.png
g.newsweek.com/www/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.newsweek.com/www/images/opinion-headshot-bg.png
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
d73c80c747e2ebaa8fce065cb77d293449cc8ca02591327c5a95d924c1948364
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 09:49:45 GMT
server
Apache
etag
"1613382585"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds003.ml1.c
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
4876
jason-rantz.webp
d.newsweek.com/en/full/1588751/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1588751/jason-rantz.webp?w=63&h=63&f=f8afd026e20e8ab3f6d6fa08c4efc72c
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
32d33d25df6d8dcf31a0373c5d302f9de5d6043c391c546cec40f5911a9936ea
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
last-modified
Mon, 23 Aug 2021 10:44:54 GMT
server
Apache
x-cacheable
YES
etag
"1629715494"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds005.ml1.hn,1636806823.cds026.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
2190
config
c.amazon-adsystem.com/cdn/prod/ 		642 B
998 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3376&u=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
f94758f9d00a8640b643eb789a3718b8df478369c290c541f92923bc59b4f70e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 11:46:48 GMT
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
server
Server
age
2814
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsweek.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
content-length
642
x-amz-cf-id
lBdJ3W-CPgJC5g71Rtruzpp0bgTMaM1O2mm_E62oxkEG8Jzq9GUo7g==
config
c.amazon-adsystem.com/cdn/prod/ 		642 B
999 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3376&u=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
f94758f9d00a8640b643eb789a3718b8df478369c290c541f92923bc59b4f70e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 11:46:48 GMT
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
server
Server
age
2814
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.newsweek.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
content-length
642
x-amz-cf-id
xKURMLQHinUWpDsLV_y8m7oafNgLTx9Kd8QHj5vEhoroLAKoh0gztA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
34908
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 22:55:20 GMT
server
AmazonS3
date
Sat, 13 Nov 2021 03:01:18 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
-EKbzL5OAV0l9Yy1ylognkWPwhzmPdoiFa6cgVlyzjtMg_fxANyNjw==
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Sat, 13 Nov 2021 12:33:43 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
logo-n1.svg
g.newsweek.com/www/images/ 		409 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.newsweek.com/www/images/logo-n1.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
3498075c5fecbfcba9f37d8a12a10c7f29aabe59cf17f808c307a931327f7035
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 09:49:45 GMT
server
Apache
etag
"1613382585"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds001.ml1.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
294
free-sign-up.svg
g.newsweek.com/www/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.newsweek.com/www/images/free-sign-up.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
06121602e76bebd8a474c28cf12e9fcf1d8ee8d586ee61997702e39fe3b365dc
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 02:16:20 GMT
server
Apache
etag
"1614737780"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds026.ml1.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
1332
web
myaccount.newsweek.com/authentication/ 		120 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://myaccount.newsweek.com/authentication/web
Requested by
Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/0de03fe31c255c3b42735734054fef19.js?v=1636752057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.115.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-115-172.compute-1.amazonaws.com
Software
Apache /
Resource Hash
1c04e29b5adf55e84c5d3703381232577ef4e47400762f5d460de49312f3691f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
115
expires
Thu, 19 Nov 1981 08:52:00 GMT
check.svg
g.newsweek.com/www/images/ 		171 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.newsweek.com/www/images/check.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
aa12b6968b55d509378d47dc26722bd22f3b62a5d85d11685817da0275601693
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 20:02:18 GMT
server
Apache
etag
"1614888138"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds029.ml1.hn,1636806823.cds005.ml1.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
158
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 12:33:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:33:56 GMT
Server
ECS (frb/67D3)
Age
1165
Etag
"a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29104
home-opinion
d.newsweek.com/json/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.newsweek.com/json/home-opinion?time=1636799539&te=1636752057
Requested by
Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/0de03fe31c255c3b42735734054fef19.js?v=1636752057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
033f11d1ea409362f54133ff86a417a137a87b24caf87160fd6ddf162ac17fb3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:43 GMT
content-encoding
gzip
last-modified
Sat, 13 Nov 2021 10:34:25 GMT
server
Apache
x-cacheable
YES
etag
"1636799665"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806823.cds026.ml1.hn,1636806823.cds221.ml1.c
content-type
application/json
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, public
accept-ranges
bytes
content-length
2250
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1957
date
Sat, 13 Nov 2021 12:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20006
expires
Sat, 13 Nov 2021 14:01:06 GMT
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1e00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 10:46:00 GMT
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 00:27:20 GMT
server
nginx
age
6463
etag
W/"6179ee68-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
uyoUynLv-RmPLWeItP3X8zCrJw8d4bVL0clo4zCjId4evHzJDE0Gdg==
expires
Sat, 13 Nov 2021 12:46:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6972086&ns__t=1636806823505&ns_c=UTF-8&c8=FBI%20Email%20System%20Reportedly%20Hacked%20to%20Send%20Fake%20DHS%20Cyberattack%20Messages&c7=https%3A%2F%2Fww...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6972086&ns__t=1636806823505&ns_c=UTF-8&c8=FBI%20Email%20System%20Reportedly%20Hacked%20to%20Send%20Fake%20DHS%20Cyberattack%20Messages&c7=https%3A%2F%2Fw...
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6972086&ns__t=1636806823505&ns_c=UTF-8&c8=FBI%20Email%20System%20Reportedly%20Hacked%20to%20Send%20Fake%20DHS%20Cyberattack%20Messages&c7=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&c9=
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Server
13.225.78.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
crbOEbZ2BtidnWtJcWcFVbdAw_e_ZvppCa3Kit5MtTZCzJ0UCw3yyw==

Redirect headers

date
Sat, 13 Nov 2021 12:33:43 GMT
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6972086&ns__t=1636806823505&ns_c=UTF-8&c8=FBI%20Email%20System%20Reportedly%20Hacked%20to%20Send%20Fake%20DHS%20Cyberattack%20Messages&c7=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&c9=
content-length
313
x-amz-cf-id
weom9CJvhXjpE79lmb6Hb03bZKOwbCb9sIDz2r1VMouPbKwHZhKbPg==
play-list
d.newsweek.com/widget/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.newsweek.com/widget/play-list?nid=522857&items=4&v=11636752057
Requested by
Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/0de03fe31c255c3b42735734054fef19.js?v=1636752057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
01a6652ff92be63a01941aedd79bc71a497d0f2a517811b0edaa119930ebfbee
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 23:13:02 GMT
server
Apache
x-cacheable
YES
etag
"1636758782"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds026.ml1.hn,1636806824.cds013.ml1.c
content-type
application/json
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000
accept-ranges
bytes
content-length
2606
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Sat, 13 Nov 2021 12:48:44 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3376&u=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&pid=j4LRMsThxACY7&cb=0&ws=1600x1200&v=7.70.0&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right1%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22id%22%3A%22Newsweek_VideoSlot%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
JK9S2BBXTAJXTVASGTQV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
L2rK0lVJA0veUxt_Dgg1LwKIVZv1mwiap5iVCpKkfGuldubq8z1hWw==
counter.js
gc.newsweek.com/front/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gc.newsweek.com/front/js/counter.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
a0b51ba25024fedcd9074066b464ec2dd88d655aa7d0821046ec3cc91dbc082a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 17:15:45 GMT
server
Apache
etag
"1620839745"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds013.ml1.hn,1636806824.cds215.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
873
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-129.fra2.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 14:32:42 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d967.cloudfront.net (CloudFront), 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
age
79262
x-amzn-requestid
dc614342-66e7-42b2-9f4a-e56d8974a366
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-618e7b0a-19fb14207502877c68594f74;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA2-C2
x-amz-apigw-id
IsgpoEQUjoEFl2Q=
content-length
30
x-amz-cf-id
MyD1bwHeUMKE5Hqh6MupvMjvfuJWuI4LEQXtu_f91tun6pK2kazR9A==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
pubads_impl_2021110901.js
securepubads.g.doubleclick.net/gpt/ 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
118212
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 09:34:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 Nov 2021 12:33:44 GMT
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-129.fra2.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 14:32:42 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d967.cloudfront.net (CloudFront), 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
age
79262
x-amzn-requestid
dc614342-66e7-42b2-9f4a-e56d8974a366
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-618e7b0a-19fb14207502877c68594f74;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA2-C2
x-amz-apigw-id
IsgpoEQUjoEFl2Q=
content-length
30
x-amz-cf-id
W8rHQurZWyytiRk3VC-HlM2zRrHeecfxek14WuCmFN2m3QDGLneLzg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-129.fra2.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 14:32:42 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d967.cloudfront.net (CloudFront), 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
age
79262
x-amzn-requestid
dc614342-66e7-42b2-9f4a-e56d8974a366
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-618e7b0a-19fb14207502877c68594f74;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA2-C2
x-amz-apigw-id
IsgpoEQUjoEFl2Q=
content-length
30
x-amz-cf-id
wQtJRTkfetfI7u3ukOyV2k-YnhxdtAZVHsqaYl-tYstyOOLY5p2Ldw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/vendor-list.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4200:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Fri, 12 Nov 2021 17:12:15 GMT
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-allow-headers
content-type
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
-6o33wlRdT07KNejUG5-xjJJ2lCrjLLU3PP56qif8_QPP3NIxDPp7w==
age
69690
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-129.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Sat, 13 Nov 2021 12:33:44 GMT
x-amzn-requestid
0ea292b8-fd93-432d-9e07-8ee452313e7e
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
IviKUFokjoEFrtw=
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront), 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1 FRA2-C2
x-cache
Miss from cloudfront
x-amz-cf-id
upSiRF-GwbFkO_i5Rdr7noWcy-ZAEBrqI7Z2RUbOJ3BsunXorZIzxg==
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ 		0
0
/
geo.privacymanager.io/ 		30 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-129.fra2.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept
application/json
Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Nov 2021 14:32:42 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d967.cloudfront.net (CloudFront), 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
age
79262
x-amzn-requestid
dc614342-66e7-42b2-9f4a-e56d8974a366
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-618e7b0a-19fb14207502877c68594f74;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA2-C2
x-amz-apigw-id
IsgpoEQUjoEFl2Q=
content-length
30
x-amz-cf-id
YETnpR4pRMq2I_MkGutZVuZaFACveDq66TT6irdKTOtYoQZ2w6OK8w==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
bridge3.489.0_en.html
imasdk.googleapis.com/js/core/ Frame E105 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194780
date
Wed, 10 Nov 2021 22:24:04 GMT
expires
Thu, 10 Nov 2022 22:24:04 GMT
last-modified
Wed, 10 Nov 2021 22:20:22 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
223780
alt-svc
clear
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
clear
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Nov 2021 12:33:44 GMT
crime.webp
d.newsweek.com/en/full/1904511/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1904511/crime.webp?w=790&h=444&q=75&f=ea76d92bac9c4b4bd17f3f20e4d92e3d
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
61687d59dd436dab580ea9e5b0b4f39514976ec7cbc3bde85633654876e67c99
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Thu, 30 Sep 2021 09:14:48 GMT
server
Apache
x-cacheable
YES
etag
"1632993288"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds026.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
21246
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
pixel.js
cdn.fqtag.com/1.27.339-ccfb11a/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.36.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.36.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 11:45:07 GMT
age
2917
x-guploader-uploadid
ADPycduKYubNGqcjhhmtur7UhU0wMUH_Lp2L3BKDx0tmmOHieFBeY7WNYe3pZt9Njm-OQN0dzy77-uY1d9dEMabOuEjbYrMF9Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89647
last-modified
Wed, 27 Jan 2021 19:48:44 GMT
server
UploadServer
etag
"e0eff30579598f76147c9ea12f490d21"
x-goog-hash
crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
content-language
en
x-goog-generation
1611776924905378
x-goog-expiration
Sun, 11 Nov 2294 19:48:44 GMT
cache-control
public, max-age=3600
x-goog-stored-content-length
89647
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 13 Nov 2021 12:45:07 GMT
crime-by-the-numbers-1632931619.m3u8
video.newsweek.com/transcoder/480hls/2614/ 		0
0
vendor-list.json
vendors.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vendors.privacymanager.io/vendor-list.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:5200:1b:d3ea:d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Fri, 12 Nov 2021 17:12:16 GMT
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-allow-headers
content-type
server
AmazonS3
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Hit from cloudfront
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
yvypKFFXIu2qwflL0xp9hPES0S6qALXAdEwTOiPwHgnE5F5qFeEXfA==
age
69689
vendor-list.json
vendors.privacymanager.io/ 		734 KB
98 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vendors.privacymanager.io/vendor-list.json
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:5200:1b:d3ea:d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
471963b669d576ba53390b27f5f0bf67e4b119d2eb87b5f0611e6328a5361a83

Request headers

Accept
application/json
Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

x-amz-version-id
kBwBUEA1QNY_ZANljqxrYGaveHZGbk4z
content-encoding
gzip
etag
W/"69e472f053bf9c666065303192cf2668"
age
1266
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 12 Nov 2021 17:00:25 GMT
server
AmazonS3
date
Sat, 13 Nov 2021 12:13:53 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
jXQo4YO6cA8OQhanjDuNWXiTUvUcD7-gJ_oVaGNEcBIDfjHFa0aVoA==
january-6-capitol-insurrection.jpg
d.newsweek.com/en/full/1931875/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1931875/january-6-capitol-insurrection.jpg?w=300&h=180&f=016580e46b93d4afddcfc227b82a3f35
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
c41d80f7eb1b900d4e59c23708a2ed8b8b7d8d4a32085109872067ede671e7a0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Sat, 13 Nov 2021 11:36:46 GMT
server
Apache
x-cacheable
YES
etag
"1636803406"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds213.ml1.c
content-type
image/jpeg
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
13809
/
trinitymedia.ai/player/trinity/2601060880/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trinitymedia.ai/player/trinity/2601060880/?pageURL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.226.53.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-53-204.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7496e3f039bb97b38366c0800e71741c453757251648851ffd7a0cc5eab6fd57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store
content-length
2043
sp_vNTS7w0J
recirculation.spot.im/spot/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://recirculation.spot.im/spot/sp_vNTS7w0J
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
sp_vNTS7w0J
launcher.spot.im/spot/ 		487 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_vNTS7w0J
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-18.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
eb2574d70d5f0772a1db3af3aa2c6e35e9bdff473091d125459bc55bf6c71b7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
gzip
server
fasthttp
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
content-length
149785
expires
Sat, 13 Nov 2021 16:33:44 GMT
newsweek.com.734388.js
jsc.mgid.com/n/e/ Frame D673 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsweek.com.734388.js?t=2021101312
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c55439b5c46b610a8ad182c0189e0fb9041e76258e672b2c0c380467056991f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
br
cf-cache-status
HIT
age
2724
last-modified
Tue, 02 Nov 2021 12:54:37 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
FMW264ZRM96X7R1T
x-amz-id-2
f1jG0gqtviC2K5en7g0Lp9SHjKK3B3erV6tYU1K8p4SIzkxKMjsRbtMs0zLZOR/L7mJNyEOHCS4=
cf-bgj
minify
server
cloudflare
etag
W/"d115abf7117f9ac47160ac43b2913f81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ad807bcdbcb42e1-FRA
expires
Sat, 13 Nov 2021 15:33:44 GMT
article-latest
d.newsweek.com/json/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.newsweek.com/json/article-latest?time=1636803350&te=1636752057&size=11
Requested by
Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/0de03fe31c255c3b42735734054fef19.js?v=1636752057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
a9fc35546d0197d065fb59e93ddd9d915fe05f7f96ba9131bed87672aa8a50e6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
gzip
last-modified
Sat, 13 Nov 2021 11:43:01 GMT
server
Apache
x-cacheable
YES
etag
"1636803781"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds026.ml1.hn,1636806824.cds202.ml1.c
content-type
application/json
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, public
accept-ranges
bytes
content-length
1147
article-editor
d.newsweek.com/json/ 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.newsweek.com/json/article-editor?time=1636803350&te=1636752057
Requested by
Host: g.newsweek.com
URL: https://g.newsweek.com/sys/js/0de03fe31c255c3b42735734054fef19.js?v=1636752057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
0b93c76e862c4698e9f493b9154680494cb2b736e5c5f0ee9f57f72422d2e140
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
gzip
last-modified
Sat, 13 Nov 2021 11:43:03 GMT
server
Apache
x-cacheable
YES
etag
"1636803783"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds026.ml1.hn,1636806824.cds211.ml1.c
content-type
application/json
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, public
accept-ranges
bytes
content-length
1984
james-lynch.webp
d.newsweek.com/en/full/1915363/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1915363/james-lynch.webp?w=63&h=63&f=e9c124b31bd596cd3b43df1d650ed843
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
2f61970ee82fc1a77de3e31b33dac2f1f051d18c90ac175874f3fb738cc788c3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Tue, 19 Oct 2021 12:01:56 GMT
server
Apache
x-cacheable
YES
etag
"1634644916"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds221.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
2072
sam-abrams.webp
d.newsweek.com/en/full/1931686/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1931686/sam-abrams.webp?w=63&h=63&f=e7e3151e4f265fde7d75c5167cba9859
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
906757966bd332f90e4d66a8333d21b7e1b2d38a9590a56cbc64bbed859e5e8b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Fri, 12 Nov 2021 20:09:05 GMT
server
Apache
x-cacheable
YES
etag
"1636747745"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds205.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
2316
tony-allen-brian-sandoval.webp
d.newsweek.com/en/full/1931459/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1931459/tony-allen-brian-sandoval.webp?w=63&h=63&f=6e99c8db199fe0bb82f4346f17d8c9e7
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
cb18fedde6067b1eec1601267e3cc897d5f21c505a3ae753d184b7d866cb08f0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Fri, 12 Nov 2021 16:27:02 GMT
server
Apache
x-cacheable
YES
etag
"1636734422"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds214.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
2248
daniel-r-depetris.webp
d.newsweek.com/en/full/1896095/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1896095/daniel-r-depetris.webp?w=63&h=63&f=5f46d837d716c0eab547f102eba5ff64
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
575d0cf263d704e24f5096cea99f9e9668833c419170835d030eb224684ddbb1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Thu, 16 Sep 2021 16:53:58 GMT
server
Apache
x-cacheable
YES
etag
"1631811238"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds031.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
2060
ginger-cassady.webp
d.newsweek.com/en/full/1775142/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1775142/ginger-cassady.webp?w=63&h=63&f=74bba75a2755e75daeeaa4b1a71ba603
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
698fd87ecc735206c818d5a9459f045f62ce92ac90575993130389cb3461fdf2
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Fri, 12 Nov 2021 12:08:16 GMT
server
Apache
x-cacheable
YES
etag
"1636718896"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds019.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
2062
josh-hammer.webp
d.newsweek.com/en/full/1646800/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1646800/josh-hammer.webp?w=63&h=63&f=cd14b8675c99d70b0e9c9d28906c5d29
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
5d998b8247e9380e64a822d26af8a738bc76edf381626cb64e45c4358f7825fc
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Thu, 07 Jan 2021 18:01:21 GMT
server
Apache
x-cacheable
YES
etag
"1610042481"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds010.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=25920000, max-age=29030400, public
accept-ranges
bytes
content-length
2088
austin-stone.webp
d.newsweek.com/en/full/1930343/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1930343/austin-stone.webp?w=63&h=63&f=82d15c3cca6f3af48c97bee09a44651c
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
f66c97d684875155618cb73deeea36588d952857e96eb1d9a28ae672a3cce7f3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Fri, 12 Nov 2021 11:43:15 GMT
server
Apache
x-cacheable
YES
etag
"1636717395"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds014.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
2060
boris-epshteyn.webp
d.newsweek.com/en/full/1599103/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1599103/boris-epshteyn.webp?w=63&h=63&f=5b8dd9234d26dac7d8b1d2628da59c83
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
156b3c84cd11fe2645859daf3f77742bb030a7c59d6e869406a94e50eab75ffc
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Fri, 15 Oct 2021 19:28:32 GMT
server
Apache
x-cacheable
YES
etag
"1634326112"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds214.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
2098
william-lambers.webp
d.newsweek.com/en/full/1779219/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1779219/william-lambers.webp?w=63&h=63&f=2db9e62651eccc1a07e2328a5bd23d61
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
98ada2f20ace30c628f3e5c2aeae635372ad2687dc9824a7c81b04a3375e1c22
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Thu, 09 Sep 2021 12:53:42 GMT
server
Apache
x-cacheable
YES
etag
"1631192022"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds219.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
2054
riggs-eckelberry.webp
d.newsweek.com/en/full/1903627/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1903627/riggs-eckelberry.webp?w=63&h=63&f=6717b98ca6cc012382abe93bc1d956b7
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
d63021a7579cb254773c59528d0fe1a2fce50b85b40f60eeeff867fab4f5fb2d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Mon, 08 Nov 2021 23:54:59 GMT
server
Apache
x-cacheable
YES
etag
"1636415699"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds219.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
1922
605f1415-12c7-4a19-a081-a35844c5ddf4
https://www.newsweek.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.newsweek.com/605f1415-12c7-4a19-a081-a35844c5ddf4
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9c5d42cd8dd7b93b1013d69255aaaeb2d49dc4119e2170cc39bc2a0d72155d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
5497
Content-Type
application/javascript
d05ea5ea-0a73-4269-971a-b973ac383be1
https://www.newsweek.com/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.newsweek.com/d05ea5ea-0a73-4269-971a-b973ac383be1
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9bd241ee0c6d7556411a40fddfae7370f30035ef21360520f3270f2f07d20cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
78335
Content-Type
application/javascript
7a128223-b3ea-4706-b546-44759adffe98
https://www.newsweek.com/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.newsweek.com/7a128223-b3ea-4706-b546-44759adffe98
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9bd241ee0c6d7556411a40fddfae7370f30035ef21360520f3270f2f07d20cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
78335
Content-Type
application/javascript
widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html
platform.twitter.com/widgets/ Frame 9518 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.newsweek.com
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
305867
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sat, 13 Nov 2021 12:33:44 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 18 Oct 2021 18:32:00 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6731)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=newsweek.com&p=%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&u=Bh6ZGDxyn0bi3ygX&d=newsweek.com&g=65968&g0=News&g1=Darragh%20Roche&n=1&f=00001&c=0&x=2675&m=2675&y=7804&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1283&t=DdrjZVB0gCjQCY4J1PKIFqGBRcNxn&V=129&i=FBI%20Email%20System%20Reportedly%20Hacked%20to%20Send%20Fake%20DHS%20Cyberattack%20Messages&tz=0&_acct=anon&sn=1&sv=C9HJlNDY_s9wiJf8RhU6KQDG9L_p&sd=1&im=067b0fff&_
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.108.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-108-37.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
collect
stats.g.doubleclick.net/j/ 		4 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-44450862-1&cid=1101406214.1636806824&jid=238528340&gjid=568217649&_gid=496113272.1636806824&_u=YGBAgUABAAAAAE~&z=1957789110
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 13 Nov 2021 12:33:44 GMT
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=930968790&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&ul=en-us&de=UTF-8&dt=FBI%20Email%20System%20Reportedly%20Hacked%20to%20Send%20Fake%20DHS%20Cyberattack%20Messages&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUAB~&jid=238528340&gjid=568217649&cid=1101406214.1636806824&tid=UA-44450862-1&_gid=496113272.1636806824&gtm=2wgba1TVS8NW5&cd1=Darragh%20Roche&cd2=News&cd3=&cd4=US&cd5=en&cd6=article&cd7=1648966&cd8=20211113&cd9=202111&cd10=newsweek.com%2Fnews%2Farticle&cd12=N&cd13=N&cd14=Y&cd15=Y&cd17=News%20%3E%20National%20News&cd18=related&cd19=web&cd20=14&cd21=7&cd22=article&cd23=web&cd24=N&cd25=FBI%2C%20Emails%2C%20Spam%2C%20Hacking&cd26=ndef&cd27=nonpromoted&cd28=Breaking%20News%20-%20LON&cd30=Y&cd31=4&cd32=7&cd33=ndef&cd34=anon&cd35=180&cd36=Direct&cd37=4g&cd38=web&cd40=Original&cd41=2&cd42=7&cd43=United%20States&cd44=N&cd45=N&cd46=0&z=755388753
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 13:17:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83771
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BA59 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 13 Nov 2021 13:15:21 GMT
nw_content_recirc_inline.css
g.newsweek.com/www/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/www/css/nw_content_recirc_inline.css
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
7834d77e08448c1971e67f0b3e0f1d9ae277579721183dbc8542fe29660427cb
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 09:49:55 GMT
server
Apache
etag
"1613382595"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds029.ml1.hn,1636806824.cds033.ml1.c
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=25920000
accept-ranges
bytes
content-length
933
fury-gavin-newsom-extends-emergency-powers.webp
d.newsweek.com/en/full/1931846/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1931846/fury-gavin-newsom-extends-emergency-powers.webp?w=300&h=200&f=21602577fec2262dd13bdbea57b6e5bb
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
6ff1325c954b63a9f066a9e13d6d23da5f4de5e50f9dd6b9798fcd95a98510d9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Sat, 13 Nov 2021 10:53:45 GMT
server
Apache
x-cacheable
YES
etag
"1636800825"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds216.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
7628
seattle.webp
d.newsweek.com/en/full/1931685/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1931685/seattle.webp?w=300&h=200&f=15024f692522f72e60c4ab169d622730
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
6117833ed26e2daea398326243a821955e5d8c6bc9aec8e213c0d4d5d5faf426
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Fri, 12 Nov 2021 22:18:31 GMT
server
Apache
x-cacheable
YES
etag
"1636755511"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds211.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
6082
record-job-quits.webp
d.newsweek.com/en/full/1931473/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1931473/record-job-quits.webp?w=300&h=200&f=84c24cdd1b5c416f0b78540d7c55bb4f
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
49c39bb14d7039f01f8daa925b12cf8b53877f6bb2fc36148e56ae69c7f964d5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Fri, 12 Nov 2021 16:37:56 GMT
server
Apache
x-cacheable
YES
etag
"1636735076"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds012.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
8986
topshot-guatemala-mexico-el-salvador-us-migration.webp
d.newsweek.com/en/full/1931671/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.newsweek.com/en/full/1931671/topshot-guatemala-mexico-el-salvador-us-migration.webp?w=300&h=200&f=802926b78a42b5b1133fb5d31a55b10e
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache /
Resource Hash
f4951af9b05287d59d886f60e84cd4b31f27b413bda703594642a2feb54c3561
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
last-modified
Fri, 12 Nov 2021 23:09:51 GMT
server
Apache
x-cacheable
YES
etag
"1636758591"
strict-transport-security
max-age=86400; includeSubDomains
x-hw
1636806824.cds005.ml1.hn,1636806824.cds201.ml1.c
content-type
image/webp
access-control-allow-origin
*
x-cahce
HIT
cache-control
max-age=3600
accept-ranges
bytes
content-length
12856
article
stats.newsweek.com/counter/ 		14 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.newsweek.com/counter/article?ack=sys_callback&site_id=7&c_what=article&a_id=1648966&r_id=34735&c_id=104&c_url=&referer=&device=desktop&a_editor=1&c_country=DE&xz=5&c_uque=1&c_ruque=1&c_visits=1
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.115.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-115-172.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2ec0b21f417bbe2beccc0a0fdc58fd9b26c97958897c46c07185ad3d97be9f48
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=25920000
strict-transport-security
max-age=86400; includeSubDomains
content-length
34
ga-audiences
www.google.com/ads/ 		42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44450862-1&cid=1101406214.1636806824&jid=238528340&_u=YGBAgUABAAAAAE~&z=591487468
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44450862-1&cid=1101406214.1636806824&jid=238528340&_u=YGBAgUABAAAAAE~&z=591487468
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
userEvents:collect
recommendationengine.googleapis.com/v1beta1/projects/248636979763/locations/global/catalogs/default_catalog/eventStores/default_event_store/ 		7 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recommendationengine.googleapis.com/v1beta1/projects/248636979763/locations/global/catalogs/default_catalog/eventStores/default_event_store/userEvents:collect?key=AIzaSyC941bziWOAfKYUryv4ZGBrZgm3nYWfyzE&uri=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&user_event=%7B%22eventType%22%3A%22detail-page-view%22%2C%22userInfo%22%3A%7B%22visitorId%22%3A%22GA1.2.1101406214.1636806824%22%7D%2C%22productEventDetail%22%3A%7B%22productDetails%22%3A%5B%7B%22id%22%3A%221648966%22%7D%5D%7D%7D&ets=1636806824406
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:44 GMT
x-content-type-options
nosniff
alt-svc
clear
server
ESF
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
vary
Origin, X-Origin, Referer
content-length
7
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
newsweek.com.734388.es6.js
jsc.mgid.com/n/e/ Frame D673 		237 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
013461d432d37185d5ccd23051ec3c2ef851ea19824b7b40b20859b15553fed2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
br
cf-cache-status
HIT
age
2333
last-modified
Wed, 03 Nov 2021 14:52:53 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
P9KQ5W3GXN1JFAQ3
x-amz-id-2
y3H0J8wo9MDh8UwFgpn8uSW+up53c2Zi2HxMMID5FIzc+C3Kkr+XCr3poB/U+9WQHWScfZduWkQ=
cf-bgj
minify
server
cloudflare
etag
W/"5a327beab1d4ba3328f339f0b7906e4d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ad807bf28e742e1-FRA
expires
Sat, 13 Nov 2021 15:33:44 GMT
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_vNTS7w0J/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_vNTS7w0J/v2?platform=Desktop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-expose-headers
access-control-max-age
86400
date
Sat, 13 Nov 2021 12:33:45 GMT
pixel
pix.spot.im/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiI2OTY2NDFjYi0wOTU4LTRjZmUtOTUyOC0yYmQ1MmNlZDIzNDUiLCJyZWZlcnJlciI6IiIsInVzZXJfaWQiOiIwIiwiZHVyYXRpb24iOjAsInYiOjEwLCJkb21haW4iOiJ3d3cubmV3c3dlZWsuY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubmV3c3dlZWsuY29tL2ZiaS1lbWFpbC1zeXN0ZW0tcmVwb3J0ZWRseS1oYWNrZWQtZmFrZS1kaHMtY3liZXJhdHRhY2stbWVzc2FnZXMtMTY0ODk2NiIsImxhbmciOiJlbi1VUyIsInNvdXJjZV92ZXJzaW9uIjoiIiwidGltZV9kZWx0YSI6MTMxOCwidGVzdF9maWVsZCI6IiIsInNwbGl0X25hbWUiOiIiLCJwdWJsaXNoZXJfY3VzdG9tX2RhdGEiOiJ7fSIsInNwb3RfaWQiOiJzcF92TlRTN3cwSiIsInNvdXJjZSI6ImxhdW5jaGVyIiwidHlwZSI6InBlcmZvcm1hbmNlIiwiaXRlbV9pZCI6InN0YXJ0IiwiaXRlbV90eXBlIjoiY3JpdGljYWxfZmxvdyIsInNlZ21lbnQiOnsiaWQiOiJvcGVud2ViX2xhdW5jaGVyOmNyaXRpY2FsX2Zsb3dfc3RhcnRfbWFya19rdnhzaXNyYS5yaWQifX0%3D&rnd=0.755009671291498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-84.fra2.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-spotim-device-uuid,x-spotim-page-view-id
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Sat, 13 Nov 2021 12:33:45 GMT
server
fasthttp
access-control-allow-origin
https://www.newsweek.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
access-control-max-age
3600
x-cache
Miss from cloudfront
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
fHYvSG2fcmCTyT0DNzq5tKpv8kNe6N463ec36ReqZmc7Z3q_Iwqucg==
events
direct-events-collector.spot.im/api/v2/ 		0
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_vNTS7w0J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-84.fra2.r.cloudfront.net
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
fasthttp
x-amz-cf-pop
FRA2-C1
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
x-amz-cf-id
uMVuawAIDWDypGbf_1YWvXpnJfl9aXo3y5Xt_AKVr5BZYLUOkiv02Q==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
20
x-amz-cf-id
AFgLLrIzt5cwC1HS-mba9I0hyidyV9UeZoenSlYxKCWwnN4k709kZA==
expires
Mon, 14 Nov 2022 12:33:44 GMT
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_vNTS7w0J/ 		55 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_vNTS7w0J/v2?platform=Desktop
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
0d3c9be24dd2755dc74b547b2c7799f3a754c3b602be048af1b94dfb12a19b5e

Request headers

x-guid
null
x-post-id
article-1648966
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8
x-spot-id
sp_vNTS7w0J
x-spotim-page-view-id
696641cb-0958-4cfe-9528-2bd52ced2345
Referer
https://www.newsweek.com/
x-access-token
null

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
gzip
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
content-length
4032
x-request-id
f14018d2-447d-11ec-9762-76ce56206aff
access-control-expose-headers
pixel
pix.spot.im/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiI2OTY2NDFjYi0wOTU4LTRjZmUtOTUyOC0yYmQ1MmNlZDIzNDUiLCJyZWZlcnJlciI6IiIsInVzZXJfaWQiOiIwIiwiZHVyYXRpb24iOjAsInYiOjEwLCJkb21haW4iOiJ3d3cubmV3c3dlZWsuY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubmV3c3dlZWsuY29tL2ZiaS1lbWFpbC1zeXN0ZW0tcmVwb3J0ZWRseS1oYWNrZWQtZmFrZS1kaHMtY3liZXJhdHRhY2stbWVzc2FnZXMtMTY0ODk2NiIsImxhbmciOiJlbi1VUyIsInNvdXJjZV92ZXJzaW9uIjoiIiwidGltZV9kZWx0YSI6MTMyMywidGVzdF9maWVsZCI6IiIsInNwbGl0X25hbWUiOiIiLCJwdWJsaXNoZXJfY3VzdG9tX2RhdGEiOiJ7fSIsInNwb3RfaWQiOiJzcF92TlRTN3cwSiIsInNvdXJjZSI6ImxhdW5jaGVyIiwidHlwZSI6InBlcmZvcm1hbmNlIiwiaXRlbV90eXBlIjoiY3JpdGljYWxfZmxvdyIsIml0ZW1faWQiOiJlbmQiLCJzZWdtZW50Ijp7ImR1cmF0aW9uIjo1LjE5OTk5Njk0ODI0MjE4NzUsImlkIjoib3BlbndlYl9sYXVuY2hlcjpjcml0aWNhbF9mbG93X3N0YXJ0X21hcmtfa3Z4c2lzcmEucmlkIn19&rnd=0.39691184081410524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-84.fra2.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-spotim-device-uuid,x-spotim-page-view-id
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Sat, 13 Nov 2021 12:33:45 GMT
server
fasthttp
access-control-allow-origin
https://www.newsweek.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
access-control-max-age
3600
x-cache
Miss from cloudfront
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
7vLfjcVKEmWz1Tbs9blJFCzJAyOMudWkGlC4rdtUm_nivpHagWU5yQ==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
20
x-amz-cf-id
AFgLLrIzt5cwC1HS-mba9I0hyidyV9UeZoenSlYxKCWwnN4k709kZA==
expires
Mon, 14 Nov 2022 12:33:44 GMT
pixel
pix.spot.im/api/v1/ 		16 B
550 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiI2OTY2NDFjYi0wOTU4LTRjZmUtOTUyOC0yYmQ1MmNlZDIzNDUiLCJyZWZlcnJlciI6IiIsInVzZXJfaWQiOiIwIiwiZHVyYXRpb24iOjAsInYiOjEwLCJkb21haW4iOiJ3d3cubmV3c3dlZWsuY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubmV3c3dlZWsuY29tL2ZiaS1lbWFpbC1zeXN0ZW0tcmVwb3J0ZWRseS1oYWNrZWQtZmFrZS1kaHMtY3liZXJhdHRhY2stbWVzc2FnZXMtMTY0ODk2NiIsImxhbmciOiJlbi1VUyIsInNvdXJjZV92ZXJzaW9uIjoiIiwidGltZV9kZWx0YSI6MTMxOCwidGVzdF9maWVsZCI6IiIsInNwbGl0X25hbWUiOiIiLCJwdWJsaXNoZXJfY3VzdG9tX2RhdGEiOiJ7fSIsInNwb3RfaWQiOiJzcF92TlRTN3cwSiIsInNvdXJjZSI6ImxhdW5jaGVyIiwidHlwZSI6InBlcmZvcm1hbmNlIiwiaXRlbV9pZCI6InN0YXJ0IiwiaXRlbV90eXBlIjoiY3JpdGljYWxfZmxvdyIsInNlZ21lbnQiOnsiaWQiOiJvcGVud2ViX2xhdW5jaGVyOmNyaXRpY2FsX2Zsb3dfc3RhcnRfbWFya19rdnhzaXNyYS5yaWQifX0%3D&rnd=0.755009671291498
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-53.fra2.r.cloudfront.net
Software
fasthttp /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer
https://www.newsweek.com/
x-spotim-device-uuid
undefined
x-spotim-page-view-id
696641cb-0958-4cfe-9528-2bd52ced2345
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
server
fasthttp
x-amz-cf-pop
FRA2-C1
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
16
x-amz-cf-id
JhY2I4EtylZITsVoeik1_zKv04BcLrngxUA3TO2_cmAryYJh3_hvJw==
device_load
events-collector.spot.im/api/v1/ 		36 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events-collector.spot.im/api/v1/device_load
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-53.fra2.r.cloudfront.net
Software
fasthttp /
Resource Hash
1b47d716e32c592a42fa54a2ddfd7654e63a0600bfe206d57524cc64f7e92061

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
server
fasthttp
x-amz-cf-pop
FRA2-C1
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
36
x-amz-cf-id
o2YBckRQ33VsxBSH6ITGkwiZuDjOnvXytLGxJ-tZ5QojwbZhwaDbiA==
metric
metrics-logger.spot.im/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metrics-logger.spot.im/metric
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.223.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-223-65.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:45 GMT
content-length
0
pixel
pix.spot.im/api/v1/ 		16 B
552 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiI2OTY2NDFjYi0wOTU4LTRjZmUtOTUyOC0yYmQ1MmNlZDIzNDUiLCJyZWZlcnJlciI6IiIsInVzZXJfaWQiOiIwIiwiZHVyYXRpb24iOjAsInYiOjEwLCJkb21haW4iOiJ3d3cubmV3c3dlZWsuY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubmV3c3dlZWsuY29tL2ZiaS1lbWFpbC1zeXN0ZW0tcmVwb3J0ZWRseS1oYWNrZWQtZmFrZS1kaHMtY3liZXJhdHRhY2stbWVzc2FnZXMtMTY0ODk2NiIsImxhbmciOiJlbi1VUyIsInNvdXJjZV92ZXJzaW9uIjoiIiwidGltZV9kZWx0YSI6MTMyMywidGVzdF9maWVsZCI6IiIsInNwbGl0X25hbWUiOiIiLCJwdWJsaXNoZXJfY3VzdG9tX2RhdGEiOiJ7fSIsInNwb3RfaWQiOiJzcF92TlRTN3cwSiIsInNvdXJjZSI6ImxhdW5jaGVyIiwidHlwZSI6InBlcmZvcm1hbmNlIiwiaXRlbV90eXBlIjoiY3JpdGljYWxfZmxvdyIsIml0ZW1faWQiOiJlbmQiLCJzZWdtZW50Ijp7ImR1cmF0aW9uIjo1LjE5OTk5Njk0ODI0MjE4NzUsImlkIjoib3BlbndlYl9sYXVuY2hlcjpjcml0aWNhbF9mbG93X3N0YXJ0X21hcmtfa3Z4c2lzcmEucmlkIn19&rnd=0.39691184081410524
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-53.fra2.r.cloudfront.net
Software
fasthttp /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer
https://www.newsweek.com/
x-spotim-device-uuid
undefined
x-spotim-page-view-id
696641cb-0958-4cfe-9528-2bd52ced2345
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
server
fasthttp
x-amz-cf-pop
FRA2-C1
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
16
x-amz-cf-id
FkcFAlLZIBTEakjS5yTOs7j-_IWJypUm8t9WTqWqPz7kL06F-VlWaQ==
pixel
fqtag.com/ 		0
10 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fqtag.com/pixel
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Nov 2021 12:33:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/index.html
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fecf08d48dbc946b3487abedf98eda2cc270626b457f350347e67729bb4c007c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

content-type
text/html
last-modified
Wed, 03 Nov 2021 16:57:28 GMT
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-version-id
geR9VcPto9ZrTyc8lR76LnYjF.84V0rk
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
server
AmazonS3
content-encoding
gzip
date
Wed, 10 Nov 2021 16:57:46 GMT
cache-control
must-revalidate,public,max-age=604800
etag
W/"b8061b8850e21ea20dba03d10b1747ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
BuwSBdFzHRB3imNFzUfE3p2_h45VcVdkyknz3UefAIPZipSK0tJ7qw==
age
243360
pixel
fqtag.com/ 		0
10 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fqtag.com/pixel
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Nov 2021 12:33:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
trinity-injector-script.js
vd.trinitymedia.ai/trinity-player/tts-player/20211111_d96f0eed84759cbdd8529e33c898a8bf0d5003f2/ 		317 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vd.trinitymedia.ai/trinity-player/tts-player/20211111_d96f0eed84759cbdd8529e33c898a8bf0d5003f2/trinity-injector-script.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
AmazonS3 /
Resource Hash
d64f5a6026be5ebd4c55a874964e4c3f25afc298ac5a339b1dd8953a02609928

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 16:18:22 GMT
server
AmazonS3
x-amz-request-id
JEB45ASSQ88XF9J9
etag
"ca1614a88bb81602667bd2f34b2a6d6c"
x-hw
1636806825.dop025.ml1.t,1636806825.cds223.ml1.hn,1636806825.cds010.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
49257
x-amz-id-2
GuekJUTsiTmMgNtGmR8PWFnhvyRFOHrdz5P7uFYPN6RrUaetG1ljnBJUO6mJ1k2g34I7pV/uqf0=
collect
www.google-analytics.com/ 		35 B
169 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles.css
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/styles.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d96359b975ea60541c0a2af5c5de0197241e5e769841ac87cdb8dbb636dac16f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
Q4J0H.Ks_Ez3zjiL3qvVswHkoqdWlVFb
content-encoding
gzip
etag
W/"fc91ee31cf2e2dbba65546e19b425c59"
age
243359
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
last-modified
Wed, 03 Nov 2021 16:57:22 GMT
server
AmazonS3
date
Wed, 10 Nov 2021 16:57:47 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
text/css
x-amz-cf-id
HTxl7KApcythm8vghDCqCPdlsR_vbIn30kxtIgECZu-ED_-WFYlS0g==
openSans.css
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		26 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c631d3bebb168e8549f41a8137a8681fc6d87da3b1b4c2cd6377b7d79b236caf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
ZQgzbNvK6yBWlAg75RpLPiNPAEIwRUgT
content-encoding
gzip
etag
W/"e0df7919fa5e82dca894ac73371effed"
age
243358
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
last-modified
Wed, 03 Nov 2021 16:57:23 GMT
server
AmazonS3
date
Wed, 10 Nov 2021 16:57:47 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
text/css
x-amz-cf-id
QszR7cgXZ_iLYLNgw-zIg0ECqswG393xjECTBrbnC0sx5uzt5C-s0g==
runtime.js
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
250a0280938365d9f83769f776b3834a605a6560ca3df785029ba97b6ddd5c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
UeZBtinKnsk_T4VKY2hzDHEAqDdhih89
content-encoding
gzip
etag
W/"5fe48064a68c5e51f208fb444eb5a84a"
age
243359
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
last-modified
Wed, 03 Nov 2021 16:57:15 GMT
server
AmazonS3
date
Wed, 10 Nov 2021 16:57:47 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
LVTCjJhMTGFGSUgWjY8GNrWxEoSoiyPVzPvXW7d-bJKl-yH0gE8Ulg==
polyfills.js
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/polyfills.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c04106baf1333a6d9411aff493577c67786b171cfa91501c8eb3e31405b3059

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
byq7CzsrLWMJkf6nw34a2fGsc.tcUSLx
content-encoding
gzip
etag
W/"d40fc0a76f5b7cbdbb3f7a15f1038a44"
age
243357
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
last-modified
Wed, 03 Nov 2021 16:57:42 GMT
server
AmazonS3
date
Wed, 10 Nov 2021 16:57:49 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
mpyh3ZYi2PM_oSZ-MYnudOhFjTpePq_BZqVAMUgeuHWlaaSUrVYluQ==
vendor.js
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		783 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/vendor.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d49b3070550d94e487ca7bb67ff0b7b7413fb13805385cf9ddb9b5fb32a97d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
2j_.vXoPyvwDDb4ynLwNmpn66fYCZZ6Z
content-encoding
gzip
etag
W/"83497fb39f19b4dfaaa958cf6d4558b1"
age
243360
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
last-modified
Wed, 03 Nov 2021 16:57:14 GMT
server
AmazonS3
date
Wed, 10 Nov 2021 16:57:46 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
S31_wmDXddklLVhVMAiSIHVb1OeL0aQcIrQu6DcrEFqL-oI-NkKKrQ==
main.js
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/main.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
167982fa128d47a62bd03befe22b8adb08f6d0a1590601b325d3d1a14f7c309d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
jN5hOIa64QLEbrAviNEOkXaPZMDkA9Ad
content-encoding
gzip
etag
W/"27781014aa851cefcddd28da172ef69d"
age
243360
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
last-modified
Wed, 03 Nov 2021 16:57:21 GMT
server
AmazonS3
date
Wed, 10 Nov 2021 16:57:46 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
OR5Ks82OXqAL7zM7vk5cvGgMhu2I1UZ_lUSOGH9i7YKvKOrfMLNKow==
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 610A 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=38077
expires
Sat, 13 Nov 2021 23:08:22 GMT
date
Sat, 13 Nov 2021 12:33:45 GMT
vary
Accept-Encoding
csync
sync.spotim.market/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=7652432736333484131
0
0
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=211945
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=f15a8c34-447d-11ec-89bf-14f0ef8b0406
0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=f15a8c34-447d-11ec-89bf-14f0ef8b0406
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Sat, 13 Nov 2021 12:33:45 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
57
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sat, 13 Nov 2021 12:33:45 GMT
Server
nginx
Location
/partner?source=211945&__user_check__=1&sync_id=f15a8c34-447d-11ec-89bf-14f0ef8b0406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
101
Connection
keep-alive
Content-Length
0
csync
sync.spotim.market/
Redirect Chain
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPf157655a-447d-11ec-8f6a-02b4e0b7a90e
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPf157655a-447d-11ec-8f6a-02b4e0b7a90e&verify=true
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-nBsut8FE2uHQCtbGE5dmYbdVxvLWfBcg~A~UPf157655a-447d-11ec-8f6a-02b4e0b7a90e
0
0
/
sync.spotim.market/csync/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=f15a8ddf-447d...
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=f15a8bf8-447d-11ec-89bf-14f0ef8b0406
0
0
710530.gif
di.rlcdn.com/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di.rlcdn.com/710530.gif
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
via
1.1 google
alt-svc
clear
content-length
0
settings
syndication.twitter.com/ Frame 9518 		232 B
447 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.newsweek.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time
107
date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
gzip
last-modified
Sat, 13 Nov 2021 12:33:45 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
329188783e22c2b82dcada5456612a863acdbb9a4db7107549d632158d0dbc18
content-length
166
defaultTheme.css
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
SRBN7EZifs4k4jHeuWovRjEVJuDKvXTo
content-encoding
gzip
etag
W/"ddb5e6d71b353c98624b1784c506f1ee"
age
243360
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
last-modified
Wed, 03 Nov 2021 16:57:29 GMT
server
AmazonS3
date
Wed, 10 Nov 2021 16:57:46 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
text/css
x-amz-cf-id
LQzsIAjMtry-NAQ4wDBrzwtp1Wh478Fs_z_x4pPjV_lHAGJ4kY8QJA==
article-1648966
api-2-0.spot.im/v1.0.0/config/ab_test/sp_vNTS7w0J/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_vNTS7w0J/article-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
date
Sat, 13 Nov 2021 12:33:45 GMT
article-1648966
api-2-0.spot.im/v1.0.0/config/ab_test/sp_vNTS7w0J/ 		108 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_vNTS7w0J/article-1648966
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
2dec0d4cc4bf29ce5d5e170ff7415ef8b71f1badbfc84b79b676d31794cc7c24

Request headers

Accept
application/json
Referer
https://www.newsweek.com/
x-spotim-page-view-id
696641cb-0958-4cfe-9528-2bd52ced2345
Accept-Language
de-DE,de;q=0.9
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
content-length
108
x-request-id
f17c4369-447d-11ec-a49b-3e58455a41ea
ec24cb303220fcfc94f8.svg
static-cdn.spot.im/production/launcher/tags/v2.64.0/launcher/ 		3 KB
978 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.spot.im/production/launcher/tags/v2.64.0/launcher/ec24cb303220fcfc94f8.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
q.y4QcensYwiCY2pqsmgrKIXg6BEPwTz
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 08:29:38 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C2
etag
W/"7ddd342672200944b8560f7774dbd89b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31622400
date
Sat, 13 Nov 2021 12:33:45 GMT
content-length
655
x-amz-cf-id
UpWv4ePQ5ozpLuEOqRd56BtZaVyyISMXTV8sjbFLPlgSbGu8lqvABQ==
expires
Mon, 14 Nov 2022 12:33:45 GMT
1.js
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		59 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/1.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a19209483cd31f0227408730c75f1f372ea1218f347a7fe97db8a480d16081e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
c2CjoMquWHxKbd9Io77kR9aVpVWnDc7a
content-encoding
gzip
etag
W/"691cd2dc367f8dac19dff3b597dcae50"
age
243359
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
last-modified
Wed, 03 Nov 2021 16:57:40 GMT
server
AmazonS3
date
Wed, 10 Nov 2021 16:57:47 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
i0htjED01Uyf1-0vC7MxsojbkYHcGTz7CMAUDBslSj3GDxtlXAMLwQ==
18.js
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/18.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd47e11f786a55e1999e5ad7ced555a79c2f1de7b39dac2d20a74d66c495b156

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
537E_kzte8ZEh.oCgbB2I8LFusFRRwqm
content-encoding
gzip
etag
W/"e20412686af89b1b72195fc74ade66b4"
age
243359
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
last-modified
Wed, 03 Nov 2021 16:57:10 GMT
server
AmazonS3
date
Wed, 10 Nov 2021 16:57:47 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
8c7Hbkk63d5HRA__0_lxEWGpHJThNJ4Q7VZuj8nBAS_nqhpj_WVHSw==
ad-choises.png
publisher-assets.spot.im/yad/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
gzip
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
4191
x-amz-cf-id
1mqybNJj7fdtM2ydpCzxMae06gly9sGFm5rBKblvDGyVkrLo4INw2w==
expires
Mon, 14 Nov 2022 12:33:45 GMT
collect
depart.trinitymedia.ai/api/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://depart.trinitymedia.ai/api/collect?t=audio
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.79.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-79-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Nov 2021 12:33:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
css2
fonts.googleapis.com/ Frame CA85 		2 KB
726 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
953f38645d8667c037f64cc00cc5f39b335719014a5c4b1d6317961c9f79cbae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 12:05:08 GMT
server
ESF
date
Sat, 13 Nov 2021 12:33:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Nov 2021 12:33:45 GMT
trinity-player.php
trinitymedia.ai/player/ Frame 5D59 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&unitId=2601060880&userId=10531018-3866-43aa-8db6-53be8c16dd4c&isLegacyBrowser=false&version=20211111_d96f0eed84759cbdd8529e33c898a8bf0d5003f2&useCFCDN=0&themeId=140
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.226.53.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-53-204.compute-1.amazonaws.com
Software
Apache /
Resource Hash
56163a085edb7b1777d2ffeb32b0be2b0ca68f487aae3146052f691c236f5be8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-type
text/html; charset=UTF-8
content-length
4086
server
Apache
vary
Accept-Encoding
content-encoding
gzip
access-control-allow-origin
*
partner
sync.search.spotxchange.com/ 		0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=211945
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Sat, 13 Nov 2021 12:33:45 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
66
Connection
keep-alive
Content-Length
0
710530.gif
di.rlcdn.com/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di.rlcdn.com/710530.gif
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
via
1.1 google
alt-svc
clear
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 610A 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=90648671&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cc3f6a45f20912b138b665ab775ff489de6fdb2f1773596b7bc05599e8dd5640

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 6FC1 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dc4abcd99f7976c1a0938575631974c55fa42bf76681e84ca56aeea3180966e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 11:55:11 GMT
content-encoding
br
last-modified
Sun, 20 Jun 2021 12:01:43 GMT
server
AmazonS3
age
2315
etag
W/"1f2e2e253216d7dc0988459b5390d3aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
E8tepMuZEI_lmCDKu37WY2.wC8UNRe39
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control
public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
CNwk7jcPFO_nwrNlIkvE-6Ef0Xmtopn6kxKtEruvN2btJpVO3nC9DA==
hb_270443_4020.js
player.spotim.market/prebidlink/454668/ Frame 6FC1 		399 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/454668/hb_270443_4020.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
58410c9fac9040eca4c9f578eac2bea0b9b568369e3ceb70c77f74b05cb2741a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 12:48:42 GMT
server
nginx/1.18.0
etag
W/"618e62aa-63a0c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 13 Nov 2021 13:33:45 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6FC1 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
017aa4f558f70fdc652bef9b0aba526204045ff2b4522fd983af3b4aa21fe7a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1042 / 557 of 1000 / last-modified: 1636758378"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26699
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 Nov 2021 12:33:45 GMT
wrapper_hb_270443_4020.js
player.spotim.market/prebidlink/454668/ Frame 6FC1 		955 B
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/454668/wrapper_hb_270443_4020.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e0f07a16dd57415ba9b70ac1e804ddca8cdab57b1f83d58975ad92fc032cd821

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 14:25:09 GMT
server
nginx/1.18.0
etag
W/"618e7945-3bb"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 13 Nov 2021 13:33:45 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame D230 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dc4abcd99f7976c1a0938575631974c55fa42bf76681e84ca56aeea3180966e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 11:55:11 GMT
content-encoding
br
last-modified
Sun, 20 Jun 2021 12:01:43 GMT
server
AmazonS3
age
2315
etag
W/"1f2e2e253216d7dc0988459b5390d3aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
E8tepMuZEI_lmCDKu37WY2.wC8UNRe39
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control
public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
vTbJ7t2rCbBgWYFuO98rPGHX4DR-cvpj9lKRsN2DZ0uIrDSFpdNitQ==
hb_270443_4020.js
player.spotim.market/prebidlink/454668/ Frame D230 		399 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/454668/hb_270443_4020.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
58410c9fac9040eca4c9f578eac2bea0b9b568369e3ceb70c77f74b05cb2741a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 12:48:42 GMT
server
nginx/1.18.0
etag
W/"618e62aa-63a0c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 13 Nov 2021 13:33:45 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D230 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
4743bde81c1c82725553cd6f972874b01c61cec6c54c85d320c05e0e5aed5177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1042 / 993 of 1000 / last-modified: 1636758328"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26742
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 Nov 2021 12:33:45 GMT
wrapper_hb_270443_4020.js
player.spotim.market/prebidlink/454668/ Frame D230 		955 B
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/454668/wrapper_hb_270443_4020.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e0f07a16dd57415ba9b70ac1e804ddca8cdab57b1f83d58975ad92fc032cd821

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 14:25:09 GMT
server
nginx/1.18.0
etag
W/"618e7945-3bb"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 13 Nov 2021 13:33:45 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
main-chunk.js
static-cdn.spot.im/production/ads/tags/v17.14.0-1-ie/ads/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v17.14.0-1-ie/ads/main-chunk.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
3f8a34538bbe9a958252846b40f70aa526eb00428dd94e0d0059d5fa38929748

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
4133
expires
Mon, 14 Nov 2022 12:33:45 GMT
48bf50ec-39d2-436d-8b85-013aae4bb387
https://www.newsweek.com/ 		0
0
48bf50ec-39d2-436d-8b85-013aae4bb387
https://www.newsweek.com/ 		0
0
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3376&u=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&pid=j4LRMsThxACY7&cb=1&ws=1600x1200&v=7.70.0&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-right2%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
ASKQ2JPDHSN50MH7GZVW
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
cnbqnJB6dw5Af_BbMumHrpym9UF-rM3cEKd6SAaAhJMQdYL6uxv0aA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3376&u=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&pid=j4LRMsThxACY7&cb=2&ws=1600x1200&v=7.70.0&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-right3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
JM8JNKVSGV6G14ERVEEF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
j-Fov9umx4-Kg64NWqZx5tU7iKacnR-e8ndZ-ZrFM4lIuDmy40Ypow==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3376&u=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&pid=j4LRMsThxACY7&cb=3&ws=1600x1200&v=7.70.0&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-right4%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
PDRTQBPKN4T9TRVKBC6D
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
Md-ISUq4ZDcHGjDLiJ7JT2yems2g6h5dQW21Kldjt4ityDTrtjMR7w==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3376&u=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&pid=j4LRMsThxACY7&cb=4&ws=1600x1200&v=7.70.0&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-sticky%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
EKBFHH2MP81AHGDGD2AK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
776mEFb3D3pLulPM04YzEjTbUijYJ5e1lIsYr229RvMS-3x0vvui0w==
horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 12:33:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:31:52 GMT
Server
ECS (frb/67A7)
Age
305868
Etag
"8e55b85bd8d8e443c9a80691ed34d775+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2438
authenticate
api-2-0.spot.im/v1.0.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-post-id,x-spot-id,x-spotim-device-uuid
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
date
Sat, 13 Nov 2021 12:33:45 GMT
vendor-bundle.js
static-cdn.spot.im/production/launcher/tags/v2.64.0/vendor/ 		283 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v2.64.0/vendor/vendor-bundle.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
ca41b626b0c40af7a0adedbf4119a770f01d932eb6681f5105a3aa3ff3966e17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
77122
expires
Mon, 14 Nov 2022 12:33:45 GMT
authenticate
api-2-0.spot.im/v1.0.0/ 		319 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
b4199385e38e1ef411e9dc7826935fd872a5f84b49089932493ae6b46747a001

Request headers

x-spot-id
sp_vNTS7w0J
x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
x-post-id
article-1648966
Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfeUl3cXp6S3FpU05FIiwiZGlzcGxheV9uYW1lIjoiUmVkQm90dGxlIiwidXNlcl9uYW1lIjoiUmVkQm90dGxlIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI1JlZC1Cb3R0bGUiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJyZXB1dGF0aW9uIjp7fSwic3BvdF9pZCI6InNwX3ZOVFM3dzBKIiwibGFzdF9jaGVjayI6MTYzNjgwNjgyNSwidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTIxMTExM1RXR1lXTi4xNjM3OGZhZGIxZjc2MTA5NzIxY2E2YjgyZGIyZWFhOGRhZGQ0NTEyYTE4ZmQ5NDkxYTZjZTIyOTgwZGZjNDE1IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX0pjWk4wanFNV0M1YmNqRFBKeTZOIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoibmV0X25ld3N3ZWVrIiwibmV0d29ya19uYW1lIjoibmV3c3dlZWsiLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE2NjUyMjg4MjUsInN1YiI6InVfeUl3cXp6S3FpU05FIn0.-1qUwslaRYJBpcNCGwzuDxGuA-LeKC5UOOMVRL_qk2w
content-length
319
x-spotim-token
01211113TWGYWN.16378fadb1f76109721ca6b82db2eaa8dadd4512a18fd9491a6ce22980dfc415
x-request-id
f1c47233-447d-11ec-b768-16b8ac29bd25
x-guid
2667b1fa-2e18-42f9-a581-6d2747813a27
server
fasthttp
x-spotim-networkid
net_newsweek
x-spotim-device-v2
d_JcZN0jqMWC5bcjDPJy6N
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
conversation-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.44.14/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.44.14/conversation-bundle.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
84142a73a37299b33f343e84b14e1803e7bd3f37445e694b3b7ed3d444c498bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
12498
expires
Mon, 14 Nov 2022 12:33:45 GMT
popular-in-the-community.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.26.9/ 		386 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.26.9/popular-in-the-community.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
41740d49b8d1af86946eba82010374d6d774f6b2332531e6c2b82eb70aba2827

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
85969
expires
Mon, 14 Nov 2022 12:33:45 GMT
spotlight.js
static-cdn.spot.im/production/spotlight/tags/v2.0.10/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/spotlight/tags/v2.0.10/spotlight.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
4dc82571bd8e2f29babe66f7eac465bef3e005d74e1956fc2175faa775d9f131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
2787
expires
Mon, 14 Nov 2022 12:33:45 GMT
sp_vNTS7w0J
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_vNTS7w0J
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
date
Sat, 13 Nov 2021 12:33:45 GMT
popular-in-the-community.css
static-cdn.spot.im/production/popular-in-the-community/tags/v2.26.9/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.26.9/popular-in-the-community.css
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
c4288ea598515bb42c621803902b970fa13ef30493867e8754f3732c56835b19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
1958
expires
Mon, 14 Nov 2022 12:33:45 GMT
analytics-pusher.js
static-cdn.spot.im/production/analytics-pusher/tags/v1.2.1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/analytics-pusher/tags/v1.2.1/analytics-pusher.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
a86fae43a94ac408aab297fba5dff884ac532d1a7ad7264d5243dbc92ba6a154

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
3785
expires
Mon, 14 Nov 2022 12:33:45 GMT
ab-test-changer.js
static-cdn.spot.im/production/ab-test-changer/tags/v1.1.2/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ab-test-changer/tags/v1.1.2/ab-test-changer.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
f695bd419cc1cc4959996d1441e57fb34dc4da7c4dd369d088fc9ed320069066

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
3038
expires
Mon, 14 Nov 2022 12:33:45 GMT
messages-count-bundle.js
static-cdn.spot.im/production/messages-count/tags/v1.0.0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/messages-count/tags/v1.0.0/messages-count-bundle.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
8961431d93a9024ccb6d08a572aef6c75500f5edcfdab57ed669a0c1da9a839c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
1036
expires
Mon, 14 Nov 2022 12:33:45 GMT
metric
metrics-logger.spot.im/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metrics-logger.spot.im/metric
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.223.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-223-65.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:45 GMT
content-length
0
sp_vNTS7w0J
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/ 		25 B
596 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_vNTS7w0J
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26

Request headers

Accept
application/json
Referer
https://www.newsweek.com/
x-spotim-page-view-id
696641cb-0958-4cfe-9528-2bd52ced2345
Accept-Language
de-DE,de;q=0.9
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsweek.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
content-length
25
x-request-id
f1c5782f-447d-11ec-9967-a28b752586dd
bloodyMary.css
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/bloodyMary.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d656a62d00379daf3bbc8d0f465cd1a4dd061289996f2e3b39d6f55abd21f8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
OF7fJv8PAQd.fJtHb4FaMiPuUtrtcxEN
content-encoding
gzip
etag
W/"5e36871e7832edc3fdbfedcb84619a9f"
age
243359
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
last-modified
Wed, 03 Nov 2021 16:57:42 GMT
server
AmazonS3
date
Wed, 10 Nov 2021 16:57:47 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
text/css
x-amz-cf-id
9YlhNlJEMTZMfNH-HW5lsG24OFXbAebpVDjaPQ20Jylpg2loKvAbtg==
17.js
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		123 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/17.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67b08c185967e7dbda1aecb9e42a11c61f24a20c0ccefe9ebfea250a4d67990c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 16:57:47 GMT
content-encoding
gzip
age
243359
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
last-modified
Wed, 03 Nov 2021 16:57:35 GMT
server
AmazonS3
etag
W/"ab5247f9ceb22da2bab708700b3ce763"
vary
Accept-Encoding
x-amz-version-id
Nzo752rSZ3N2JQ.VhnW83ULgjrUBYKz4
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
TRAagW1Kt5cpOHFQOsXDLqTxPA3PnPv6hPelSEM1Ww4f5lAwNu8QOg==
match
c1.adform.net/serving/cookie/ Frame 558D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=E8A3413E-B039-465D-BAAD-4DAC41B05914
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E8A3413E-B039-465D-BAAD-4DAC41B05914
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E8A3413E-B039-465D-BAAD-4DAC41B05914
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 13 Nov 2021 12:33:45 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sat, 13 Nov 2021 12:33:45 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E8A3413E-B039-465D-BAAD-4DAC41B05914
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 9509
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5023303151511653049
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5023303151511653049
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 13 Nov 2021 12:33:45 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug011:0:738
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5023303151511653049
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 1289 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Sat, 13 Nov 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
657650
Pug
simage2.pubmatic.com/AdServer/ Frame E5DB
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7030031783265892502
42 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7030031783265892502
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 13 Nov 2021 12:33:45 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug005:0:397
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sat, 13 Nov 2021 12:33:45 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7030031783265892502
Pug
simage2.pubmatic.com/AdServer/ Frame 285E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YY_wqQAEOa-dogBR&gdpr=0&gdpr_consent=&_test=YY_wqQAEOa-dogBR
1 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YY_wqQAEOa-dogBR&gdpr=0&gdpr_consent=&_test=YY_wqQAEOa-dogBR
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 13 Nov 2021 12:33:45 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug014:0:518
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YY_wqQAEOa-dogBR&gdpr=0&gdpr_consent=&_test=YY_wqQAEOa-dogBR
accept-ranges
bytes
date
Sat, 13 Nov 2021 12:33:46 GMT
via
1.1 varnish
x-served-by
cache-fra19147-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1636806826.020724,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame 9462
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGS2RrN0RIMkVBQUNtbEctN2M0dw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.53.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-53-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sat, 13 Nov 2021 12:33:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Sat, 13 Nov 2021 12:33:46 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
clear
Pug
simage2.pubmatic.com/AdServer/ Frame ACC4
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 13 Nov 2021 12:33:44 GMT
content-type
text/html; charset=utf-8
x-lat
amspug018:2:238
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Sat, 13 Nov 2021 12:33:45 GMT
server
_
dpe
ad4m.at/ad/ Frame 5058 		15 B
915 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ad807c5eae82bc6-FRA
bridge
cm.adgrx.com/ Frame 92A2 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.52.31.73 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
sjc-delivery-7.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Sat, 13 Nov 2021 12:33:46 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
sjc-delivery-7
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame BC24
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5148039591
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5148039591
  • https://sync.1rx.io/usersync/tradedesk/df68f151-ab4d-403f-9f99-5ef5e520a685
  • https://sync.targeting.unrulymedia.com/csync/RX-550987c7-3be2-4f4b-b182-16307aaa3443-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-550987c7-3be2-4f4b-b182-16307aaa3443-003
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-550987c7-3be2-4f4b-b182-16307aaa3443-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 13 Nov 2021 12:33:45 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug011:0:441
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sat, 13 Nov 2021 12:33:46 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-550987c7-3be2-4f4b-b182-16307aaa3443-003
etag
RX550987c73be24f4bb18216307aaa3443003
Pug
simage2.pubmatic.com/AdServer/ Frame CB3D
Redirect Chain
  • https://core.iprom.net/cookiesync
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=55814649584895
42 B
364 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=55814649584895
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 13 Nov 2021 12:33:44 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug015:0:504
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Vary
Accept-Encoding
X-adserver-worker
komodo-2a4d98f76273@version_1.345v4
Connection
close
X-server-arch
v2
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=55814649584895
Content-Type
text/html; charset=utf-8
Content-Length
277
X-core-time
0ms
Date
Sat, 13 Nov 2021 12:33:45 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DC99
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=XaiZl4WjbSGlhM0ClR0qXz2x
42 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=XaiZl4WjbSGlhM0ClR0qXz2x
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 13 Nov 2021 11:49:18 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0021:0:352
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sat, 13 Nov 2021 12:33:45 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=XaiZl4WjbSGlhM0ClR0qXz2x
strict-transport-security
max-age=0; includeSubDomains;
i.match
s.tribalfusion.com/z/ Frame C07B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ad807c72d8a6964-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
67
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ad807c5fa9d6964-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
141
match.deepintent.com/usersync/ Frame 1DC8 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Sat, 13 Nov 2021 12:33:45 GMT
server
b
csync
sync.spotim.market/ Frame E45A 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 610A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6KNBPrA5Rl26rU2sQbBZFA%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6KNBPrA5Rl26rU2sQbBZFA%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=38076
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sat, 13 Nov 2021 23:08:22 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 610A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=37b3618f-b0a9-4000-bde0-8190339c62d1
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=37b3618f-b0a9-4000-bde0-8190339c62d1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 13 Nov 2021 12:33:45 GMT
Server
MT3 4103 f8fad19 master zrh-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=37b3618f-b0a9-4000-bde0-8190339c62d1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 13 Nov 2021 12:33:44 GMT
/
pixel.onaudience.com/ Frame 610A
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=E8A3413E-B039-465D-BAAD-4DAC41B05914
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f4a03b1560606725037a1ef00fd5a29c
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=df68f151-ab4d-403f-9f99-5ef5e520a685&icm
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9211cc3ed059bf1acbbcb99efaca1297
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9211cc3ed059bf1acbbcb99efaca1297
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Server
51.79.83.225 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
pikafka-5.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Sat, 13 Nov 2021 12:33:47 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9211cc3ed059bf1acbbcb99efaca1297
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 610A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RThBMzQxM0UtQjAzOS00NjVELUJBQUQtNERBQzQxQjA1OTE0&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RThBMzQxM0UtQjAzOS00NjVELUJBQUQtNERBQzQxQjA1OTE0&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:414
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 610A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELsC0JqqipN6JlWTxLSOEhI&google_cver=1
42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELsC0JqqipN6JlWTxLSOEhI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:489
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELsC0JqqipN6JlWTxLSOEhI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 610A 		43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 12 Nov 2021 12:33:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 610A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d337618f-b0a9-4000-804c-2a0da40c5b92&gdpr=0&gdpr_consent=
42 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d337618f-b0a9-4000-804c-2a0da40c5b92&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:44 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:352
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 13 Nov 2021 12:33:45 GMT
Server
MT3 4103 f8fad19 master zrh-pixel-x2 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d337618f-b0a9-4000-804c-2a0da40c5b92&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 13 Nov 2021 12:33:44 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 610A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6227458662698629402
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6227458662698629402
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:539
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:45 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6227458662698629402
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 610A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=df68f151-ab4d-403f-9f99-5ef5e520a685
42 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=df68f151-ab4d-403f-9f99-5ef5e520a685
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:434
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=df68f151-ab4d-403f-9f99-5ef5e520a685
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 610A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7652432736333484131&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7652432736333484131&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:449
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:45 GMT
X-Proxy-Origin
91.199.118.72; 91.199.118.72; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
81db71f9-8d08-444e-b066-7a0c8798bf87
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7652432736333484131&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 610A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E8A3413E-B039-465D-BAAD-4DAC41B05914&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z65lbNlE2uUsXl18cPfPw5l17qhze6s-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z65lbNlE2uUsXl18cPfPw5l17qhze6s-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Z65lbNlE2uUsXl18cPfPw5l17qhze6s-~A&gdpr=0&gdpr_consent=
date
Sat, 13 Nov 2021 12:33:45 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
E8A3413E-B039-465D-BAAD-4DAC41B05914
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 610A 		43 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E8A3413E-B039-465D-BAAD-4DAC41B05914?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 610A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=p-11sfPsLLa87Xng8L9g46DvfuG85Hnvqb8RXAsY
42 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=p-11sfPsLLa87Xng8L9g46DvfuG85Hnvqb8RXAsY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:428
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=p-11sfPsLLa87Xng8L9g46DvfuG85Hnvqb8RXAsY
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 610A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=aedfd784-7c69-4ba6-a150-35f267800208&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_2daa2267-df23-45b9-8bcc-56333d1b2257&bsw_param=aedfd784-7c69-4ba6-a150-35f267800208&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=aedfd784-7c69-4ba6-a150-35f267800208&gdpr=&gdpr_consent=&gdpr_pd=
1 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=aedfd784-7c69-4ba6-a150-35f267800208&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:435
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=aedfd784-7c69-4ba6-a150-35f267800208&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 13 Nov 2021 12:33:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 610A 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E8A3413E-B039-465D-BAAD-4DAC41B05914&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:46 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 610A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3878890920847137775&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3878890920847137775&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:416
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3878890920847137775&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 13 Nov 2021 12:33:45 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 610A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:515
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:45 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 610A
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:8a041eef-95b8-41a7-8c43-4863e3b33ce0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:8a041eef-95b8-41a7-8c43-4863e3b33ce0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:470
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:8a041eef-95b8-41a7-8c43-4863e3b33ce0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 13 Nov 2021 12:33:46 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 610A
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7652432736333484131
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7652432736333484131
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:896
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:46 GMT
X-Proxy-Origin
91.199.118.72; 91.199.118.72; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f514fe46-a4d4-4c02-a570-bf21c9c90687
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7652432736333484131
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 610A 		35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-235.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:46 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
css
fonts.googleapis.com/ 		8 KB
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.26.9/popular-in-the-community.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21778a3a131fbbf7366d7f69a3a8d97df1f7c7a186268cf20962468daeed07ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-cdn.spot.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 12:06:21 GMT
server
ESF
date
Sat, 13 Nov 2021 12:33:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Nov 2021 12:33:45 GMT
forbes-484fef5e39bd1f12260ad07d5cc3499d.js
vd.trinitymedia.ai/trinity-player/buttons/ Frame 5D59 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vd.trinitymedia.ai/trinity-player/buttons/forbes-484fef5e39bd1f12260ad07d5cc3499d.js
Requested by
Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&unitId=2601060880&userId=10531018-3866-43aa-8db6-53be8c16dd4c&isLegacyBrowser=false&version=20211111_d96f0eed84759cbdd8529e33c898a8bf0d5003f2&useCFCDN=0&themeId=140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
AmazonS3 /
Resource Hash
8dac2b2835fbb8662ea0e40961db6a2619f842405b9b3e2863daead031cc7484

Request headers

Referer
https://trinitymedia.ai/
Origin
https://trinitymedia.ai
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 12:54:40 GMT
server
AmazonS3
x-amz-request-id
B9C067RNGWPRFC9C
etag
"77d48f6d229d98fe91739a229affd5b5"
x-hw
1636806825.dop025.ml1.t,1636806825.cds223.ml1.hn,1636806825.cds207.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=49391
accept-ranges
bytes
content-length
793
x-amz-id-2
y6kEuROZgCMa7ylqTm62jQouICXgz3Y/M9rIOkRvSIx4HohlqXg4ZM8MpjRvVsPmDrB2c9YIC9w=
trinity-player.js
vd.trinitymedia.ai/trinity-player/tts-player/20211111_d96f0eed84759cbdd8529e33c898a8bf0d5003f2/ Frame 5D59 		1 MB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vd.trinitymedia.ai/trinity-player/tts-player/20211111_d96f0eed84759cbdd8529e33c898a8bf0d5003f2/trinity-player.js
Requested by
Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&unitId=2601060880&userId=10531018-3866-43aa-8db6-53be8c16dd4c&isLegacyBrowser=false&version=20211111_d96f0eed84759cbdd8529e33c898a8bf0d5003f2&useCFCDN=0&themeId=140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
AmazonS3 /
Resource Hash
6b0e61208b6c7d8d00c555f2600fca6b806bec63dd35ee0344d523ba1dec999d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:45 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 16:18:22 GMT
server
AmazonS3
x-amz-request-id
1RAKX32QZYGXASGT
etag
"c203b9fd20338c828f3ece7c1b7171d1"
x-hw
1636806825.dop205.ml1.t,1636806825.cds224.ml1.hn,1636806825.cds018.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
184118
x-amz-id-2
lZBvZrPSKUPPbAl5cWiQTtPBM9gSCo3KD0J9UKTuP9W5viDxLdrvktvo2zuybLFTY6iR7SMbFaI=
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 6FC1 		219 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81b32228173740d4c383980b671afc90e386a45e14c5959f8379e49b3b6dd73c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:25:11 GMT
content-encoding
br
last-modified
Sat, 13 Nov 2021 11:37:45 GMT
server
AmazonS3
age
515
etag
W/"d8af50a7e3db3a18eb037025daa0ab28"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Ld_.O3xNRn20b890zBJEr946ZXG0pAHD
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA2-C2
content-type
text/javascript
x-amz-cf-id
MqNb9cETeRUoPiirmFHVGJ7k4Ho1rfidPFWFuw1d09Cd_6OAI4PL7g==
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame D230 		219 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81b32228173740d4c383980b671afc90e386a45e14c5959f8379e49b3b6dd73c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:25:11 GMT
content-encoding
br
last-modified
Sat, 13 Nov 2021 11:37:45 GMT
server
AmazonS3
age
515
etag
W/"d8af50a7e3db3a18eb037025daa0ab28"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Ld_.O3xNRn20b890zBJEr946ZXG0pAHD
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA2-C2
content-type
text/javascript
x-amz-cf-id
cDY_itza8aLUrVAnSkl5_vLpXRm5WrX0EULIRX3-TuiKNFdgOx4nGQ==
open-sans-latin-400-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-400-normal.woff2
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin
https://cmp-consent-tool.privacymanager.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
fN3xHdSbyOFYARUnS3mJ9dAAf51TGBqH
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
etag
"ff9d619b59f5cb3529b100448f398ac5"
age
243359
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
content-length
14440
last-modified
Wed, 03 Nov 2021 16:57:37 GMT
server
AmazonS3
date
Wed, 10 Nov 2021 16:57:47 GMT
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
HFovQeqHRFc5JmVszw-nOhN6ARFb3_LC7WFumoMWQAN6PgB2l99AMg==
wrapper_hb_270443_4020.es6.js
player.spotim.market/prebidlink/454668/ Frame 6FC1 		297 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/454668/wrapper_hb_270443_4020.es6.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
069201005cb27ac9084cff346dfe72d1a12ec3b431cf9c0b62c7b5c503db762e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 14:25:08 GMT
server
nginx/1.18.0
etag
W/"618e7944-4a460"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 13 Nov 2021 13:33:46 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
wrapper_hb_270443_4020.es6.js
player.spotim.market/prebidlink/454668/ Frame D230 		297 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/454668/wrapper_hb_270443_4020.es6.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
069201005cb27ac9084cff346dfe72d1a12ec3b431cf9c0b62c7b5c503db762e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 14:25:08 GMT
server
nginx/1.18.0
etag
W/"618e7944-4a460"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 13 Nov 2021 13:33:46 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:52:02 GMT
x-content-type-options
nosniff
age
81704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 13:52:02 GMT
pubads_impl_2021110901.js
securepubads.g.doubleclick.net/gpt/ Frame D230 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
118212
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 09:34:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 Nov 2021 12:33:46 GMT
pubads_impl_2021111001.js
securepubads.g.doubleclick.net/gpt/ Frame 6FC1 		342 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
117754
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 09:34:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 Nov 2021 12:33:46 GMT
article-1648966
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_vNTS7w0J/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_vNTS7w0J/article-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
date
Sat, 13 Nov 2021 12:33:46 GMT
pixels
pix.spot.im/api/v1/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_vNTS7w0J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-53.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
article-1648966
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_vNTS7w0J/ 		29 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_vNTS7w0J/article-1648966
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
a413824c1742577f86205bbf9affe15a3296667a9dfeee0e7e3d018a7b36729f

Request headers

x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
x-post-id
article-1648966
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_vNTS7w0J
x-spotim-page-view-id
696641cb-0958-4cfe-9528-2bd52ced2345
Referer
https://www.newsweek.com/

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
gzip
x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
access-control-max-age
86400
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfZ3ZpSW9xQWV3bmh5IiwiZGlzcGxheV9uYW1lIjoiQmx1ZUNvYXRoYW5nZXIiLCJ1c2VyX25hbWUiOiJCbHVlQ29hdGhhbmdlciIsInJlZ2lzdGVyZWQiOmZhbHNlLCJpbWFnZV9pZCI6IiNCbHVlLUNvYXRoYW5nZXIiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJyZXB1dGF0aW9uIjp7fSwic3BvdF9pZCI6InNwX3ZOVFM3dzBKIiwibGFzdF9jaGVjayI6MTYzNjgwNjgyNiwidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTIxMTExM0ZVT1lzei5mNWIxNWRkMDU5MjNiOTMxODMzYWY4ZGI5NTc1YjM0ODE2YTAzMzhkNDVlMDg4OGJhZDQyNjc1MTAxN2UwODdmIiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX1JxajJzZDRIUURoTXd1dGhHMXZsIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoibmV0X25ld3N3ZWVrIiwibmV0d29ya19uYW1lIjoibmV3c3dlZWsiLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE2NjUyMjg4MjYsInN1YiI6InVfZ3ZpSW9xQWV3bmh5In0.G5LE4ptzKy86RLFb-W-RRVlPFu4NdKK_0Aqt1zTO5nU
content-length
8317
x-spotim-token
01211113FUOYsz.f5b15dd05923b931833af8db9575b34816a0338d45e0888bad426751017e087f
x-request-id
f20377bc-447d-11ec-8d85-2238a828ac44
x-guid
2667b1fa-2e18-42f9-a581-6d2747813a27
server
fasthttp
x-spotim-networkid
net_newsweek
x-spotim-device-v2
d_Rqj2sd4HQDhMwuthG1vl
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/webp
player.js
player.aniview.com/script/6.1/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
2e6de84703323876264451abd8cc5efb3c186692e6ca8d0064b49cd1e4943360

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdup4ZbY1klQ0TciLUeSGcoDpP892k6sRVlRBbljWVFfK_QcxS5UmtNf36fVcJEHq4WVO5n1fibIl7L6IXMuXBk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9374
last-modified
Sun, 07 Nov 2021 12:59:43 GMT
server
UploadServer
etag
"4b0705df26ebc47142397a4543bd47ca"
vary
Accept-Encoding
x-goog-hash
crc32c=pKxqUg==, md5=SwcF3ybrxHFCOXpFQ71Hyg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1636289983403300
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9374
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 13 Nov 2021 12:38:46 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=61828478d7375b75c9123cf8&e=playerLoaded&cb=1636806825815&r=https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_fed-utils_-018d5b.js
static-cdn.spot.im/production/spotlight/tags/v2.0.10/ 		246 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/spotlight/tags/v2.0.10/vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_fed-utils_-018d5b.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
3e239468b064b2f80965cf9fb04ebfad8c892c9b559a86f9da1723b705ef1b8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
66184
expires
Mon, 14 Nov 2022 12:33:46 GMT
spotlight-boot.js
static-cdn.spot.im/production/spotlight/tags/v2.0.10/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/spotlight/tags/v2.0.10/spotlight-boot.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
2999d371b9a26f0b9586afa9b7f01395b6bfc8264da8bee02b8e001b33b806e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
5740
expires
Mon, 14 Nov 2022 12:33:46 GMT
0.js
static-cdn.spot.im/production/analytics-pusher/tags/v1.2.1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/analytics-pusher/tags/v1.2.1/0.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
b47e5237075b356e0f05ca40422cb2a28ddcc3a57e831c816b159f53f31d8d1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
2594
expires
Mon, 14 Nov 2022 12:33:46 GMT
styles-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.44.14/ 		38 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.44.14/styles-bundle.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
e06fc339d38567b64374e674ffc323b3716ed66dbc81388608f36fffe3e6fb3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
5667
expires
Mon, 14 Nov 2022 12:33:46 GMT
vendors-node_modules_spotim_content-entities_dist_index_js-node_modules_spotim_react-tracking-729c31-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.44.14/ 		290 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.44.14/vendors-node_modules_spotim_content-entities_dist_index_js-node_modules_spotim_react-tracking-729c31-bundle.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
42601741abf2ab05ec7cfff4ea5e183479d689e7f611dcc4c7f2a625cf7d8ff0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
71176
expires
Mon, 14 Nov 2022 12:33:46 GMT
vendors-node_modules_spotim_message_dist_index_js-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.44.14/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.44.14/vendors-node_modules_spotim_message_dist_index_js-bundle.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
4b988e62ec61489c76175d29a0349c313bd374cb5a9020e892db92c5964549f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
19806
expires
Mon, 14 Nov 2022 12:33:46 GMT
app_conversation_components_Main_tsx-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.44.14/ 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.44.14/app_conversation_components_Main_tsx-bundle.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
8ba249758db15548c8cd6bc042aff04deaefda56e7feab1781c3dcfcd2258e03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
33102
expires
Mon, 14 Nov 2022 12:33:46 GMT
preRender-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.44.14/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.44.14/preRender-bundle.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
5155b7bbe62d813abcdb182e907ea44f88451b8539fdc934e25365aaf3e7f536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
3527
expires
Mon, 14 Nov 2022 12:33:46 GMT
boot-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.44.14/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.44.14/boot-bundle.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
8605c3013493000cbca3c3826e22da03c8c1c64a5380bfa6682b3a41dc099b1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
10552
expires
Mon, 14 Nov 2022 12:33:46 GMT
styles.css
static-cdn.spot.im/production/spotlight/tags/v2.0.10/ 		78 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/spotlight/tags/v2.0.10/styles.css
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
ed0644373b45c3887aac91458f0eb0ce20ecf6af81415572406e3e62583b80f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
7821
expires
Mon, 14 Nov 2022 12:33:46 GMT
styles.css
static-cdn.spot.im/production/conversation/tags/v3.44.14/ 		843 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.44.14/styles.css
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
674a4590b8869ced7d06de23dd01dccd5d5bd62eff778c25f9b9a4fafad579a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
45748
expires
Mon, 14 Nov 2022 12:33:46 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=6016e744dd1cb968d906f916&e=playerLoaded&cb=1636806825964&r=https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/webp
manager-logo.png
gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/ Frame 5AC5 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/manager-logo.png?time=1597988436991
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4200:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
058a98c46e5b15ed2c067641fe8cc79cc167a3c1aa024247d3675135a70392a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 12 Nov 2021 17:12:13 GMT
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Fri, 21 Aug 2020 05:40:36 GMT
server
AmazonS3
age
69694
etag
"c0ece874cb8828b768781f22c83538d0"
x-cache
Hit from cloudfront
x-amz-version-id
2ie1Ur9NR5wMAjHZDgsckdhCF6rAqE5F
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/png
content-length
7360
x-amz-cf-id
n4euzeG3vnoZKYF2JYkeCXEOhkfozL1Vfa892H5GvYiG8_SPDeKUcg==
Tweet.html
platform.twitter.com/embed/ Frame 0F9D 		487 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1459450061696417792&lang=en&origin=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0&siteScreenName=newsweek&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
f29d04ee0f5958ea024817ae15ffbd3e6f15dfd6c741c1927a6d8c7b3fbd3e38

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
32
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Sat, 13 Nov 2021 12:33:46 GMT
Etag
"0d775af1199c0cba0c3ebd7b7695a614"
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
icon-chevron-left.svg
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		441 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmp-consent-tool.privacymanager.io/latest/icon-chevron-left.svg
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/bloodyMary.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/bloodyMary.css
Origin
https://cmp-consent-tool.privacymanager.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
wEbywDrZJOp4fy384WTclxyqa4C4YBTp
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
etag
"e2760515a843a0256b4b810489b5426b"
age
243361
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
content-length
441
last-modified
Wed, 03 Nov 2021 16:57:27 GMT
server
AmazonS3
date
Wed, 10 Nov 2021 16:57:46 GMT
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/svg+xml
x-amz-cf-id
IGj0WED6S8HAr4s-vXAwR7Tb1LluU1FltSh2KM2TTPAqjwckQe43cQ==
open-sans-latin-700-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-700-normal.woff2
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin
https://cmp-consent-tool.privacymanager.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
dYVjWSXWVB91MGwoVIK5bbP5cvOhHZUr
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
etag
"b596676fc00af9806c16a12e9a0350f8"
age
243361
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
content-length
15112
last-modified
Wed, 03 Nov 2021 16:57:17 GMT
server
AmazonS3
date
Wed, 10 Nov 2021 16:57:46 GMT
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
9vcginyglPdBGOQJG2yZlF7Iz0D1YxeXL9suU7BSyhX6qfZyW16XKA==
open-sans-latin-600-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame 5AC5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-600-normal.woff2
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin
https://cmp-consent-tool.privacymanager.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
pqIsD.3L24wRdgGZpn8zZtCZlG1O6rxZ
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
etag
"4334c2753ff9f057d9de926e66882c9e"
age
243361
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
d39f5f9e9076ee191ac82f9b75f694bc
content-length
14956
last-modified
Wed, 03 Nov 2021 16:57:13 GMT
server
AmazonS3
date
Wed, 10 Nov 2021 16:57:46 GMT
access-control-allow-methods
GET
x-amz-meta-codebuild-content-sha256
9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
2gV8WVxiUVnrtoYDCBkuJdPBNvPjLN-LsZ0mTA1gTIGbFoUfYCfEdg==
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame D230 		218 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a6a7f8f7f3378698e33d49b1204c360f32644c8f9ecb0e554845dd1c0c2f18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:25:13 GMT
content-encoding
br
last-modified
Sat, 13 Nov 2021 11:37:19 GMT
server
AmazonS3
age
514
etag
W/"e9f3731c5ef7b125e2bd06c8bf2e68e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
VSjgsFzk5pM16HUCZihaQym99_mpKCS6
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA2-C2
content-type
text/javascript
x-amz-cf-id
u1Nto2obsoDloXyIi-aj6Qk9tmYHBqcNnTgW97p_Zf0gZSRlTsxaSg==
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 6FC1 		218 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a6a7f8f7f3378698e33d49b1204c360f32644c8f9ecb0e554845dd1c0c2f18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:25:13 GMT
content-encoding
br
last-modified
Sat, 13 Nov 2021 11:37:19 GMT
server
AmazonS3
age
514
etag
W/"e9f3731c5ef7b125e2bd06c8bf2e68e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
VSjgsFzk5pM16HUCZihaQym99_mpKCS6
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA2-C2
content-type
text/javascript
x-amz-cf-id
MiwmWi3DUlTxgQy_ebhn2LbVIteJ4RP_JV_AMFllLTrJYu2u8WCPXQ==
css2
fonts.googleapis.com/ Frame 5D59 		2 KB
560 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211111_d96f0eed84759cbdd8529e33c898a8bf0d5003f2/trinity-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
953f38645d8667c037f64cc00cc5f39b335719014a5c4b1d6317961c9f79cbae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 11:18:37 GMT
server
ESF
date
Sat, 13 Nov 2021 12:33:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Nov 2021 12:33:46 GMT
collect
depart.trinitymedia.ai/api/ Frame 5D59 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://depart.trinitymedia.ai/api/collect?t=audio
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211111_d96f0eed84759cbdd8529e33c898a8bf0d5003f2/trinity-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.79.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-79-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://trinitymedia.ai/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Nov 2021 12:33:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
collect
depart.trinitymedia.ai/api/ Frame 5D59 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://depart.trinitymedia.ai/api/collect?t=audio
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211111_d96f0eed84759cbdd8529e33c898a8bf0d5003f2/trinity-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.79.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-79-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://trinitymedia.ai/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Nov 2021 12:33:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
sync.html
s.adtelligent.com/ Frame 014E 		1 KB
918 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=572165
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:476:0:ec4:7aff:fe7e:de5e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
f7f50ceea4dcad83eea61dff325d95f0b850b87d8624192f5a4e503dfef3ff3c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

Server
VertaMedia 1.0
Date
Sat, 13 Nov 2021 12:33:46 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
634
Access-Control-Allow-Origin
https://www.newsweek.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
sync.html
s.adtelligent.com/ Frame 4A0C 		1 KB
910 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=654586
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:476:0:ec4:7aff:fe7e:de5e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
934f132ea4578f772694fb00a088656a0d8f4e7a0bf7333a38459a1e35a90b89

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

Server
VertaMedia 1.0
Date
Sat, 13 Nov 2021 12:33:46 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
626
Access-Control-Allow-Origin
https://www.newsweek.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
/
hb.spotim.market/geo/ Frame D230 		0
0
tracking
hb.spotim.market/adunit/ Frame D230 		0
0
j.html
p.safeservingcdn.com/prebidlink/18944/ Frame 793F 		1 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.safeservingcdn.com/prebidlink/18944/j.html?i=11598
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 16 Sep 2020 14:50:15 GMT
etag
W/"5f622627-434"
cache-control
max-age=3600
content-encoding
gzip
expires
Sat, 13 Nov 2021 13:33:46 GMT
access-control-allow-origin
*
sync.html
s.adtelligent.com/ Frame CCDD 		1 KB
918 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=572165
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:476:0:ec4:7aff:fe7e:de5e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
f7f50ceea4dcad83eea61dff325d95f0b850b87d8624192f5a4e503dfef3ff3c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

Server
VertaMedia 1.0
Date
Sat, 13 Nov 2021 12:33:46 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
634
Access-Control-Allow-Origin
https://www.newsweek.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
sync.html
s.adtelligent.com/ Frame 4AC5 		1 KB
910 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=654586
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:476:0:ec4:7aff:fe7e:de5e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
934f132ea4578f772694fb00a088656a0d8f4e7a0bf7333a38459a1e35a90b89

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

Server
VertaMedia 1.0
Date
Sat, 13 Nov 2021 12:33:46 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
626
Access-Control-Allow-Origin
https://www.newsweek.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
/
hb.spotim.market/geo/ Frame 6FC1 		0
0
tracking
hb.spotim.market/adunit/ Frame 6FC1 		0
0
j.html
p.getadcdn.com/prebidlink/18944/ Frame DCDA 		1 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.getadcdn.com/prebidlink/18944/j.html?i=11601
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 16 Sep 2020 14:50:15 GMT
etag
W/"5f622627-434"
cache-control
max-age=3600
content-encoding
gzip
expires
Sat, 13 Nov 2021 13:33:46 GMT
access-control-allow-origin
*
metric
metrics-logger.spot.im/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metrics-logger.spot.im/metric
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.223.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-223-65.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:46 GMT
content-length
0
embed.runtime.5b28e1eb2ce7e3cfb96b.js
platform.twitter.com/embed/ Frame 0F9D 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1459450061696417792&lang=en&origin=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0&siteScreenName=newsweek&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
1e19cd0114d128362c000a6cc35cd95bc20b8bfd78a637f3cc90a66b86319eca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1459450061696417792&lang=en&origin=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0&siteScreenName=newsweek&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 12:33:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/669E)
Age
305868
Etag
"476ababff9c8feb955f7f5de12354111+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3522
embed.modules.66e311263622456867b1.js
platform.twitter.com/embed/ Frame 0F9D 		519 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1459450061696417792&lang=en&origin=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0&siteScreenName=newsweek&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) /
Resource Hash
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1459450061696417792&lang=en&origin=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0&siteScreenName=newsweek&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 12:33:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/67E0)
Age
305868
Etag
"d2a7d4d81994376470f2560f453ad37b+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
166772
embed.i18n.c052951fae9a0c2b4020.js
platform.twitter.com/embed/ Frame 0F9D 		146 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.c052951fae9a0c2b4020.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1459450061696417792&lang=en&origin=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0&siteScreenName=newsweek&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1459450061696417792&lang=en&origin=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0&siteScreenName=newsweek&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 12:33:46 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/6738)
Age
305869
Etag
"ae3db27722181e85d0a069a920b4ed89"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.49c57014066d30bb9bc6.js
platform.twitter.com/embed/ Frame 0F9D 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.49c57014066d30bb9bc6.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1459450061696417792&lang=en&origin=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0&siteScreenName=newsweek&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
fb603fb9eb626a56cef3f9d4f148dc6b6501d7408b5a35f475459e9099234be9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1459450061696417792&lang=en&origin=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0&siteScreenName=newsweek&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 12:33:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/668D)
Age
305869
Etag
"86e18509fea9178472462b9eb6b8ff68+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5739
config.json
player.adtelligent.com/exchange_rates/279896/ Frame D230 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.newsweek.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/454668/hb_270443_4020.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
94836ee52d2c5c54de49ccb8cc02c9d9c86d9b1a3e59689b2a61ed925f8131ea

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
gzip
last-modified
Sat, 13 Nov 2021 12:01:07 GMT
server
nginx/1.18.0
etag
W/"618fa903-830"
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
expires
Sat, 13 Nov 2021 13:33:46 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
config.json
player.adtelligent.com/exchange_rates/279896/ Frame 6FC1 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.newsweek.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/454668/hb_270443_4020.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
94836ee52d2c5c54de49ccb8cc02c9d9c86d9b1a3e59689b2a61ed925f8131ea

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
gzip
last-modified
Sat, 13 Nov 2021 12:01:07 GMT
server
nginx/1.18.0
etag
W/"618fa903-830"
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
expires
Sat, 13 Nov 2021 13:33:46 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
AVmanager.js
player.aniview.com/script/6.1/ Frame 5141 		363 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
40c03692521e713a479574cbbb0a40efe24e9ab0891e4c4541d90ada1f00241b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtCAP1TXfOAVNjclmKRl8ICUVOJUjUVt8gjsxIZVE4rvmOl0bl-gGB4quL84qp_jQiw-fKOQUKTrKs6FwlQuQvXgfdwSQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
103927
last-modified
Sun, 07 Nov 2021 12:58:51 GMT
server
UploadServer
etag
"ead6fc13b8318d0aa9c7318a2a0e7611"
vary
Accept-Encoding
x-goog-hash
crc32c=HbphvQ==, md5=6tb8E7gxjQqpxzGKKg52EQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1636289931652949
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
103927
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 13 Nov 2021 12:38:46 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 40C7 		363 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
40c03692521e713a479574cbbb0a40efe24e9ab0891e4c4541d90ada1f00241b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtCAP1TXfOAVNjclmKRl8ICUVOJUjUVt8gjsxIZVE4rvmOl0bl-gGB4quL84qp_jQiw-fKOQUKTrKs6FwlQuQvXgfdwSQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
103927
last-modified
Sun, 07 Nov 2021 12:58:51 GMT
server
UploadServer
etag
"ead6fc13b8318d0aa9c7318a2a0e7611"
vary
Accept-Encoding
x-goog-hash
crc32c=HbphvQ==, md5=6tb8E7gxjQqpxzGKKg52EQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1636289931652949
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
103927
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 13 Nov 2021 12:38:46 GMT
conversation_header
api-2-0.spot.im/v1.0.0/widget/spot/sp_vNTS7w0J/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/widget/spot/sp_vNTS7w0J/conversation_header
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
date
Sat, 13 Nov 2021 12:33:46 GMT
src_components_Title_index_tsx.js
static-cdn.spot.im/production/spotlight/tags/v2.0.10/ 		386 B
404 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/spotlight/tags/v2.0.10/src_components_Title_index_tsx.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
325c12c0b93d44d2d741a4f516f478e8160151c3d5adcdf6fdd9af7d594f1ca0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
236
expires
Mon, 14 Nov 2022 12:33:46 GMT
conversation_header
api-2-0.spot.im/v1.0.0/widget/spot/sp_vNTS7w0J/ 		81 B
805 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/widget/spot/sp_vNTS7w0J/conversation_header
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
f824a26c7f61a78c7a831152c65e7e3f84805603113dfc5c6b5ab60c19c18c76

Request headers

x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
x-post-id
default
Accept-Language
de-DE,de;q=0.9
x-spotim-device-v2
d_Rqj2sd4HQDhMwuthG1vl
Content-Type
application/json
Accept
application/json
x-spot-id
sp_vNTS7w0J
x-spotim-page-view-id
696641cb-0958-4cfe-9528-2bd52ced2345
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Referer
https://www.newsweek.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfeUl3cXp6S3FpU05FIiwiZGlzcGxheV9uYW1lIjoiUmVkQm90dGxlIiwidXNlcl9uYW1lIjoiUmVkQm90dGxlIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI1JlZC1Cb3R0bGUiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJyZXB1dGF0aW9uIjp7fSwic3BvdF9pZCI6InNwX3ZOVFM3dzBKIiwibGFzdF9jaGVjayI6MTYzNjgwNjgyNSwidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTIxMTExM1RXR1lXTi4xNjM3OGZhZGIxZjc2MTA5NzIxY2E2YjgyZGIyZWFhOGRhZGQ0NTEyYTE4ZmQ5NDkxYTZjZTIyOTgwZGZjNDE1IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX0pjWk4wanFNV0M1YmNqRFBKeTZOIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoibmV0X25ld3N3ZWVrIiwibmV0d29ya19uYW1lIjoibmV3c3dlZWsiLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE2NjUyMjg4MjUsInN1YiI6InVfeUl3cXp6S3FpU05FIn0.-1qUwslaRYJBpcNCGwzuDxGuA-LeKC5UOOMVRL_qk2w

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
x-guid
2667b1fa-2e18-42f9-a581-6d2747813a27
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
Application/json
access-control-allow-origin
https://www.newsweek.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
content-length
81
x-request-id
f26bc755-447d-11ec-b31f-d25313f03cd6
metric
metrics-logger.spot.im/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metrics-logger.spot.im/metric
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.223.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-223-65.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:46 GMT
content-length
0
pbm_307825_11598.js
p.safeservingcdn.com/prebidlink/18944/ Frame 793F 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.safeservingcdn.com/prebidlink/18944/pbm_307825_11598.js
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/18944/j.html?i=11598
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
5ca45975608533f61111071d56e2e6b1ca951a252d12307f78af38886a7c4220

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/prebidlink/18944/j.html?i=11598
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 15:07:43 GMT
server
nginx
etag
W/"618e833f-6e7c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sat, 13 Nov 2021 13:33:46 GMT
pbm_307825_11601.js
p.getadcdn.com/prebidlink/18944/ Frame DCDA 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.getadcdn.com/prebidlink/18944/pbm_307825_11601.js
Requested by
Host: p.getadcdn.com
URL: https://p.getadcdn.com/prebidlink/18944/j.html?i=11601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b4b39ca5355ac1188ff4b7173a58a6698db34cb297a79f8f3404ede010c58d3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.getadcdn.com/prebidlink/18944/j.html?i=11601
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:46 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 15:07:43 GMT
server
nginx
etag
W/"618e833f-6e76"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sat, 13 Nov 2021 13:33:46 GMT
collect
depart.trinitymedia.ai/api/ Frame 5D59 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://depart.trinitymedia.ai/api/collect?t=audio
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211111_d96f0eed84759cbdd8529e33c898a8bf0d5003f2/trinity-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.79.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-79-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://trinitymedia.ai/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Nov 2021 12:33:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.newsweek.com&sn=&cd1=sp_vNTS7w0J&cd2=Desktop&cd3=conversation_header_siderail&cd4=696641cb-0958-4cfe-9528-2bd52ced2345&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&cd7=row1-column1&ic=0&tgt=0&app=&wi=310&he=253&test=&d36=6.1.2.85&apppkg=&fv=3&proto=https&pid=5e0e296628a061270b21ccab&cid=6016e744dd1cb968d906f916&stagid=&stplid=&e=inventory&vi=0&cb=1636806826568
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.newsweek.com&sn=&cd1=sp_vNTS7w0J&cd2=Desktop&cd3=pitc&cd4=696641cb-0958-4cfe-9528-2bd52ced2345&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&cd7=row1-column1&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.1.2.85&apppkg=&fv=3&proto=https&pid=5e0e296628a061270b21ccab&cid=61828478d7375b75c9123cf8&stagid=&stplid=&e=inventory&vi=0&cb=1636806826596
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
platform.twitter.com/embed/ Frame 0F9D 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1459450061696417792&lang=en&origin=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0&siteScreenName=newsweek&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 12:33:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/6725)
Age
305870
Etag
"243d823d043564092099acd4323c5b02+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
9316
embed.ondemand.i18n.en-js.f16741b6fb21a128fd90.js
platform.twitter.com/embed/ Frame 0F9D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.f16741b6fb21a128fd90.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
bab164d85e467a11e91cec9a64238e29bc0e5b0d6d8c107ebe2a4f19a7e99ac3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1459450061696417792&lang=en&origin=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0&siteScreenName=newsweek&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 12:33:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/67DF)
Age
305868
Etag
"9f3c8a5e2dd560ec891c95f951f5617c+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
1766
/
go1.aniview.com/api/adserver/tag/ 		72 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_vNTS7w0J&AV_CDIM2=Desktop&AV_CDIM3=conversation_header_siderail&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&AV_CDIM4=696641cb-0958-4cfe-9528-2bd52ced2345&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_CDIM7=row1-column1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6016e744dd1cb968d906f916&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.newsweek.com&AV_DADPOS=3&d36=6.1.2.85&sver=1&avtoken=826567&AV_WIDTH=310&AV_HEIGHT=253&AV_DNT=0&cb=1636806826683
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.44.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-44-20.compute-1.amazonaws.com
Software
/
Resource Hash
7d58d26c2f2e3df3af60c9f42d614d56cce81b84e956347a167242dbf645edf8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 01 Nov 2021 22:47:07 GMT
/
go1.aniview.com/api/adserver/tag/ 		74 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_vNTS7w0J&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&AV_CDIM4=696641cb-0958-4cfe-9528-2bd52ced2345&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_CDIM7=row1-column1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=61828478d7375b75c9123cf8&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.newsweek.com&AV_DADPOS=3&AV_PLACEMENT=1&d36=6.1.2.85&sver=1&avtoken=826595&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=1636806826757
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.44.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-44-20.compute-1.amazonaws.com
Software
/
Resource Hash
a357a10d4e6778d96c6b21831b6a7b7340234fe074f43a1ed4c1419983f0a825

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 01 Nov 2021 22:47:07 GMT
pixels
pix.spot.im/api/v1/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_vNTS7w0J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-53.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ 		59 B
458 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
c923bebc2c4f932a1f26f7d1bfa199c71b4c463401139e8d413bd8960665c9ea

Request headers

x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
x-post-id
article-1648966
Accept-Language
de-DE,de;q=0.9
x-spotim-device-v2
d_Rqj2sd4HQDhMwuthG1vl
Content-Type
application/json
Accept
application/json
x-spot-id
sp_vNTS7w0J
x-spotim-page-view-id
696641cb-0958-4cfe-9528-2bd52ced2345
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Referer
https://www.newsweek.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfeUl3cXp6S3FpU05FIiwiZGlzcGxheV9uYW1lIjoiUmVkQm90dGxlIiwidXNlcl9uYW1lIjoiUmVkQm90dGxlIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI1JlZC1Cb3R0bGUiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJyZXB1dGF0aW9uIjp7fSwic3BvdF9pZCI6InNwX3ZOVFM3dzBKIiwibGFzdF9jaGVjayI6MTYzNjgwNjgyNSwidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTIxMTExM1RXR1lXTi4xNjM3OGZhZGIxZjc2MTA5NzIxY2E2YjgyZGIyZWFhOGRhZGQ0NTEyYTE4ZmQ5NDkxYTZjZTIyOTgwZGZjNDE1IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX0pjWk4wanFNV0M1YmNqRFBKeTZOIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoibmV0X25ld3N3ZWVrIiwibmV0d29ya19uYW1lIjoibmV3c3dlZWsiLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE2NjUyMjg4MjUsInN1YiI6InVfeUl3cXp6S3FpU05FIn0.-1qUwslaRYJBpcNCGwzuDxGuA-LeKC5UOOMVRL_qk2w

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
x-guid
2667b1fa-2e18-42f9-a581-6d2747813a27
server
fasthttp
x-spotim-device-v2
d_JcZN0jqMWC5bcjDPJy6N
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
x-spotim-networkid
net_newsweek
content-length
59
x-spotim-token
01211113TWGYWN.16378fadb1f76109721ca6b82db2eaa8dadd4512a18fd9491a6ce22980dfc415
x-request-id
f29623b3-447d-11ec-a1d9-e25e2456efa1
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
date
Sat, 13 Nov 2021 12:33:47 GMT
tracking
ghb.adtelligent.com/adunit/ Frame 793F 		43 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?pubbid=0&event=11&full_page_url=https%3A%2F%2Fwww.newsweek.com&adid=1692c13c56b2b&vpbv=M055&client_id=307825&site_id=11598&lifecycle_tte=507
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/18944/pbm_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.safeservingcdn.com
Date
Sat, 13 Nov 2021 12:33:47 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
/
ghb.adtelligent.com/geo/ Frame 793F 		133 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/18944/pbm_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
de8136fc9494cfa72d1b998dc1b50384d8544609650b479734b26f9beafbaaed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.safeservingcdn.com
Date
Sat, 13 Nov 2021 12:33:47 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
133
Content-Type
application/json
tracking
ghb.adtelligent.com/adunit/ Frame DCDA 		43 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?pubbid=0&event=11&full_page_url=https%3A%2F%2Fwww.newsweek.com&adid=1c63b747d29624&vpbv=M055&client_id=307825&site_id=11601&lifecycle_tte=503
Requested by
Host: p.getadcdn.com
URL: https://p.getadcdn.com/prebidlink/18944/pbm_307825_11601.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.getadcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.getadcdn.com
Date
Sat, 13 Nov 2021 12:33:47 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
/
ghb.adtelligent.com/geo/ Frame DCDA 		133 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.getadcdn.com
URL: https://p.getadcdn.com/prebidlink/18944/pbm_307825_11601.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.58.175.20 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
de8136fc9494cfa72d1b998dc1b50384d8544609650b479734b26f9beafbaaed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.getadcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.getadcdn.com
Date
Sat, 13 Nov 2021 12:33:47 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
133
Content-Type
application/json
read
api-2-0.spot.im/v1.0.0/conversation/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/read
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
date
Sat, 13 Nov 2021 12:33:47 GMT
async
api-2-0.spot.im/v1.0.0/conversation/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/async
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
date
Sat, 13 Nov 2021 12:33:47 GMT
read
api-2-0.spot.im/v1.0.0/conversation/ 		731 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/read
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
16ca60073befb1da5df5c00892f6d2f68dad90be6738036064559dc51bce01c3

Request headers

x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
x-post-id
article-1648966
Accept-Language
de-DE,de;q=0.9
x-spotim-device-v2
d_Rqj2sd4HQDhMwuthG1vl
Content-Type
application/json
Accept
application/json
x-spot-id
sp_vNTS7w0J
x-spotim-page-view-id
696641cb-0958-4cfe-9528-2bd52ced2345
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Referer
https://www.newsweek.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfeUl3cXp6S3FpU05FIiwiZGlzcGxheV9uYW1lIjoiUmVkQm90dGxlIiwidXNlcl9uYW1lIjoiUmVkQm90dGxlIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI1JlZC1Cb3R0bGUiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJyZXB1dGF0aW9uIjp7fSwic3BvdF9pZCI6InNwX3ZOVFM3dzBKIiwibGFzdF9jaGVjayI6MTYzNjgwNjgyNSwidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTIxMTExM1RXR1lXTi4xNjM3OGZhZGIxZjc2MTA5NzIxY2E2YjgyZGIyZWFhOGRhZGQ0NTEyYTE4ZmQ5NDkxYTZjZTIyOTgwZGZjNDE1IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX0pjWk4wanFNV0M1YmNqRFBKeTZOIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoibmV0X25ld3N3ZWVrIiwibmV0d29ya19uYW1lIjoibmV3c3dlZWsiLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE2NjUyMjg4MjUsInN1YiI6InVfeUl3cXp6S3FpU05FIn0.-1qUwslaRYJBpcNCGwzuDxGuA-LeKC5UOOMVRL_qk2w

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
content-encoding
gzip
x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
access-control-max-age
86400
x-spotim-networkid
net_newsweek
content-length
387
x-spotim-token
01211113TWGYWN.16378fadb1f76109721ca6b82db2eaa8dadd4512a18fd9491a6ce22980dfc415
x-request-id
f2abdc68-447d-11ec-a1d9-e25e2456efa1
x-guid
2667b1fa-2e18-42f9-a581-6d2747813a27
server
fasthttp
x-spotim-device-v2
d_JcZN0jqMWC5bcjDPJy6N
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
async
api-2-0.spot.im/v1.0.0/conversation/ 		3 B
853 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/async
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
x-post-id
article-1648966
Accept-Language
de-DE,de;q=0.9
x-spotim-device-v2
d_Rqj2sd4HQDhMwuthG1vl
Content-Type
application/json
Accept
application/json
x-spot-id
sp_vNTS7w0J
x-spotim-page-view-id
696641cb-0958-4cfe-9528-2bd52ced2345
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Referer
https://www.newsweek.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfeUl3cXp6S3FpU05FIiwiZGlzcGxheV9uYW1lIjoiUmVkQm90dGxlIiwidXNlcl9uYW1lIjoiUmVkQm90dGxlIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI1JlZC1Cb3R0bGUiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJyZXB1dGF0aW9uIjp7fSwic3BvdF9pZCI6InNwX3ZOVFM3dzBKIiwibGFzdF9jaGVjayI6MTYzNjgwNjgyNSwidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTIxMTExM1RXR1lXTi4xNjM3OGZhZGIxZjc2MTA5NzIxY2E2YjgyZGIyZWFhOGRhZGQ0NTEyYTE4ZmQ5NDkxYTZjZTIyOTgwZGZjNDE1IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX0pjWk4wanFNV0M1YmNqRFBKeTZOIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoibmV0X25ld3N3ZWVrIiwibmV0d29ya19uYW1lIjoibmV3c3dlZWsiLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE2NjUyMjg4MjUsInN1YiI6InVfeUl3cXp6S3FpU05FIn0.-1qUwslaRYJBpcNCGwzuDxGuA-LeKC5UOOMVRL_qk2w

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
x-spotim-networkid
net_newsweek
content-length
3
x-spotim-token
01211113TWGYWN.16378fadb1f76109721ca6b82db2eaa8dadd4512a18fd9491a6ce22980dfc415
x-request-id
f2ad88e4-447d-11ec-a49b-3e58455a41ea
x-guid
2667b1fa-2e18-42f9-a581-6d2747813a27
server
fasthttp
x-spotim-device-v2
d_JcZN0jqMWC5bcjDPJy6N
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
css
fonts.googleapis.com/ 		8 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&display=swap
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b3608c1e25f786e7fa295bde2152b045f2d08ae42ae1499b5a3f1e9839c0381d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 12:22:36 GMT
server
ESF
date
Sat, 13 Nov 2021 12:33:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Nov 2021 12:33:47 GMT
ad-container-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.44.14/ 		691 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.44.14/ad-container-bundle.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
abc6afbabc154a546a8e41368dcc5d9cc0047f7349218961be8204ab23a1a874

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
401
expires
Mon, 14 Nov 2022 12:33:47 GMT
openweb-symbol.svg
static-cdn.spot.im/production/icons/custom/ 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/custom/openweb-symbol.svg
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a79015554b61637f26c57bf9d96b036476986c06e4ea69722bbfc1abdb9ea63f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
I5JtxjcAuaO736rVDDLy._kp7fsVzofW
content-encoding
gzip
last-modified
Tue, 02 Jun 2020 09:10:44 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
date
Sat, 13 Nov 2021 12:33:47 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
2358
x-amz-cf-id
BLONT5m2OpZHyJHzgYAbzUl5Lw3WN-O3uOCW29IArpJClWenfZjtjQ==
expires
Mon, 14 Nov 2022 12:33:47 GMT
openweb-text.svg
static-cdn.spot.im/production/icons/custom/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/custom/openweb-text.svg
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68fb30cc89ecba117cf0a8c36d1715f779236fb616d5e2f6a8c6eaa1ee6cf3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
.xgSzMEc_tYaHlmH7BsrVn9Z_oGdBh1t
content-encoding
gzip
last-modified
Tue, 02 Jun 2020 08:50:43 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
date
Sat, 13 Nov 2021 12:33:47 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
1804
x-amz-cf-id
xcVO1ig4Hgd3tw7Uahi69otjlZR00T_UMaD0kRQawN10v6XpXbi6fg==
expires
Mon, 14 Nov 2022 12:33:47 GMT
metric
metrics-logger.spot.im/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metrics-logger.spot.im/metric
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.223.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-223-65.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:47 GMT
content-length
0
register2.php
synchrobox.adswizz.com/ Frame 5D59 		589 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211111_d96f0eed84759cbdd8529e33c898a8bf0d5003f2/trinity-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.238.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-238-12.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d30195845ddfb57ef40a6030a04efbb6dce498de3f5b3edd55d6954ddb90a920

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
content-type
text/javascript
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
idsync.js
playerservices.live.streamtheworld.com/api/ Frame 5D59
Redirect Chain
  • https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=172423
  • https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=172423&bounce=true
905 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=172423&bounce=true
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Server
208.92.55.233 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
8094694b3b51e98a5e38b919288c8952a4bdfff35966b53b9c5c3a37ee98dbef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
x-stw-ps
ash-strc-docker02_8082
x-stw-site
ASH
p3p
policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-language
de-DE
access-control-allow-origin
*
connection
close
content-type
application/javascript; charset=ISO-8859-1

Redirect headers

date
Sat, 13 Nov 2021 12:33:47 GMT
x-stw-ps
ash-strc-docker03_8082
x-stw-site
ASH
p3p
policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=172423&bounce=true
content-language
de-DE
access-control-allow-origin
*
connection
close
content-type
application/javascript; charset=ISO-8859-1
1ea6524534b11ab8606d90b67ed68819
images.spot.im/q_70,dpr_3,f_png,fl_lossy,fl_png8/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.spot.im/q_70,dpr_3,f_png,fl_lossy,fl_png8/1ea6524534b11ab8606d90b67ed68819
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
d0b91cfabaf7ba140533e3b22fd06288a149501e26daa1a4811ebf0c4874c984
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
x-content-type-options
nosniff
server-timing
akam;dur=262;cpu=45;start=2021-08-03T06:49:37.144Z;desc=miss,rtt;dur=0,cloudinary;dur=214;start=2021-08-03T06:49:37.184Z,cld-id;desc=a3292d299d74c993c76d39d1dde0bbbb
content-length
3501
etag
"5b4219014833f07eeac14e081511e390"
x-request-id
a3292d299d74c993c76d39d1dde0bbbb
last-modified
Tue, 03 Aug 2021 06:49:38 GMT
server
Cloudinary
date
Sat, 13 Nov 2021 12:33:47 GMT
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Nov 2022 12:33:47 GMT
csync
sync.adtelligent.com/ Frame CCDD
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
0
0
csync
sync.adtelligent.com/ Frame 014E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
0
0
cookiesyncredir
bttrack.com/pixel/ Frame 4A0C 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D450189%26extuid%3D%7Bglobalid%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=654586
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:45 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
cookiesyncredir
bttrack.com/pixel/ Frame 4AC5 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D450189%26extuid%3D%7Bglobalid%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=654586
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:45 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
comment.svg
static-cdn.spot.im/production/icons/font-awesome/v5.15.2/regular/ 		655 B
768 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/font-awesome/v5.15.2/regular/comment.svg
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b47d953a354f4b5c05ba19a91bd4b631aa6c5f530cab2e6807070ab67d189ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
CdJVF6SeF2iQoS8509zoHBn9CydXrgAG
content-encoding
gzip
etag
"bd0860b936455b53618fc3754da6bb59"
x-amz-cf-pop
JFK51-C1
content-length
411
last-modified
Sun, 21 Feb 2021 12:50:52 GMT
server
AmazonS3
date
Sat, 13 Nov 2021 12:33:47 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
x-amz-cf-id
T4CXcgmHw_0sktDcwWfGaUuxaSXThBi7R1KdOJHNXdWlsrW1yFdPIA==
expires
Mon, 14 Nov 2022 12:33:47 GMT
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
platform.twitter.com/embed/ Frame 0F9D 		383 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) /
Resource Hash
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1459450061696417792&lang=en&origin=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0&siteScreenName=newsweek&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 12:33:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/67A8)
Age
305870
Etag
"28a37f9b17808aa66f17b1c227be059e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
96013
embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
platform.twitter.com/embed/ Frame 0F9D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1459450061696417792&lang=en&origin=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0&siteScreenName=newsweek&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 12:33:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/6711)
Age
305870
Etag
"c247e426d2ec154064a87aaff54defce+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5857
embed.ondemand.Tweet.491eda648dcd5ba41f52.js
platform.twitter.com/embed/ Frame 0F9D 		66 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.491eda648dcd5ba41f52.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
ad08bd3100213ec0dee3b3dc030401d6d98c9e61f5719e6296ed7cbdc6ea3588

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1459450061696417792&lang=en&origin=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=71fd4c6b77750f298d6b95fc04821f1ceccaa2e0&siteScreenName=newsweek&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 12:33:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/67DF)
Age
305870
Etag
"a7263afbfe059e9c928fa468a7e9ab79+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
15943
tweet
cdn.syndication.twimg.com/ Frame 0F9D 		777 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1459450061696417792&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D3C) / Express
Resource Hash
f95c199571050efd8f5e76fbe151a162750f1550c4e4753097e9bc8dc45fa9d8
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"309-giBasJdz/d8p3izqgfsRtyRrSHg"
age
29
x-powered-by
Express
x-cache
HIT
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
content-length
508
x-xss-protection
0
x-response-time
140
last-modified
Sat, 13 Nov 2021 12:33:18 GMT
server
ECS (lcy/1D3C)
x-frame-options
SAMEORIGIN
date
Sat, 13 Nov 2021 12:33:47 GMT
vary
Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
f617f946385896cbbb941704ea1ee0ba789f2fccba7914d283cec953e6f8902c
accept-ranges
bytes
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
SynchroClient2.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 5D59 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211111_d96f0eed84759cbdd8529e33c898a8bf0d5003f2/trinity-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-129.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 07:35:57 GMT
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
age
17871
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
9187
x-amz-cf-id
z3pSVrARKoiV6q-nkVI2HnkUh_2lIrrPnB2in2EHQTB4Xcxdz_EMXQ==
vendors-node_modules_spotim_draft-message-utils_dist_draft-message-utils_draft-message-utils_-165854-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.44.14/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.44.14/vendors-node_modules_spotim_draft-message-utils_dist_draft-message-utils_draft-message-utils_-165854-bundle.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
ec7b0920edd587ab28f87f8dd09eb315b23c6253922f8a88f01811e09fc4cf45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
5342
expires
Mon, 14 Nov 2022 12:33:47 GMT
conversation-component-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.44.14/ 		143 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.44.14/conversation-component-bundle.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
f8a4185d9d4367b48bb922a20cd461d72aeb180bdc5a1faf8cc3048f5b38e1cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
content-encoding
br
server
fasthttp
x-cache-status
Bypass
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
34973
expires
Mon, 14 Nov 2022 12:33:47 GMT
jot
syndication.twitter.com/i/ Frame 0F9D 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1636806827240%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22newsweek%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222b31904%3A1636484198898%22%2C%22item_ids%22%3A%5B%221459450061696417792%22%5D%2C%22item_details%22%3A%7B%221459450061696417792%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
109
pragma
no-cache
last-modified
Sat, 13 Nov 2021 12:33:47 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
329188783e22c2b82dcada5456612a863acdbb9a4db7107549d632158d0dbc18
x-transaction
553e7550250ba687
expires
Tue, 31 Mar 1981 05:00:00 GMT
sp_vNTS7w0J_article-1648966
api-2-0.spot.im/v1.0.0/conversation/featured-message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/featured-message/sp_vNTS7w0J_article-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
date
Sat, 13 Nov 2021 12:33:47 GMT
metric
metrics-logger.spot.im/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metrics-logger.spot.im/metric
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.223.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-223-65.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:47 GMT
content-length
0
sp_vNTS7w0J_article-1648966
api-2-0.spot.im/v1.0.0/conversation/featured-message/ 		51 B
902 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/featured-message/sp_vNTS7w0J_article-1648966
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
4c4d99f60e72cfe57207498be562bb5f7d086f9d7f21a889bc954b120c67bfe5

Request headers

x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
x-post-id
article-1648966
Accept-Language
de-DE,de;q=0.9
x-spotim-device-v2
d_JcZN0jqMWC5bcjDPJy6N
Content-Type
application/json
Accept
application/json
x-spot-id
sp_vNTS7w0J
x-spotim-page-view-id
696641cb-0958-4cfe-9528-2bd52ced2345
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Referer
https://www.newsweek.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfeUl3cXp6S3FpU05FIiwiZGlzcGxheV9uYW1lIjoiUmVkQm90dGxlIiwidXNlcl9uYW1lIjoiUmVkQm90dGxlIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI1JlZC1Cb3R0bGUiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJyZXB1dGF0aW9uIjp7fSwic3BvdF9pZCI6InNwX3ZOVFM3dzBKIiwibGFzdF9jaGVjayI6MTYzNjgwNjgyNSwidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTIxMTExM1RXR1lXTi4xNjM3OGZhZGIxZjc2MTA5NzIxY2E2YjgyZGIyZWFhOGRhZGQ0NTEyYTE4ZmQ5NDkxYTZjZTIyOTgwZGZjNDE1IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX0pjWk4wanFNV0M1YmNqRFBKeTZOIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoibmV0X25ld3N3ZWVrIiwibmV0d29ya19uYW1lIjoibmV3c3dlZWsiLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE2NjUyMjg4MjUsInN1YiI6InVfeUl3cXp6S3FpU05FIn0.-1qUwslaRYJBpcNCGwzuDxGuA-LeKC5UOOMVRL_qk2w

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
x-spotim-networkid
net_newsweek
content-length
51
x-spotim-token
01211113TWGYWN.16378fadb1f76109721ca6b82db2eaa8dadd4512a18fd9491a6ce22980dfc415
x-request-id
f2e21e8a-447d-11ec-b768-16b8ac29bd25
x-guid
2667b1fa-2e18-42f9-a581-6d2747813a27
server
fasthttp
x-spotim-device-v2
d_JcZN0jqMWC5bcjDPJy6N
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
bottle.svg
static-cdn.spot.im/production/avatars/colorful/ 		1 KB
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.spot.im/production/avatars/colorful/bottle.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1102c1d55879469a1f0ca47d2626beaf313e2df7e39523f0ad688956fc1b5cae

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
TAEJ_xca2YBzV37SaFY_.AiBxeQsE12k
content-encoding
gzip
last-modified
Mon, 23 Mar 2020 10:48:47 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
etag
W/"ac257ab0c752bb3234a002c2525b1b08"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31622400
date
Sat, 13 Nov 2021 12:33:47 GMT
content-length
629
x-amz-cf-id
mXF4rkFHNQk0Jcj6tNik-E3XbFUCOT30sNEXoDcQfjz_mWbeYTLIJg==
expires
Mon, 14 Nov 2022 12:33:47 GMT
usermatch
ssum.casalemedia.com/ Frame B89E
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D&s=190025&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D&s=190025&C=1
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5904016c445d3f031376908baac63628cf95eff16fc97768da303004d5e59774

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|45|230|88|64|40|90
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1790
Expires
Sat, 13 Nov 2021 12:33:47 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:47 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
379
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D&s=190025&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 13 Nov 2021 12:33:47 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:47 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 8004
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Nov 2021 12:33:47 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Date
Sat, 13 Nov 2021 12:33:47 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
cookiesyncendpoint
sync.aniview.com/ Frame 41E6
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=55&key=7652432736333484131
0
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=55&key=7652432736333484131
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.48.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-48-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
content-length
0

Redirect headers

Server
nginx/1.17.9
Date
Sat, 13 Nov 2021 12:33:47 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=55&key=7652432736333484131
AN-X-Request-Uuid
a2ff1c9d-e7b2-425c-a27e-d8fc767fe0f9
X-Proxy-Origin
91.199.118.72; 91.199.118.72; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
cookiesyncendpoint
sync.aniview.com/ Frame 0040
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D2%26key%3D%24S...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=2&key=f15a8bf8-447d-11ec-89bf-14f0ef8b0406
0
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=2&key=f15a8bf8-447d-11ec-89bf-14f0ef8b0406
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.48.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-48-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
content-length
0

Redirect headers

Server
nginx
Date
Sat, 13 Nov 2021 12:33:47 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=2&key=f15a8bf8-447d-11ec-89bf-14f0ef8b0406
X-fe
86
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cookiesyncendpoint
sync.aniview.com/ Frame 2523
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D72%26pid%3D5e0e...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.48.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-48-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
content-length
0

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
content-length
0
date
Sat, 13 Nov 2021 12:33:47 GMT
server
AC1.1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 774C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=38075
expires
Sat, 13 Nov 2021 23:08:22 GMT
date
Sat, 13 Nov 2021 12:33:47 GMT
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D2BE 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D1%26key%3D
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=38075
expires
Sat, 13 Nov 2021 23:08:22 GMT
date
Sat, 13 Nov 2021 12:33:47 GMT
vary
Accept-Encoding
avpb3.js
player.aniview.com/script/6.1/ Frame 40C7 		314 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
7eba5f41d59aefb5990b99a781e0dbdfff7ae1d6987dcb5b18e12fde3629f262

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdui2F1r9luddk0mO8dcvv9KTuzTh2O2S0gc2galdFJ5ngdLctFDw0fdPhUNbQsG-O9FLEiM0NuKXjMGFCTmNu4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99475
last-modified
Sun, 07 Nov 2021 12:57:43 GMT
server
UploadServer
etag
"e4f50e6002c3454b61c9472c8f4386b9"
vary
Accept-Encoding
x-goog-hash
crc32c=t1bvWQ==, md5=5PUOYALDRUthyUcsj0OGuQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1636289863354883
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99475
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 13 Nov 2021 12:38:47 GMT
s2s
s2s.aniview.com/api/adserver/ 		1 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=783ee43972b68b854ee686ba35ae9ee8_1723163249&wpm=&ssrtb=&pbjs=&tms=450&AV_C_USER_ID=1636806827034-953941052763-008499-003-008044&AV_CDIM1=sp_vNTS7w0J&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&AV_CDIM4=696641cb-0958-4cfe-9528-2bd52ced2345&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_CDIM7=row1-column1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=61828478d7375b75c9123cf8&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.newsweek.com&AV_DADPOS=3&AV_PLACEMENT=1&d36=6.1.2.85&sver=1&avtoken=826595&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=6806827303&tgt=0&&AV_VI=0&AV_VID=2535.578125&d4=1&d5=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.199.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-199-60.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 01 Nov 2021 22:47:08 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827307&vwd=400&vht=300
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827307&vwd=400&vht=300
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.newsweek.com&rs=www.newsweek.com&sid=82672&t=1636806827&cip=91.199.118.72&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1636806827034-953941052763-008499-003-008044&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=97768579429&cd1=sp_vNTS7w0J&cd2=Desktop&cd3=pitc&cd4=696641cb-0958-4cfe-9528-2bd52ced2345&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&cd7=row1-column1&d9=1000&d37=realtime1&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=61828478d7375b75c9123cf8&e=request&cb=1636806827310&asid=613f2594ce69844cf5275d9c%2C611b4d25ee6aae31897baf0e%2C613f2554f291157aa138fd97%2C613a1d4fb4ee2c04f00b2931%2C614337a85c49df000b43be8e%2C60ec36ec2d3e404656368d06%2C618aa9db616f0c3bad36ea78%2C60f816171c4ad7633f77c84a%2C61548a37a446325e147847e5%2C614337343965e665fb4b2067%2C61309c449070072bf8053a8f%2C610a78a0f82fe519c712a5c5%2C614ca74a3f22850e2c64516b%2C60fe8e778b51f207f669ae25&ofpr=2.7%2C2.05%2C1.89%2C%2C4.02%2C7.445%2C5%2C5.5%2C7.198%2C2.36%2C8.8%2C2.56%2C2.75%2C2.64&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
avpb3.js
player.aniview.com/script/6.1/ Frame 5141 		314 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
7eba5f41d59aefb5990b99a781e0dbdfff7ae1d6987dcb5b18e12fde3629f262

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdui2F1r9luddk0mO8dcvv9KTuzTh2O2S0gc2galdFJ5ngdLctFDw0fdPhUNbQsG-O9FLEiM0NuKXjMGFCTmNu4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99475
last-modified
Sun, 07 Nov 2021 12:57:43 GMT
server
UploadServer
etag
"e4f50e6002c3454b61c9472c8f4386b9"
vary
Accept-Encoding
x-goog-hash
crc32c=t1bvWQ==, md5=5PUOYALDRUthyUcsj0OGuQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1636289863354883
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99475
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 13 Nov 2021 12:38:47 GMT
avpb3a1.js
player.aniview.com/script/6.1/ Frame 5141 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3a1.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9e55c77140a9e6f5e45ef8424133dc9c61876b48f9d9add51c00b5181a125cc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvW7LNolUDenupK_B4AcCIS-W5yr-czHiTphNzoRua68rwDxn-KnpUAFObDL8PVrW5qfbS8nL3ljy5RAwCvHrGax8c8QQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
19997
last-modified
Sun, 07 Nov 2021 12:58:15 GMT
server
UploadServer
etag
"ea552874030ddc0471e3aba9b3683a10"
vary
Accept-Encoding
x-goog-hash
crc32c=ZYCM8w==, md5=6lUodAMN3ARx46ups2g6EA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1636289895521103
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
19997
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 13 Nov 2021 12:38:47 GMT
s2s
s2s.aniview.com/api/adserver/ 		1 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=2774da537284ea90966d4f68a811cab4_1723154173&wpm=&ssrtb=&pbjs=&tms=450&AV_C_USER_ID=1636806827343-918702922763-005943-007-001806&AV_CDIM1=sp_vNTS7w0J&AV_CDIM2=Desktop&AV_CDIM3=conversation_header_siderail&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&AV_CDIM4=696641cb-0958-4cfe-9528-2bd52ced2345&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_CDIM7=row1-column1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6016e744dd1cb968d906f916&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.newsweek.com&AV_DADPOS=3&d36=6.1.2.85&sver=1&avtoken=826567&AV_WIDTH=310&AV_HEIGHT=253&AV_DNT=0&cb=6806827327&tgt=0&&AV_VI=73&AV_VID=0&d4=1&d5=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.199.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-199-60.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 01 Nov 2021 22:47:08 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=631526&adId=2449018&vadFmt=2&vminl=1&vmaxl=60&vh=253&vw=310&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_vNTS7w0J,1,,,&kadpageurl=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cbb=6806827327
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.newsweek.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjI1N2Q4MjctZDE2MS02ZTEwLTcxOTUtMWI5NjhkZmFiMjU1
0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647353&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647353&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://spot-im-d.openx.net/v/1.0/av?auid=545638986&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545638986&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.newsweek.com&rs=www.newsweek.com&sid=95279&t=1636806827&cip=91.199.118.72&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=310&he=253&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1636806827343-918702922763-005943-007-001806&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=24252733482&cd6=true&cd7=row1-column1&cd1=sp_vNTS7w0J&cd2=Desktop&cd3=conversation_header_siderail&cd4=696641cb-0958-4cfe-9528-2bd52ced2345&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&d9=1000&d37=realtime1&AV_WIDTH=310&AV_HEIGHT=253&nid=5e0e296628a061270b21ccab&ncid=6016e744dd1cb968d906f916&e=request&cb=1636806827330&asid=60d333bf66c1b52db544a767%2C613f2594ce69844cf5275d9c%2C611b4d25ee6aae31897baf0e%2C61113df07fc6a449737e6160%2C618aa9db616f0c3bad36ea78%2C61113d220281b5606b69210b%2C613f3a604851872cdd37e8ae%2C614337a85c49df000b43be8e%2C60feac4ce03fa73380094e24%2C60dc8ad42831ec3b487f5635%2C613a1d4fb4ee2c04f00b2931%2C614c4a387c7c2f0b100ab1b1%2C6167f722f4f5be3f3b74f7ac%2C6107bceb2b418141471b5ad4&ofpr=%2C2.7%2C2.05%2C%2C5%2C%2C4.6%2C4.02%2C5.5%2C5.5%2C%2C3.26%2C3.56%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
GEQ-rZKz_normal.png
pbs.twimg.com/profile_images/1107613521523761153/ Frame 0F9D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1107613521523761153/GEQ-rZKz_normal.png
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
32bd128f9959f9814ed0ffde4a48e3f72d552efa0619675d3c26fa8d8625d30b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
x-content-type-options
nosniff
age
416490
x-cache
HIT
content-length
3175
x-response-time
118
surrogate-key
profile_images profile_images/bucket/6 profile_images/1107613521523761153
last-modified
Mon, 18 Mar 2019 12:01:36 GMT
server
ECS (frb/6724)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
2b128bc6e75a9c882fa4a8e0a79fd6b6e1cc53a47f9d7126b99df228fb05ed6d
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame FAE7 		402 B
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: delivery-cdn-cf.adswizz.com
URL: https://delivery-cdn-cf.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.112.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-112-127.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/

Response headers

Accept-Charset
utf-8
Access-Control-Allow-Origin
*
Content-Type
text/html;charset=UTF-8
Date
Sat, 13 Nov 2021 12:33:47 GMT
Instance-id
i-0d4d197ca70d7a9f8
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
Server
Apache-Coyote/1.1
X-Adswizz-request-id
f2f5ab70-447d-11ec-8f04-023669112947
X-Application-Context
application:production
X-Clacks-Overhead
GNU Terry Pratchett
Content-Length
402
Connection
keep-alive
cygnus
htlb.casalemedia.com/ 		36 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2218e75942dc8239%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2223005bee697ac6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A5.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
059ea9b739e16391a95f05e514efef0402980411e86d4ab735f26552773ba4aa

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:47 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:47 GMT
cygnus
htlb.casalemedia.com/ 		36 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%223bff2ba03059ff%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2246b9001c8ce85f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.89%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
75ca257d1c507b5f0f5648b26c6087ba0e2b20574c690c0b3797587729447e41

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:47 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:47 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:47 GMT
X-SpotX-Timing-Transform
0.000867
X-SpotX-Timing-SpotMarket
0.004853
X-SpotX-Timing-Page-Mux
0.001025
X-SpotX-Timing-Page-Require
0.000346
X-fe
136
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
X-SpotX-Timing-Page
0.010229
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000278
Last-Modified
Sat, 13 Nov 2021 12:33:47 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004853
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.002824
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		36 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22759d858fbc1592%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2282da8a1c591b8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.7%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e81d765fd9d13b7e471dd6c2fab410a3d2e375906cb2b23940b26fe5336640bc

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:47 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:47 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5b62369c-842b-4f83-a295-30ab39597fe2&nocache=1636806827452&pubcid=3c16b188-8114-467a-8d00-5e50b42b8f6e&schain=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=550964004&vwd=400&vht=300&aumfs=5000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:47 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:47 GMT
X-SpotX-Timing-Transform
0.000406
X-SpotX-Timing-SpotMarket
0.006318
X-SpotX-Timing-Page-Mux
0.002031
X-SpotX-Timing-Page-Require
0.000647
X-fe
074
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000034
X-SpotX-Timing-Page
0.018569
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.001666
Last-Modified
Sat, 13 Nov 2021 12:33:47 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006318
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.007447
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000018
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221781434df15dff7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2218834682133cd25%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.56%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
deeb560572ebd9bba091a7b32f4045935e7c1fb483c1c5741a2e9393dc9d70a0

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:47 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:47 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:47 GMT
X-SpotX-Timing-Transform
0.000927
X-SpotX-Timing-SpotMarket
0.005354
X-SpotX-Timing-Page-Mux
0.000945
X-SpotX-Timing-Page-Require
0.000369
X-fe
125
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000020
X-SpotX-Timing-Page
0.011755
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000468
Last-Modified
Sat, 13 Nov 2021 12:33:47 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005354
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.003661
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%222343ee3298f95f1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2224ff5eebbf70647%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cbd7d2963b7d091247c61dfa94f627713cbad438d0f017f25ebd1c173d0c7d1e

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:48 GMT
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:47 GMT
X-SpotX-Timing-Transform
0.000402
X-SpotX-Timing-SpotMarket
0.006953
X-SpotX-Timing-Page-Mux
0.000975
X-SpotX-Timing-Page-Require
0.000449
X-fe
011
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000019
X-SpotX-Timing-Page
0.016170
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.001791
Last-Modified
Sat, 13 Nov 2021 12:33:47 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006953
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.005569
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B89E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY-wqxjwO3d87n6xxUDOxAAABJUAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY-wqxjwO3d87n6xxUDOxAAABJUAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY-wqxjwO3d87n6xxUDOxAAABJUAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
457DAN9T6FGX2J4NW624
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
S3DB2J7A6XHXXF7FG7PW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY-wqxjwO3d87n6xxUDOxAAABJUAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B89E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame B89E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YY.wqxjwO3d87n6xxUDOxAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGpxxnf19RKxZi2WNy82lYM&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGpxxnf19RKxZi2WNy82lYM&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 13 Nov 2021 12:33:48 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGpxxnf19RKxZi2WNy82lYM&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame B89E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YY-wqxjwO3d87n6xxUDOxAAABJUAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPPzA50Xg8d6VRCS12yIi3I&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPPzA50Xg8d6VRCS12yIi3I&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 13 Nov 2021 12:33:48 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPPzA50Xg8d6VRCS12yIi3I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame B89E 		85 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1636806828.938624,VS0,VE89
x-served-by
cache-fra19147-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame B89E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639398827
43 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639398827
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 13 Nov 2021 12:33:47 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:47 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639398827
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
no_match_opted_out
um.simpli.fi/ Frame B89E
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 13 Nov 2021 12:33:47 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Sat, 13 Nov 2021 12:33:47 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 12 Nov 2021 12:33:47 GMT
cookiesyncendpoint
sync.aniview.com/ Frame B89E 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1636806827034-953941052763-008499-003-008044&biddername=42&key=YY.wqxjwO3d87n6xxUDOxAAA%261173
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.48.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-48-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 8004 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
99f1737b5914cb07c544213ac0e8ffd654bb155bf68d08a7de2d8cf5f75af7c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 12:33:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33455
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Sat, 13 Nov 2021 21:51:22 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame CABE
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636806827034-953941052763-008499-003-008044%26biddername%3D42%26key%3D&s=190025&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.237.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-237-203.compute-1.amazonaws.com
Software
/
Resource Hash
f299cc209b42386e835e582ab9df70812b17ca95bf1c403d955f612f4040d448

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sat, 13 Nov 2021 12:33:48 GMT
pragma
no-cache

Redirect headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
SPug
simage4.pubmatic.com/AdServer/ Frame 610A 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156758&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cygnus
htlb.casalemedia.com/ 		36 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2216e4fce17f01b1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221ce2e34707fce%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B310%2C253%5D%5D%2C%22w%22%3A310%2C%22h%22%3A253%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3.26%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%2C%22asi%22%3A%22spotim.market%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
963d91c9c0ec60abf54cf2933043d49778185495c96a4fd5994d01a2e1395def

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:48 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		212 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
57efbb0de169a960d70a6348eaa28d134ffbe8aa5846c7b4879990406e953d60

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
212
expires
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:47 GMT
X-SpotX-Timing-Transform
0.000346
X-SpotX-Timing-SpotMarket
0.003748
X-SpotX-Timing-Page-Mux
0.001011
X-SpotX-Timing-Page-Require
0.000352
X-fe
138
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000020
X-SpotX-Timing-Page
0.009496
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000322
Last-Modified
Sat, 13 Nov 2021 12:33:47 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003748
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.003685
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		36 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%227724842ed60339%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2286d07ccf5492d5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B310%2C253%5D%5D%2C%22w%22%3A310%2C%22h%22%3A253%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%2C%22asi%22%3A%22spotim.market%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ff86910919f2816d04d7ae0cae0b28182b27974843c07650de4215edbb50e435

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:48 GMT
cygnus
htlb.casalemedia.com/ 		36 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22927c05e711fbfa%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22102ba48ec2c6725%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B310%2C253%5D%5D%2C%22w%22%3A310%2C%22h%22%3A253%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.7%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%2C%22asi%22%3A%22spotim.market%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9f756f9c70557d9d5b982f5e8dd3c154d4fff03346b5ef5a6546e151ff27a400

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:48 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=083d9575-bb5e-4c07-8a17-9e98ff80f558&nocache=1636806827555&pubcid=3c16b188-8114-467a-8d00-5e50b42b8f6e&schain=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A310%2C%22h%22%3A253%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=550964004&vwd=310&vht=253&aumfs=5000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:47 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
av
spot-im-d.openx.net/v/1.0/
Redirect Chain
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827307&vwd=400&vht=300
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827307&vwd=400&vht=300
48 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827307&vwd=400&vht=300
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 13 Nov 2021 12:33:48 GMT
via
1.1 google
server
OXGW/16.218.0
location
https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827307&vwd=400&vht=300
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
av
spot-im-d.openx.net/v/1.0/
Redirect Chain
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
48 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 13 Nov 2021 12:33:48 GMT
via
1.1 google
server
OXGW/16.218.0
location
https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
av
spot-im-d.openx.net/v/1.0/
Redirect Chain
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 13 Nov 2021 12:33:48 GMT
via
1.1 google
server
OXGW/16.218.0
location
https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
av
spot-im-d.openx.net/v/1.0/
Redirect Chain
  • https://spot-im-d.openx.net/v/1.0/av?auid=545647353&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647353&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647353&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 13 Nov 2021 12:33:48 GMT
via
1.1 google
server
OXGW/16.218.0
location
https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545647353&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
av
spot-im-d.openx.net/v/1.0/
Redirect Chain
  • https://spot-im-d.openx.net/v/1.0/av?auid=545638986&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
  • https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545638986&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545638986&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 13 Nov 2021 12:33:48 GMT
via
1.1 google
server
OXGW/16.218.0
location
https://spot-im-d.openx.net/v/1.0/av?cc=1&auid=545638986&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 12:11:59 GMT
server
ESF
date
Sat, 13 Nov 2021 12:33:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Nov 2021 12:33:48 GMT
css
fonts.googleapis.com/ 		3 KB
694 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 12:04:32 GMT
server
ESF
date
Sat, 13 Nov 2021 12:33:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Nov 2021 12:33:48 GMT
jot
syndication.twitter.com/i/ Frame 0F9D 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1636806827614%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22impression%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22newsweek%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222b31904%3A1636484198898%22%2C%22item_ids%22%3A%5B%221459450061696417792%22%5D%2C%22item_details%22%3A%7B%221459450061696417792%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
111
pragma
no-cache
last-modified
Sat, 13 Nov 2021 12:33:48 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
329188783e22c2b82dcada5456612a863acdbb9a4db7107549d632158d0dbc18
x-transaction
f0908b2b50a86e80
expires
Tue, 31 Mar 1981 05:00:00 GMT
jot
syndication.twitter.com/i/ Frame 0F9D 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1636806827622%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22seen%22%2C%22section%22%3A%22main%22%2C%22component%22%3A%22privacy-notice%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22newsweek%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222b31904%3A1636484198898%22%2C%22item_ids%22%3A%5B%221459450061696417792%22%5D%2C%22item_details%22%3A%7B%221459450061696417792%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
118
pragma
no-cache
last-modified
Sat, 13 Nov 2021 12:33:48 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
329188783e22c2b82dcada5456612a863acdbb9a4db7107549d632158d0dbc18
x-transaction
da7598b43ff3ed38
expires
Tue, 31 Mar 1981 05:00:00 GMT
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ 		567 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
5dfeee7676263de8026ea0bb14db900bfac35d3bbd3be2f769241260b595c19c

Request headers

x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
x-post-id
article-1648966
Accept-Language
de-DE,de;q=0.9
x-spotim-device-v2
d_JcZN0jqMWC5bcjDPJy6N
Content-Type
application/json
Accept
application/json
x-spot-id
sp_vNTS7w0J
x-spotim-page-view-id
696641cb-0958-4cfe-9528-2bd52ced2345
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Referer
https://www.newsweek.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfeUl3cXp6S3FpU05FIiwiZGlzcGxheV9uYW1lIjoiUmVkQm90dGxlIiwidXNlcl9uYW1lIjoiUmVkQm90dGxlIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI1JlZC1Cb3R0bGUiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJyZXB1dGF0aW9uIjp7fSwic3BvdF9pZCI6InNwX3ZOVFM3dzBKIiwibGFzdF9jaGVjayI6MTYzNjgwNjgyNSwidmVyc2lvbiI6MiwieC1zcG90aW0tdG9rZW4iOiIwMTIxMTExM1RXR1lXTi4xNjM3OGZhZGIxZjc2MTA5NzIxY2E2YjgyZGIyZWFhOGRhZGQ0NTEyYTE4ZmQ5NDkxYTZjZTIyOTgwZGZjNDE1IiwicGVybWlzc2lvbnMiOm51bGwsInNwb3RpbS1kZXZpY2UtdjIiOiJkX0pjWk4wanFNV0M1YmNqRFBKeTZOIiwibmV0d29yayI6eyJuZXR3b3JrX2lkIjoibmV0X25ld3N3ZWVrIiwibmV0d29ya19uYW1lIjoibmV3c3dlZWsiLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE2NjUyMjg4MjUsInN1YiI6InVfeUl3cXp6S3FpU05FIn0.-1qUwslaRYJBpcNCGwzuDxGuA-LeKC5UOOMVRL_qk2w

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
x-spotim-device-uuid
2667b1fa-2e18-42f9-a581-6d2747813a27
x-guid
2667b1fa-2e18-42f9-a581-6d2747813a27
server
fasthttp
x-spotim-networkid
net_newsweek
x-spotim-device-v2
d_JcZN0jqMWC5bcjDPJy6N
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
vary
Accept-Encoding
content-length
232
x-spotim-token
01211113TWGYWN.16378fadb1f76109721ca6b82db2eaa8dadd4512a18fd9491a6ce22980dfc415
x-request-id
f320274d-447d-11ec-9b26-ce5ccda00318
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
date
Sat, 13 Nov 2021 12:33:48 GMT
jot
syndication.twitter.com/i/ Frame 0F9D 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1636806827674%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22newsweek%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222b31904%3A1636484198898%22%2C%22item_ids%22%3A%5B%221459450061696417792%22%5D%2C%22item_details%22%3A%7B%221459450061696417792%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1537.3000030517578%7D
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
116
pragma
no-cache
last-modified
Sat, 13 Nov 2021 12:33:48 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
329188783e22c2b82dcada5456612a863acdbb9a4db7107549d632158d0dbc18
x-transaction
7edf04a2335833d5
expires
Tue, 31 Mar 1981 05:00:00 GMT
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame FAE7 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-129.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 18:13:07 GMT
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
age
67575
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
9211
x-amz-cf-id
q2D6brUErmG3bKzedrn_Tna5NvdB9WfKGz2ClxBc_9VJ47o0M9hHuA==
idsync.js
yield-op-idsync.live.streamtheworld.com/ Frame 5D59 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yield-op-idsync.live.streamtheworld.com/idsync.js?stn=T_I_M
Requested by
Host: playerservices.live.streamtheworld.com
URL: https://playerservices.live.streamtheworld.com/api/idsync.js?stationId=172423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.80.55.87 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
4e823ffccdf09dea9aa2abe62b166958c8b9ac16a593dc0c924c82400b5b2a1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
p3p
policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
2866
content-type
application/javascript; charset=UTF-8
/
c.mgid.com/pv/ 		0
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=163680682771875786430&uniqId=02d3d&childs=735285,735327,764712,1088890,865224,1174081&consentData=&gdprApplies=false&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&lu=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=618fb0ac-0bfef&pageView=1&pvid=17d194a1ec799065a78&site=412698&implVersion=10&dpr=1
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ad807d3d89742e1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s2s
s2s.aniview.com/api/adserver/ 		1 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=2774da537284ea90966d4f68a811cab4_1723154173&wpm=&ssrtb=&pbjs=&tms=450&AV_C_USER_ID=1636806827343-918702922763-005943-007-001806&AV_CDIM1=sp_vNTS7w0J&AV_CDIM2=Desktop&AV_CDIM3=conversation_header_siderail&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&AV_CDIM4=696641cb-0958-4cfe-9528-2bd52ced2345&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_CDIM7=row1-column1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6016e744dd1cb968d906f916&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.newsweek.com&AV_DADPOS=3&d36=6.1.2.85&sver=1&avtoken=826567&AV_WIDTH=310&AV_HEIGHT=253&AV_DNT=0&cb=6806827750&tgt=0&&AV_VI=73&AV_VID=0&d4=2&d5=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.199.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-199-60.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 01 Nov 2021 22:47:08 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=631526&adId=2449018&vadFmt=2&vminl=1&vmaxl=60&vh=253&vw=310&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_vNTS7w0J,1,,,&kadpageurl=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cbb=6806827751
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.newsweek.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545638986&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827751&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827751&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827752&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545647353&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827752&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.newsweek.com&rs=www.newsweek.com&sid=95279&t=1636806827&cip=91.199.118.72&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=310&he=253&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1636806827343-918702922763-005943-007-001806&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=24252733482&cd6=true&cd7=row1-column1&cd1=sp_vNTS7w0J&cd2=Desktop&cd3=conversation_header_siderail&cd4=696641cb-0958-4cfe-9528-2bd52ced2345&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&d9=1000&d37=realtime1&AV_WIDTH=310&AV_HEIGHT=253&nid=5e0e296628a061270b21ccab&ncid=6016e744dd1cb968d906f916&e=request&cb=1636806827753&asid=60d333bf66c1b52db544a767%2C613f2594ce69844cf5275d9c%2C611b4d25ee6aae31897baf0e%2C6107bceb2b418141471b5ad4%2C613a1d4fb4ee2c04f00b2931%2C60feac4ce03fa73380094e24%2C6167f722f4f5be3f3b74f7ac%2C614337a85c49df000b43be8e%2C614c4a387c7c2f0b100ab1b1%2C61113df07fc6a449737e6160%2C618aa9db616f0c3bad36ea78%2C613f3a604851872cdd37e8ae%2C60dc8ad42831ec3b487f5635%2C61113d220281b5606b69210b&ofpr=%2C2.7%2C2.05%2C%2C%2C5.5%2C3.56%2C4.02%2C3.26%2C%2C5%2C4.6%2C5.5%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
8e9b56f27a9f53628247a4a86a74d9d6a087e6eead1480b556a5cd7517f42d61

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:48 GMT
X-SpotX-Timing-Transform
0.000337
X-SpotX-Timing-SpotMarket
0.004077
X-SpotX-Timing-Page-Mux
0.000948
X-SpotX-Timing-Page-Require
0.000407
X-fe
127
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000021
X-SpotX-Timing-Page
0.009688
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000315
Last-Modified
Sat, 13 Nov 2021 12:33:48 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004077
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.003571
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2225b7869a87fa71c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222614cbeab9d0318%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B310%2C253%5D%5D%2C%22w%22%3A310%2C%22h%22%3A253%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3.26%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%2C%22asi%22%3A%22spotim.market%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
987cc943a7fde397c9f07e3185118c77aca5d1837a57c1e6b17542a33cb2f974

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:48 GMT
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%222766c75b8b14f42%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222813260ac25505d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B310%2C253%5D%5D%2C%22w%22%3A310%2C%22h%22%3A253%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%2C%22asi%22%3A%22spotim.market%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
01bfbebcf7a916d8709096744dfd6c21d256f9d17f12ebca3cb172c669614b17

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:48 GMT
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2229dc133d53e4add%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223087742c9082f95%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B310%2C253%5D%5D%2C%22w%22%3A310%2C%22h%22%3A253%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.7%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%2C%22asi%22%3A%22spotim.market%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0a0e98533e70960f740a5218c2e601aaa3ad0fa9f4238ef1f64f583727624677

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:48 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=84a0c475-e87e-48b0-b1d4-f04b5f96c85d&nocache=1636806827768&pubcid=3c16b188-8114-467a-8d00-5e50b42b8f6e&schain=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A310%2C%22h%22%3A253%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=550964004&vwd=310&vht=253&aumfs=5000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ Frame D673 		2 KB
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
br
cf-cache-status
HIT
age
3404
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ad807d4296f42e1-FRA
expires
Sun, 14 Nov 2021 12:33:48 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame D673 		836 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
br
cf-cache-status
HIT
age
3328
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ad807d4296b42e1-FRA
expires
Sun, 14 Nov 2021 12:33:48 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
br
cf-cache-status
HIT
age
3404
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ad807d4296e42e1-FRA
expires
Sun, 14 Nov 2021 12:33:48 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
br
cf-cache-status
HIT
age
3328
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ad807d4296d42e1-FRA
expires
Sun, 14 Nov 2021 12:33:48 GMT
1
servicer.mgid.com/734388/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/734388/1?pv=5&cbuster=1636806827832380683478&uniqId=02d3d&childs=735285,735327,764712,1088890,865224,1174081&consentData=&gdprApplies=false&niet=4g&nisd=false&jsv=es6&w=790&h=1517&p2_w=252&p2_h=187&maxw_2=252&maxh_2=187&cols=3&ref=&cxurl=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&lu=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&sessionId=618fb0ac-0bfef&pageView=1&pvid=17d194a1ec799065a78&implVersion=10&dpr=1
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18a676d8b55b92e6d83f4d333671c02e89b9558db94dd82a59187d05f5d1ed21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ad807d48a5042e1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s2s
s2s.aniview.com/api/adserver/ 		1 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=783ee43972b68b854ee686ba35ae9ee8_1723163249&wpm=&ssrtb=&pbjs=&tms=450&AV_C_USER_ID=1636806827034-953941052763-008499-003-008044&AV_CDIM1=sp_vNTS7w0J&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&AV_CDIM4=696641cb-0958-4cfe-9528-2bd52ced2345&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_CDIM7=row1-column1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=61828478d7375b75c9123cf8&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.newsweek.com&AV_DADPOS=3&AV_PLACEMENT=1&d36=6.1.2.85&sver=1&avtoken=826595&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=6806827910&tgt=0&&AV_VI=0&AV_VID=3069.578125&d4=2&d5=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.199.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-199-60.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 01 Nov 2021 22:47:08 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.newsweek.com&rs=www.newsweek.com&sid=82672&t=1636806827&cip=91.199.118.72&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1636806827034-953941052763-008499-003-008044&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=97768579429&cd1=sp_vNTS7w0J&cd2=Desktop&cd3=pitc&cd4=696641cb-0958-4cfe-9528-2bd52ced2345&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&cd7=row1-column1&d9=1000&d37=realtime1&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=61828478d7375b75c9123cf8&e=request&cb=1636806827912&asid=613f2594ce69844cf5275d9c%2C611b4d25ee6aae31897baf0e%2C613f2554f291157aa138fd97%2C618aa9db616f0c3bad36ea78%2C60ec36ec2d3e404656368d06%2C614337a85c49df000b43be8e%2C614ca70120845e08015d7cfc%2C614c4a387c7c2f0b100ab1b1%2C61312cb99bd61a2e0c1d0f94%2C61312c6f520a741f1b4d5991%2C614b567f9101b84b0b7a8835%2C60f816171c4ad7633f77c84a%2C61548a37a446325e147847e5%2C60fe8e778b51f207f669ae25&ofpr=2.7%2C2.05%2C1.89%2C5%2C7.445%2C4.02%2C3.61%2C3.26%2C9.44%2C2.93%2C3.61%2C5.5%2C7.198%2C2.64&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:48 GMT
X-SpotX-Timing-Transform
0.000291
X-SpotX-Timing-SpotMarket
0.004805
X-SpotX-Timing-Page-Mux
0.000969
X-SpotX-Timing-Page-Require
0.000366
X-fe
032
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000021
X-SpotX-Timing-Page
0.009940
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000321
Last-Modified
Sat, 13 Nov 2021 12:33:48 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004805
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.003152
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:48 GMT
X-SpotX-Timing-Transform
0.000284
X-SpotX-Timing-SpotMarket
0.003673
X-SpotX-Timing-Page-Mux
0.000953
X-SpotX-Timing-Page-Require
0.000563
X-fe
098
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000018
X-SpotX-Timing-Page
0.008862
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000460
Last-Modified
Sat, 13 Nov 2021 12:33:48 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003673
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.002896
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22314f0b34a2ebd8f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2232ff3190c30f8c1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
23bc2e4266f918f69d9626f506a2ce0fa33cc3b56bad3d74f6882500c31f8f56

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:48 GMT
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2233ce68b4fca4917%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223463df4ca50ce%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A5.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6bc1b2c36134d2a98237a5f4047459471de285d2a015bfc41cb418bc85d919ae

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:48 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:48 GMT
X-SpotX-Timing-Transform
0.000313
X-SpotX-Timing-SpotMarket
0.005386
X-SpotX-Timing-Page-Mux
0.002160
X-SpotX-Timing-Page-Require
0.000378
X-fe
062
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000032
X-SpotX-Timing-Page
0.011135
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000326
Last-Modified
Sat, 13 Nov 2021 12:33:48 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005386
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.002524
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:48 GMT
X-SpotX-Timing-Transform
0.000341
X-SpotX-Timing-SpotMarket
0.005295
X-SpotX-Timing-Page-Mux
0.000991
X-SpotX-Timing-Page-Require
0.000415
X-fe
093
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000021
X-SpotX-Timing-Page
0.009970
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000319
Last-Modified
Sat, 13 Nov 2021 12:33:48 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005295
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.002574
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%223917a4552fc17ee%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2240851ebf12cb574%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.7%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec81f7c2ee2dc189ce37face320d6d51c40b07327967ffa515e560fa91ccbffe

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:48 GMT
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:48 GMT
X-SpotX-Timing-Transform
0.000654
X-SpotX-Timing-SpotMarket
0.003993
X-SpotX-Timing-Page-Mux
0.000833
X-SpotX-Timing-Page-Require
0.000455
X-fe
112
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000022
X-SpotX-Timing-Page
0.009645
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000321
Last-Modified
Sat, 13 Nov 2021 12:33:48 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003993
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.003356
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=81ed71e5-0ef4-425b-bd45-39af30227478&nocache=1636806827926&pubcid=3c16b188-8114-467a-8d00-5e50b42b8f6e&schain=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=550964004&vwd=400&vht=300&aumfs=5000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:48 GMT
X-SpotX-Timing-Transform
0.000508
X-SpotX-Timing-SpotMarket
0.006251
X-SpotX-Timing-Page-Mux
0.001157
X-SpotX-Timing-Page-Require
0.000441
X-fe
059
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000031
X-SpotX-Timing-Page
0.013906
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000393
Last-Modified
Sat, 13 Nov 2021 12:33:48 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006251
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.005102
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000023
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2249c3e4911c57bdc%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2250b095d6b071395%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.89%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
363cf7df688ddbc910a6522f1b2071b36facef761aef0d583d23f29b8b9ba9b5

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:48 GMT
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2251351c888cdbed6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2252d5431aa1940ca%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3.26%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
17cacfdab3acb52f70136941db9ed504dd974da5158b4363e3f8e1d69e97aaeb

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:48 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
MGID_plus.svg
cdn.mgid.com/images/logos/ Frame D673 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
br
cf-cache-status
HIT
age
3404
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ad807d53df44345-FRA
expires
Sun, 14 Nov 2021 12:33:48 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame D673 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
br
cf-cache-status
HIT
age
3328
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ad807d53df84345-FRA
expires
Sun, 14 Nov 2021 12:33:48 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
br
cf-cache-status
HIT
age
3404
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ad807d54e2c4345-FRA
expires
Sun, 14 Nov 2021 12:33:48 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
br
cf-cache-status
HIT
age
3328
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ad807d54e2e4345-FRA
expires
Sun, 14 Nov 2021 12:33:48 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzg2MGQwMjk2ZWQxYWIzOTQyZmI2Yzc2Mzc2YTM5N2EzLmpwZWc.webp
s-img.mgid.com/g/3959823/680x385/66x0x821x547/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3959823/680x385/66x0x821x547/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzg2MGQwMjk2ZWQxYWIzOTQyZmI2Yzc2Mzc2YTM5N2EzLmpwZWc.webp?v=1636806828-VCvULmm31nd8WQT5P-sihXtl2s_jhqLLVU6Z36crMKk
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f74966512f04924db3b8316e29302c21659f974c9c6fe9e3a553db2f51d8a700

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 15:14:58 GMT
x-mg-request-uuid
c6563e20-d4ed-4793-aeed-0f8b075fb5fe
age
3685868
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d57dba4e5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38432
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2RjMDg4NWY4MjdlNjgwZmFkZDQ1M2YyZGUzZDIxYmUwLmpwZWc.webp
s-img.mgid.com/g/4074793/680x385/0x0x900x600/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4074793/680x385/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2RjMDg4NWY4MjdlNjgwZmFkZDQ1M2YyZGUzZDIxYmUwLmpwZWc.webp?v=1636806828-9BUkveDdI4hQluIbhlYwcm_cQsR0Wbi4YoKPQEOsH8c
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
783355953bbe7e1f4e9c05108a4c07199a3b0c9b291cbebfcc4b5583ac4b2143

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 16:17:36 GMT
x-mg-request-uuid
10cf831e-11f9-4dfd-b20e-baa22ecadfd5
age
62380
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d58dbd4e5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23116
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U4NTBkYzhlMjk2ZWUxMmUxNDlmMzYxOWI1YjJhOTJkLmpwZWc.webp
s-img.mgid.com/g/5097659/680x385/82x0x535x356/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097659/680x385/82x0x535x356/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U4NTBkYzhlMjk2ZWUxMmUxNDlmMzYxOWI1YjJhOTJkLmpwZWc.webp?v=1636806828-CWGbJic-5RhjphIiKMNGlN53esZi-B_sk9KG5gVVYck
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd68965e8c0fcdaa2d8981f06470677ed0bcef645e55830ad135654e2af02059

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:27:44 GMT
x-mg-request-uuid
3f47e958-180b-47eb-9b59-e08f4f3d8396
age
3707717
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d58dbe4e5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52030
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzAyODU1NDc2ZmE2MDU5ZmRmODkyMjFlMzlkMGVlZDk3LmpwZWc.webp
s-img.mgid.com/g/3973213/680x385/0x0x899x599/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3973213/680x385/0x0x899x599/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzAyODU1NDc2ZmE2MDU5ZmRmODkyMjFlMzlkMGVlZDk3LmpwZWc.webp?v=1636806828-wyyVQe3w2vQWWgN7dJoKdqwatOOT-WL94CcrM1Vz6rc
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91bcd62b2aa20763962ef09ce1faa047971fe07e50f54dd4d1e23349e98d06e3

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:36:08 GMT
x-mg-request-uuid
b09c7023-eb7b-471b-a143-8696be7367c7
age
817212
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d58dc04e5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13276
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2Q2YTk3ODEwNjRkMTRlMWI3ZWQ0YTM4ZTM0NTliNGQwLmpwZWc.webp
s-img.mgid.com/g/5097656/680x385/12x0x974x649/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097656/680x385/12x0x974x649/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2Q2YTk3ODEwNjRkMTRlMWI3ZWQ0YTM4ZTM0NTliNGQwLmpwZWc.webp?v=1636806828-3JoSsEb2_zknvdcO_4ZTlfYQyQpygmz5-cxBvYPR0LU
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6511c6b15d4c448c995938d19365a23d09870535e0f07ad19df1a23dbfdbfb46

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:28:31 GMT
x-mg-request-uuid
824cc567-b708-43b9-a0a1-0b7c46abec27
age
1334890
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d58dc14e5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19864
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDItMjgvMTAxOTI0LzMzOTg0MWNlZmYyN2RkNmYyNGRkYzI1MDQ1OGY4MjAwLmpwZz90PTE0ODgzMTAyNTY0ODM.webp
s-img.mgid.com/g/3805567/680x385/0x0x492x328/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805567/680x385/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDItMjgvMTAxOTI0LzMzOTg0MWNlZmYyN2RkNmYyNGRkYzI1MDQ1OGY4MjAwLmpwZz90PTE0ODgzMTAyNTY0ODM.webp?v=1636806828-uof8DPD8hDTaHUm_eLx1KW2znPil8LXa5nDb4eKHFUs
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50615719936bc35316757bcb02395fefab2566e58d24573a1008ec133726b1b0

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 16:07:52 GMT
x-mg-request-uuid
465a7db3-c8ec-4492-a44a-dcfc9d7aa29d
age
74268
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d58dc34e5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20840
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE2ODVmNjZmMDkwYWRmYzZmNmYwODQxZDlmZmMyMGRkLmpwZWc.webp
s-img.mgid.com/g/3885455/680x385/0x0x1021x680/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3885455/680x385/0x0x1021x680/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE2ODVmNjZmMDkwYWRmYzZmNmYwODQxZDlmZmMyMGRkLmpwZWc.webp?v=1636806828-XKHQRHdU1T799m2-1MQGkFFfp71x0udAJsSnerykJ4g
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b366ebedd73e588b51286728e2dc0e0037db6cc3e557d6f4a7ad604beae2fbcb

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 15:05:26 GMT
x-mg-request-uuid
8a33b070-01a9-4d9c-b3c2-774cda8edefc
age
3698016
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d58ddf4e5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12206
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMDgvMTAxOTI0LzcyOWIyZDdlMzZkOGFhNTBjYWM0MjdlNGQ5NTk4ODMzLmpwZz90PTE0ODkwMDQ2Mjc4MjA.webp
s-img.mgid.com/g/3805431/680x385/0x0x1023x682/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805431/680x385/0x0x1023x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMDgvMTAxOTI0LzcyOWIyZDdlMzZkOGFhNTBjYWM0MjdlNGQ5NTk4ODMzLmpwZz90PTE0ODkwMDQ2Mjc4MjA.webp?v=1636806828-GfuymrccaD3vF0ltjjU9TyYvnQqDAC9VLJqWrGZMqI4
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6193d59408bbccb28c14923312541fc683c94a3611f43af8ecaa780cbdde408

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:29:50 GMT
x-mg-request-uuid
60aeafdf-35a1-43b7-b21c-37dfb4c0ca80
age
1120109
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d58de14e5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
74992
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2NlMDcxZjgyZjFjZWI0MDAzZGUzNWJhMzc4YzY5NDZmLmpwZWc.webp
s-img.mgid.com/g/6288120/680x385/0x18x754x502/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/6288120/680x385/0x18x754x502/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2NlMDcxZjgyZjFjZWI0MDAzZGUzNWJhMzc4YzY5NDZmLmpwZWc.webp?v=1636806828-9GavUnF7TOUDZXNTuOxl5_SUSXdR758448OliEYZ0YM
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b14eb182ca495ec7c5087d39c6ed180ac8cb5bf488549cf82f152435c394d161

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:47:41 GMT
x-mg-request-uuid
f5eb2361-473e-40cd-aa92-c305301a3b45
age
3686108
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d58de34e5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14362
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2MwYmQ4NmI2YzVhNjUzYTc4NjY4OGQxN2VlZjY3OWJkLmpwZWc.webp
s-img.mgid.com/g/3866387/680x385/0x0x1000x666/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3866387/680x385/0x0x1000x666/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2MwYmQ4NmI2YzVhNjUzYTc4NjY4OGQxN2VlZjY3OWJkLmpwZWc.webp?v=1636806828-npTlUYtBK9wplr4MZlb_BLJ7UqN8Svs9l9eD6Ol5kgY
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b56a849804016eed9d3431f2f1c5cffe2d8423648584a867d9f31e0084d2a93

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:29:10 GMT
x-mg-request-uuid
5e657970-b8f5-4704-a66b-df747067c21f
age
3708005
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d58de44e5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22136
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8164909/680x385/16x0x492x328/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164909/680x385/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1636806828-Uy1O4Ig2xa5x3UClMMyFcaQ5A5VieFHTWuH_fTg2Fr8
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac2bffc7500e6182a046a8c5f102eaa431ebe8574c63902360a430e3dfdc8971

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 08:55:23 GMT
x-mg-request-uuid
dbf86644-606d-42ae-9b40-5ca51f11ca7c
age
183540
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d58de54e5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13086
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhlOTk5ZTQxOWMzODI5NGI0ODg3MmM1MjQwNWZiNjNiLmpwZWc.webp
s-img.mgid.com/g/3961825/680x385/0x0x806x537/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3961825/680x385/0x0x806x537/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhlOTk5ZTQxOWMzODI5NGI0ODg3MmM1MjQwNWZiNjNiLmpwZWc.webp?v=1636806828-hqkXyLJ_Vp9IxX6GkV6FP_yuRLDEKQYxCAYNve4yBN4
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60fbd8d9e0fa95c1cfc90c9e436194063c8beb11205ea10964c849b0e1aee383

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:27:37 GMT
x-mg-request-uuid
e6715a9a-3dd7-44d0-b758-72e5e414b59e
age
1327336
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d58de64e5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20858
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp
s-img.mgid.com/g/8164868/680x385/0x183x565x376/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164868/680x385/0x183x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp?v=1636806828-HMqXMG8qWGTntjgEGkfBVsyzyTRvXyT0p9oppCL2FjI
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74082cd506834dcc8ee94dce64115b61b413e00d4c9cdee32c0dcef1cf0b1ac1

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 09:00:52 GMT
x-mg-request-uuid
877ab087-fc46-4e50-8b91-846f29bad7f8
age
184670
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d58de74e5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25864
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvMDM5MWUxMDQ5NzJlYWU4M...
s-img.mgid.com/g/10881004/680x385/-/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10881004/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvMDM5MWUxMDQ5NzJlYWU4MWM3YjFlODE3Njg1Nzg3MzUuanBlZw.webp?v=1636806828-Gp676OHxxwqoVYlmYg-aZ14gyj9e-BIrUFpXVnPqxok
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f0996445cb4715ed149e1f3ca16835f41d8d012213516af2ea4708c4212137

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 13:47:09 GMT
x-mg-request-uuid
cf7bbf97-562d-4208-93f6-c4074803ef8a
age
3365068
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d58de94e5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7628
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzgzNGQwZTE0OTFhM2U3ODZjZmNlNGU3MTY3MTVhY2UxLmpwZWc.webp
s-img.mgid.com/g/5097653/680x385/0x0x800x533/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097653/680x385/0x0x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzgzNGQwZTE0OTFhM2U3ODZjZmNlNGU3MTY3MTVhY2UxLmpwZWc.webp?v=1636806828-6slYvtHfLT0asBUEkPCfNWMYM9KTf8H0qXxcg6EB3gE
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18bcde0edaa7d961a524aa1759d884d0ffcf11de78a5d0200fc42127a7ef8fcd

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:26:52 GMT
x-mg-request-uuid
bc43c765-b04f-412c-940d-b82a10f3a6a9
age
3707593
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d58dea4e5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43636
server
cloudflare
crum
dsum-sec.casalemedia.com/ Frame CABE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=a24a3912-4cf2-4507-8ca7-6bb2e6cccefe&expiration=1644755628
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 13 Nov 2021 12:33:48 GMT
i.js
cm.mgid.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?consentData=&gdprApplies=0&cbuster=1636806828037831747159
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbdf803fc830c5f59f05e87c0fe242f839afd9a51abbd465147e9b9aefdfb131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ad807d5dd7842e1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame 0F70 		19 B
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1636806828086627336872
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ad807d61e1342e1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
khaos.jpg
token.rubiconproject.com/ Frame 8004 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
usync.html
eus.rubiconproject.com/ Frame 8CF9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Nov 2021 12:33:48 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Sat, 13 Nov 2021 12:33:48 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync.html
s.adtelligent.com/ Frame 7B2C 		1 KB
884 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:476:0:ec4:7aff:fe7e:de5e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

Server
VertaMedia 1.0
Date
Sat, 13 Nov 2021 12:33:47 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://www.newsweek.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=ed3fc32a-1ee4-48c6-b18d-8d0449b3c158
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=ed3fc32a-1ee4-48c6-b18d-8d0449b3c158
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ad807da69b64345-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=ed3fc32a-1ee4-48c6-b18d-8d0449b3c158
date
Sat, 13 Nov 2021 12:33:49 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
/
cm.lentainform.com/setmuidn/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=ladM0btP5Rx4
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ad807d67ebc696f-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=R3Ih0TYimkeiWqiJQpMi&pi=mgid&tc=1
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=R3Ih0TYimkeiWqiJQpMi&pi=mgid&tc=1
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ad807d6b9594345-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=R3Ih0TYimkeiWqiJQpMi&pi=mgid&tc=1
pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT, Sat, 13 Nov 2021 12:33:48 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
mp.4dex.io/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=ladM0btP5Rx4
  • https://mp.4dex.io/setuid?bidder=bidswitch&uid=aedfd784-7c69-4ba6-a150-35f267800208&gdpr=&gdpr_consent=&us_privacy=
0
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mp.4dex.io/setuid?bidder=bidswitch&uid=aedfd784-7c69-4ba6-a150-35f267800208&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=63072000
cf-ray
6ad807d68edd5c6e-FRA
content-length
0
expires
0

Redirect headers

Location
//mp.4dex.io/setuid?bidder=bidswitch&uid=aedfd784-7c69-4ba6-a150-35f267800208&gdpr=&gdpr_consent=&us_privacy=
Date
Sat, 13 Nov 2021 12:33:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=df68f151-ab4d-403f-9f99-5ef5e520a685&ttl=1639398828
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=df68f151-ab4d-403f-9f99-5ef5e520a685&ttl=1639398828
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ad807d688ea4345-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=df68f151-ab4d-403f-9f99-5ef5e520a685&ttl=1639398828
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
mw
mwzeom.zeotap.com/ 		95 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=ladM0btP5Rx4&zpartnerid=1532&zdid=1532
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
cf-ray
6ad807d66d044a5c-FRA
access-control-allow-headers
*
content-length
95
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=ladM0btP5Rx4
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=2044897065896456539&gdpr=0&gdpr_consent=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=XaiZl4WjbSGlhM0ClR0qXz2x&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=aedfd784-7c69-4ba6-a150-35f267800208&gdpr=&gdpr_consent=&us_privacy=
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=aedfd784-7c69-4ba6-a150-35f267800208&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ad807d6b9714345-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
//cm.mgid.com/m?cdsp=433145&c=aedfd784-7c69-4ba6-a150-35f267800208&gdpr=&gdpr_consent=&us_privacy=
Date
Sat, 13 Nov 2021 12:33:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=9b3313a6-e6bf-4ef0-978d-055bd6ef2df0
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=665953&c=9b3313a6-e6bf-4ef0-978d-055bd6ef2df0
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ad807d7cbdd4345-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=9b3313a6-e6bf-4ef0-978d-055bd6ef2df0
date
Sat, 13 Nov 2021 12:33:48 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGFkTTBidFA1Ung0&muidn=ladM0btP5Rx4
  • https://cm.mgid.com/google?muidn=ladM0btP5Rx4&google_ula={guid},5&google_gid=CAESEEjExcwGFxMy4-xjLm61woo&google_cver=1
0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=ladM0btP5Rx4&google_ula={guid},5&google_gid=CAESEEjExcwGFxMy4-xjLm61woo&google_cver=1
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ad807d668a94345-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=ladM0btP5Rx4&google_ula={guid},5&google_gid=CAESEEjExcwGFxMy4-xjLm61woo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cm.idealmedia.io/setmuidn/ 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=ladM0btP5Rx4
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ad807d679b705b7-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 8CF9 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
99f1737b5914cb07c544213ac0e8ffd654bb155bf68d08a7de2d8cf5f75af7c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 12:33:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33454
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Sat, 13 Nov 2021 21:51:22 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzg2MGQwMjk2ZWQxYWIzOTQyZmI2Yzc2Mzc2YTM5N2EzLmpwZWc.webp
s-img.mgid.com/g/3959823/680x385/66x0x821x547/ Frame D673 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3959823/680x385/66x0x821x547/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzg2MGQwMjk2ZWQxYWIzOTQyZmI2Yzc2Mzc2YTM5N2EzLmpwZWc.webp?v=1636806828-VCvULmm31nd8WQT5P-sihXtl2s_jhqLLVU6Z36crMKk
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f74966512f04924db3b8316e29302c21659f974c9c6fe9e3a553db2f51d8a700

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 15:14:58 GMT
x-mg-request-uuid
c6563e20-d4ed-4793-aeed-0f8b075fb5fe
age
3685868
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d6aa43c29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38432
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2RjMDg4NWY4MjdlNjgwZmFkZDQ1M2YyZGUzZDIxYmUwLmpwZWc.webp
s-img.mgid.com/g/4074793/680x385/0x0x900x600/ Frame D673 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4074793/680x385/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2RjMDg4NWY4MjdlNjgwZmFkZDQ1M2YyZGUzZDIxYmUwLmpwZWc.webp?v=1636806828-9BUkveDdI4hQluIbhlYwcm_cQsR0Wbi4YoKPQEOsH8c
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
783355953bbe7e1f4e9c05108a4c07199a3b0c9b291cbebfcc4b5583ac4b2143

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 16:17:36 GMT
x-mg-request-uuid
10cf831e-11f9-4dfd-b20e-baa22ecadfd5
age
62380
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d6aa42c29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23116
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U4NTBkYzhlMjk2ZWUxMmUxNDlmMzYxOWI1YjJhOTJkLmpwZWc.webp
s-img.mgid.com/g/5097659/680x385/82x0x535x356/ Frame D673 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097659/680x385/82x0x535x356/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U4NTBkYzhlMjk2ZWUxMmUxNDlmMzYxOWI1YjJhOTJkLmpwZWc.webp?v=1636806828-CWGbJic-5RhjphIiKMNGlN53esZi-B_sk9KG5gVVYck
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd68965e8c0fcdaa2d8981f06470677ed0bcef645e55830ad135654e2af02059

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:27:44 GMT
x-mg-request-uuid
3f47e958-180b-47eb-9b59-e08f4f3d8396
age
3707717
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d6aa3fc29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52030
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzAyODU1NDc2ZmE2MDU5ZmRmODkyMjFlMzlkMGVlZDk3LmpwZWc.webp
s-img.mgid.com/g/3973213/680x385/0x0x899x599/ Frame D673 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3973213/680x385/0x0x899x599/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzAyODU1NDc2ZmE2MDU5ZmRmODkyMjFlMzlkMGVlZDk3LmpwZWc.webp?v=1636806828-wyyVQe3w2vQWWgN7dJoKdqwatOOT-WL94CcrM1Vz6rc
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91bcd62b2aa20763962ef09ce1faa047971fe07e50f54dd4d1e23349e98d06e3

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:36:08 GMT
x-mg-request-uuid
b09c7023-eb7b-471b-a143-8696be7367c7
age
817212
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d6aa41c29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13276
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2Q2YTk3ODEwNjRkMTRlMWI3ZWQ0YTM4ZTM0NTliNGQwLmpwZWc.webp
s-img.mgid.com/g/5097656/680x385/12x0x974x649/ Frame D673 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097656/680x385/12x0x974x649/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2Q2YTk3ODEwNjRkMTRlMWI3ZWQ0YTM4ZTM0NTliNGQwLmpwZWc.webp?v=1636806828-3JoSsEb2_zknvdcO_4ZTlfYQyQpygmz5-cxBvYPR0LU
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6511c6b15d4c448c995938d19365a23d09870535e0f07ad19df1a23dbfdbfb46

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:28:31 GMT
x-mg-request-uuid
824cc567-b708-43b9-a0a1-0b7c46abec27
age
1334890
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d6aa4ec29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19864
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDItMjgvMTAxOTI0LzMzOTg0MWNlZmYyN2RkNmYyNGRkYzI1MDQ1OGY4MjAwLmpwZz90PTE0ODgzMTAyNTY0ODM.webp
s-img.mgid.com/g/3805567/680x385/0x0x492x328/ Frame D673 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805567/680x385/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDItMjgvMTAxOTI0LzMzOTg0MWNlZmYyN2RkNmYyNGRkYzI1MDQ1OGY4MjAwLmpwZz90PTE0ODgzMTAyNTY0ODM.webp?v=1636806828-uof8DPD8hDTaHUm_eLx1KW2znPil8LXa5nDb4eKHFUs
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50615719936bc35316757bcb02395fefab2566e58d24573a1008ec133726b1b0

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 16:07:52 GMT
x-mg-request-uuid
465a7db3-c8ec-4492-a44a-dcfc9d7aa29d
age
74268
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d6aa4fc29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20840
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE2ODVmNjZmMDkwYWRmYzZmNmYwODQxZDlmZmMyMGRkLmpwZWc.webp
s-img.mgid.com/g/3885455/680x385/0x0x1021x680/ Frame D673 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3885455/680x385/0x0x1021x680/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE2ODVmNjZmMDkwYWRmYzZmNmYwODQxZDlmZmMyMGRkLmpwZWc.webp?v=1636806828-XKHQRHdU1T799m2-1MQGkFFfp71x0udAJsSnerykJ4g
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b366ebedd73e588b51286728e2dc0e0037db6cc3e557d6f4a7ad604beae2fbcb

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 15:05:26 GMT
x-mg-request-uuid
8a33b070-01a9-4d9c-b3c2-774cda8edefc
age
3698016
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d6aa51c29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12206
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMDgvMTAxOTI0LzcyOWIyZDdlMzZkOGFhNTBjYWM0MjdlNGQ5NTk4ODMzLmpwZz90PTE0ODkwMDQ2Mjc4MjA.webp
s-img.mgid.com/g/3805431/680x385/0x0x1023x682/ Frame D673 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805431/680x385/0x0x1023x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMDgvMTAxOTI0LzcyOWIyZDdlMzZkOGFhNTBjYWM0MjdlNGQ5NTk4ODMzLmpwZz90PTE0ODkwMDQ2Mjc4MjA.webp?v=1636806828-GfuymrccaD3vF0ltjjU9TyYvnQqDAC9VLJqWrGZMqI4
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6193d59408bbccb28c14923312541fc683c94a3611f43af8ecaa780cbdde408

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:29:50 GMT
x-mg-request-uuid
60aeafdf-35a1-43b7-b21c-37dfb4c0ca80
age
1120109
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d6aa52c29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
74992
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2NlMDcxZjgyZjFjZWI0MDAzZGUzNWJhMzc4YzY5NDZmLmpwZWc.webp
s-img.mgid.com/g/6288120/680x385/0x18x754x502/ Frame D673 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/6288120/680x385/0x18x754x502/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2NlMDcxZjgyZjFjZWI0MDAzZGUzNWJhMzc4YzY5NDZmLmpwZWc.webp?v=1636806828-9GavUnF7TOUDZXNTuOxl5_SUSXdR758448OliEYZ0YM
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b14eb182ca495ec7c5087d39c6ed180ac8cb5bf488549cf82f152435c394d161

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:47:41 GMT
x-mg-request-uuid
f5eb2361-473e-40cd-aa92-c305301a3b45
age
3686108
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d6aa53c29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14362
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2MwYmQ4NmI2YzVhNjUzYTc4NjY4OGQxN2VlZjY3OWJkLmpwZWc.webp
s-img.mgid.com/g/3866387/680x385/0x0x1000x666/ Frame D673 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3866387/680x385/0x0x1000x666/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2MwYmQ4NmI2YzVhNjUzYTc4NjY4OGQxN2VlZjY3OWJkLmpwZWc.webp?v=1636806828-npTlUYtBK9wplr4MZlb_BLJ7UqN8Svs9l9eD6Ol5kgY
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b56a849804016eed9d3431f2f1c5cffe2d8423648584a867d9f31e0084d2a93

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:29:10 GMT
x-mg-request-uuid
5e657970-b8f5-4704-a66b-df747067c21f
age
3708005
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d6aa45c29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22136
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8164909/680x385/16x0x492x328/ Frame D673 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164909/680x385/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1636806828-Uy1O4Ig2xa5x3UClMMyFcaQ5A5VieFHTWuH_fTg2Fr8
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac2bffc7500e6182a046a8c5f102eaa431ebe8574c63902360a430e3dfdc8971

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 08:55:23 GMT
x-mg-request-uuid
dbf86644-606d-42ae-9b40-5ca51f11ca7c
age
183540
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d6aa46c29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13086
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhlOTk5ZTQxOWMzODI5NGI0ODg3MmM1MjQwNWZiNjNiLmpwZWc.webp
s-img.mgid.com/g/3961825/680x385/0x0x806x537/ Frame D673 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3961825/680x385/0x0x806x537/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhlOTk5ZTQxOWMzODI5NGI0ODg3MmM1MjQwNWZiNjNiLmpwZWc.webp?v=1636806828-hqkXyLJ_Vp9IxX6GkV6FP_yuRLDEKQYxCAYNve4yBN4
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60fbd8d9e0fa95c1cfc90c9e436194063c8beb11205ea10964c849b0e1aee383

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:27:37 GMT
x-mg-request-uuid
e6715a9a-3dd7-44d0-b758-72e5e414b59e
age
1327336
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d6aa47c29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20858
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp
s-img.mgid.com/g/8164868/680x385/0x183x565x376/ Frame D673 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164868/680x385/0x183x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp?v=1636806828-HMqXMG8qWGTntjgEGkfBVsyzyTRvXyT0p9oppCL2FjI
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74082cd506834dcc8ee94dce64115b61b413e00d4c9cdee32c0dcef1cf0b1ac1

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 09:00:52 GMT
x-mg-request-uuid
877ab087-fc46-4e50-8b91-846f29bad7f8
age
184670
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d6aa4ac29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25864
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvMDM5MWUxMDQ5NzJlYWU4M...
s-img.mgid.com/g/10881004/680x385/-/ Frame D673 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10881004/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvMDM5MWUxMDQ5NzJlYWU4MWM3YjFlODE3Njg1Nzg3MzUuanBlZw.webp?v=1636806828-Gp676OHxxwqoVYlmYg-aZ14gyj9e-BIrUFpXVnPqxok
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f0996445cb4715ed149e1f3ca16835f41d8d012213516af2ea4708c4212137

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 13:47:09 GMT
x-mg-request-uuid
cf7bbf97-562d-4208-93f6-c4074803ef8a
age
3365068
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d6aa4bc29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7628
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzgzNGQwZTE0OTFhM2U3ODZjZmNlNGU3MTY3MTVhY2UxLmpwZWc.webp
s-img.mgid.com/g/5097653/680x385/0x0x800x533/ Frame D673 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097653/680x385/0x0x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzgzNGQwZTE0OTFhM2U3ODZjZmNlNGU3MTY3MTVhY2UxLmpwZWc.webp?v=1636806828-6slYvtHfLT0asBUEkPCfNWMYM9KTf8H0qXxcg6EB3gE
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsweek.com.734388.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18bcde0edaa7d961a524aa1759d884d0ffcf11de78a5d0200fc42127a7ef8fcd

Request headers

Referer
https://www.newsweek.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:26:52 GMT
x-mg-request-uuid
bc43c765-b04f-412c-940d-b82a10f3a6a9
age
3707593
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ad807d6aa4dc29a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43636
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 84B0 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=38074
expires
Sat, 13 Nov 2021 23:08:22 GMT
date
Sat, 13 Nov 2021 12:33:48 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 5550 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 13 Nov 2021 12:33:48 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E663 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=38074
expires
Sat, 13 Nov 2021 23:08:22 GMT
date
Sat, 13 Nov 2021 12:33:48 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame EC59 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 13 Nov 2021 12:33:48 GMT
Connection
keep-alive
pd
u.openx.net/w/1.0/ Frame 4B4F 		638 B
734 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
34f8effad515000aac7e68be60523f14650a6d8c1f7acfd643da94526d3506f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 13 Nov 2021 12:33:48 GMT
content-type
text/html
content-length
429
content-encoding
gzip
via
1.1 google
alt-svc
clear
pd
u.openx.net/w/1.0/ Frame 85DB 		638 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
34f8effad515000aac7e68be60523f14650a6d8c1f7acfd643da94526d3506f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 13 Nov 2021 12:33:48 GMT
content-type
text/html
content-length
429
content-encoding
gzip
via
1.1 google
alt-svc
clear
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D802 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=38074
expires
Sat, 13 Nov 2021 23:08:22 GMT
date
Sat, 13 Nov 2021 12:33:48 GMT
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4826 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=38074
expires
Sat, 13 Nov 2021 23:08:22 GMT
date
Sat, 13 Nov 2021 12:33:48 GMT
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 1CF0 		538 B
656 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
6f36e6ca9d7ccb6cacb5abf948ba9dacddba3e72fc9637a85f1c6b0d1fe8db4b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 13 Nov 2021 12:33:48 GMT
content-type
text/html
content-length
338
content-encoding
gzip
via
1.1 google
alt-svc
clear
pd
u.openx.net/w/1.0/ Frame EC1E 		538 B
652 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
6f36e6ca9d7ccb6cacb5abf948ba9dacddba3e72fc9637a85f1c6b0d1fe8db4b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 13 Nov 2021 12:33:48 GMT
content-type
text/html
content-length
338
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame CE71 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 13 Nov 2021 12:33:48 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame B735 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 13 Nov 2021 12:33:48 GMT
Connection
keep-alive
cookie-sync
match.prod.bidr.io/ Frame 85DB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFKdk7DH2EAACmlG-7c4w&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Server
52.49.53.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-53-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
date
Sat, 13 Nov 2021 12:33:47 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:427
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
eu-u.openx.net/w/1.0/ Frame 85DB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d337618f-b0a9-4000-804c-2a0da40c5b92
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d337618f-b0a9-4000-804c-2a0da40c5b92
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Date
Sat, 13 Nov 2021 12:33:48 GMT
Server
MT3 4103 f8fad19 master zrh-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d337618f-b0a9-4000-804c-2a0da40c5b92
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 13 Nov 2021 12:33:47 GMT
sd
us-u.openx.net/w/1.0/ Frame 85DB
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NxsfrWMaRqosGxP8YEkK_zAZFP0sEhPzOUm6ZYNH
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NxsfrWMaRqosGxP8YEkK_zAZFP0sEhPzOUm6ZYNH
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NxsfrWMaRqosGxP8YEkK_zAZFP0sEhPzOUm6ZYNH
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 85DB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6227458662698629402
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6227458662698629402
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6227458662698629402
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 85DB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=9e380bed-1816-30b4-6475-412f47187c35&gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 85DB 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjI1N2Q4MjctZDE2MS02ZTEwLTcxOTUtMWI5NjhkZmFiMjU1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie-sync
match.prod.bidr.io/ Frame 4B4F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFKdk7DH2EAACmlG-7c4w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=1&ev=AAFKdk7DH2EAACmlG-7c4w&pid=558502&do=add
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=1&ev=AAFKdk7DH2EAACmlG-7c4w&pid=558502&do=add
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Server
52.49.53.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-53-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:49 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=1&ev=AAFKdk7DH2EAACmlG-7c4w&pid=558502&do=add
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-544c4f9c45-42wx9
expires
-1
sd
eu-u.openx.net/w/1.0/ Frame 4B4F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d337618f-b0a9-4000-804c-2a0da40c5b92
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d337618f-b0a9-4000-804c-2a0da40c5b92
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Date
Sat, 13 Nov 2021 12:33:48 GMT
Server
MT3 4103 f8fad19 master zrh-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d337618f-b0a9-4000-804c-2a0da40c5b92
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 13 Nov 2021 12:33:47 GMT
sd
us-u.openx.net/w/1.0/ Frame 4B4F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NxsfrWMaRqosGxP8YEkK_zAZFP0sEhPzOUm6ZYNH
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NxsfrWMaRqosGxP8YEkK_zAZFP0sEhPzOUm6ZYNH
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=NxsfrWMaRqosGxP8YEkK_zAZFP0sEhPzOUm6ZYNH
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4B4F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6227458662698629402
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6227458662698629402
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6227458662698629402
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 4B4F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=9e380bed-1816-30b4-6475-412f47187c35&gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4B4F 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjI1N2Q4MjctZDE2MS02ZTEwLTcxOTUtMWI5NjhkZmFiMjU1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csync
sync.adtelligent.com/ Frame 7B2C 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 84B0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=9048224&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
11fad5790dad6ad4d5b6caec0674c9a6ea62220e5ffdc30a4cb90ea927416dee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1808
content-type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame 1CF0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3878890920847137775&gdpr=1&gdpr_consent=&us_privacy=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3878890920847137775&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3878890920847137775&gdpr=1&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame 1CF0
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=QW6B0bGQiZqCAQ2YlAFGjw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
a43f4riivfepk1g7eqnum6uuvq790d30

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0aff6da9-88ba-a2fd-55a2-57dab84fb17c
pr-bh.ybp.yahoo.com/sync/openx/ Frame 1CF0 		43 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/0aff6da9-88ba-a2fd-55a2-57dab84fb17c?gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 1CF0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LjRkZnva1MLSe85
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LjRkZnva1MLSe85
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-0b2a0a0a5201c51fd@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LjRkZnva1MLSe85
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1CF0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=o...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=aedfd784-7c69-4ba6-a150-35f267800208
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=aedfd784-7c69-4ba6-a150-35f267800208
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=aedfd784-7c69-4ba6-a150-35f267800208
Date
Sat, 13 Nov 2021 12:33:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame 1CF0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7652432736333484131
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7652432736333484131
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
X-Proxy-Origin
91.199.118.72; 91.199.118.72; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0299b6fa-36d2-4c95-b426-1095cf404e75
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7652432736333484131
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EC1E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3878890920847137775&gdpr=1&gdpr_consent=&us_privacy=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3878890920847137775&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3878890920847137775&gdpr=1&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame EC1E
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=QW6B0bGQiZqCAQ2YlAFGjw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
1qdebqoik9mjrd6mrkevkafhale71uo4

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0aff6da9-88ba-a2fd-55a2-57dab84fb17c
pr-bh.ybp.yahoo.com/sync/openx/ Frame EC1E 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/0aff6da9-88ba-a2fd-55a2-57dab84fb17c?gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame EC1E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LjRkZnva1MLSe85
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LjRkZnva1MLSe85
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LjRkZnva1MLSe85
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EC1E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=o...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=aedfd784-7c69-4ba6-a150-35f267800208
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=aedfd784-7c69-4ba6-a150-35f267800208
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=aedfd784-7c69-4ba6-a150-35f267800208
Date
Sat, 13 Nov 2021 12:33:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame EC1E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7652432736333484131
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7652432736333484131
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
X-Proxy-Origin
91.199.118.72; 91.199.118.72; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2f91f7f1-a53a-4913-8141-ede63b773f49
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7652432736333484131
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B027 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://www.newsweek.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Content-Length
54
Expires
Sat, 13 Nov 2021 12:33:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 1618 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://www.newsweek.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Content-Length
54
Expires
Sat, 13 Nov 2021 12:33:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
Connection
keep-alive
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame 5D59
Redirect Chain
  • https://ib.adnxs.com/getuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=$UID&pubId=28113
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=7652432736333484131&pubId=28113
43 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=7652432736333484131&pubId=28113
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Server
208.80.55.87 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:49 GMT
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
X-Proxy-Origin
91.199.118.72; 91.199.118.72; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d6886ed1-7198-463e-acda-6001e576eec1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=7652432736333484131&pubId=28113
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
uuid
nodeny.targetspot.com/callback/ Frame 5D59 		0
0
sync
odr.mookie1.com/t/v2/ Frame 5D59
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triton&stn=T_I_M
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=aedfd784-7c69-4ba6-a150-35f267800208&ssp=triton&gdpr=&gdpr_consent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=aedfd784-7c69-4ba6-a150-35f267800208&ssp=triton&gdpr=&gdpr_consent=
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=aedfd784-7c69-4ba6-a150-35f267800208&ssp=triton&gdpr=&gdpr_consent=
Date
Sat, 13 Nov 2021 12:33:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame 5D59 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tpqk5an&ttd_puid=T_I_M
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame 5D59
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Daw%26uid%3D%24%7BUID%7D%26pubId%3D28113
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=aw&uid=45010bbee659c47fc5a3cef2f41b7944&pubId=28113
43 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=aw&uid=45010bbee659c47fc5a3cef2f41b7944&pubId=28113
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Server
208.80.55.87 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:49 GMT
content-length
43
content-type
image/gif

Redirect headers

Date
Sat, 13 Nov 2021 12:33:48 GMT
X-Clacks-Overhead
GNU Terry Pratchett
Server
Apache-Coyote/1.1
X-Adswizz-request-id
f38b0da0-447d-11ec-9b69-020784b86359
Instance-id
i-0dff07dc6263007cb
Location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=aw&uid=45010bbee659c47fc5a3cef2f41b7944&pubId=28113
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame 5D59
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=133&uid=f7914556-1b99-4301-8bca-4a7ca386e87b&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubI...
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=622165913475&pubId=28113
43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=622165913475&pubId=28113
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Server
208.80.55.87 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:49 GMT
content-length
43
content-type
image/gif

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=622165913475&pubId=28113
CookieSyncTriton
rtb.adentifi.com/ Frame 5D59 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncTriton?redirect=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dadt%26uid%3D%24UID%26pubId%3D28113
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.236.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-236-19.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame 5D59
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D28113
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=d337618f-b0a9-4000-804c-2a0da40c5b92&pubId=28113
43 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=d337618f-b0a9-4000-804c-2a0da40c5b92&pubId=28113
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Server
208.80.55.87 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:49 GMT
content-length
43
content-type
image/gif

Redirect headers

Date
Sat, 13 Nov 2021 12:33:48 GMT
Server
MT3 4103 f8fad19 master zrh-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=d337618f-b0a9-4000-804c-2a0da40c5b92&pubId=28113
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 13 Nov 2021 12:33:47 GMT
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame 5D59
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D28113
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=cto&uid=no-consent&pubId=28113
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=cto&uid=no-consent&pubId=28113
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Server
208.80.55.87 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:49 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=cto&uid=no-consent&pubId=28113
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel.gif
cmod.live.streamtheworld.com/cookiesync/ Frame 5D59
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triton&google_sc&google_cm&stn=T_I_M
  • https://cmod.live.streamtheworld.com/cookiesync/pixel.gif?partner=dbm&uid=CAESECu_9824IzXmMKCNnw5Fd60&stn=T_I_M&google_cver=1
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmod.live.streamtheworld.com/cookiesync/pixel.gif?partner=dbm&uid=CAESECu_9824IzXmMKCNnw5Fd60&stn=T_I_M&google_cver=1
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Server
192.173.28.145 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cmod.live.streamtheworld.com/cookiesync/pixel.gif?partner=dbm&uid=CAESECu_9824IzXmMKCNnw5Fd60&stn=T_I_M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.php
gu.dyntrk.com/adx/trtn/ Frame 5D59 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/trtn/us.php?dynk=tr26t81n&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Ddyn%26uid%3D%5BDYNADMIC_UID%5D%26pubId%3D28113
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.140 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31193670.ip-51-178-20.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame 5D59
Redirect Chain
  • https://ad.turn.com/r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D28113
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=3878890920847137775&pubId=28113
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=3878890920847137775&pubId=28113
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Protocol
H2
Server
208.80.55.87 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:49 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=3878890920847137775&pubId=28113
pragma
no-cache
date
Sat, 13 Nov 2021 12:33:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usermatch
ssum-sec.casalemedia.com/ Frame 5BAF 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://www.newsweek.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Content-Length
54
Expires
Sat, 13 Nov 2021 12:33:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 5B8D 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=undefined&d=https://www.newsweek.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Content-Length
54
Expires
Sat, 13 Nov 2021 12:33:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 13 Nov 2021 12:33:48 GMT
Connection
keep-alive
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 77A0
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=74f28eae-bb41-4be8-98ef-2cc8ff2cdf47-tuct889362c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=74f28eae-bb41-4be8-98ef-2cc8ff2cdf47-tuct889362c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sat, 13 Nov 2021 12:33:49 GMT
via
1.1 varnish
x-served-by
cache-fra19154-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1636806829.990432,VS0,VE12
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=74f28eae-bb41-4be8-98ef-2cc8ff2cdf47-tuct889362c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sat, 13 Nov 2021 12:33:48 GMT
via
1.1 varnish
x-served-by
cache-fra19133-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1636806829.953710,VS0,VE9
x-vcl-time-ms
9
content-length
0
usersync
match.bnmla.com/ Frame EBCC 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 13 Nov 2021 12:33:49 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 10DC
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:LjRkZnva1MLSe85&gdpr=0&gdpr_consent=
42 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:LjRkZnva1MLSe85&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 13 Nov 2021 12:33:48 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug017:0:722
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Sat, 13 Nov 2021 12:33:48 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:LjRkZnva1MLSe85&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame B8AC
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DC16BD8812594D63B2B9EA6DEEC5A06C
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DC16BD8812594D63B2B9EA6DEEC5A06C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 13 Nov 2021 12:33:47 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug015:0:458
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Sat, 13 Nov 2021 12:33:48 GMT
content-type
text/html
content-length
138
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DC16BD8812594D63B2B9EA6DEEC5A06C
expires
Fri, 12 Nov 2021 12:33:48 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
simage2.pubmatic.com/AdServer/ Frame 82BD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=So-YXIF7Rb1uAbJtKWXtUFvHdkg
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=So-YXIF7Rb1uAbJtKWXtUFvHdkg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 13 Nov 2021 12:33:48 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug009:0:334
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Sat, 13 Nov 2021 12:33:49 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=So-YXIF7Rb1uAbJtKWXtUFvHdkg
Content-Length
159
Connection
keep-alive
Artemis
aud.pubmatic.com/AdServer/ Frame 84B0
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E8A3413E-B039-465D-BAAD-4DAC41B05914&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E8A3413E-B039-465D-BAAD-4DAC41B05914&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E8A3413E-B039-465D-BAAD-4DAC41B05914&addseg=19,36,42
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E8A3413E-B039-465D-BAAD-4DAC41B05914&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:49 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Sat, 13 Nov 2021 12:33:49 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E8A3413E-B039-465D-BAAD-4DAC41B05914&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 84B0
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E8A3413E-B039-465D-BAAD-4DAC41B05914&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E8A3413E-B039-465D-BAAD-4DAC41B05914&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E8A3413E-B039-465D-BAAD-4DAC41B05914&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:47 GMT
frontend-id
7
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:47 GMT
frontend-id
4
location
/pubmatic/1/info2?sType=sync&sExtCookieId=E8A3413E-B039-465D-BAAD-4DAC41B05914&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 84B0 		95 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=E8A3413E-B039-465D-BAAD-4DAC41B05914
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6ad807d8d9444a5c-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 84B0
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E8A3413E-B039-465D-BAAD-4DAC41B05914
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Protocol
HTTP/1.1
Server
54.236.81.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-81-149.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 12:33:49 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 13 Nov 2021 12:33:49 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 84B0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f3c3aacb-447d-11ec-9781-7194727bb9b2&gdpr=0&gdpr_consent=
1 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f3c3aacb-447d-11ec-9781-7194727bb9b2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:48 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:563
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f3c3aacb-447d-11ec-9781-7194727bb9b2&gdpr=0&gdpr_consent=
Date
Sat, 13 Nov 2021 12:33:48 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
f3c3aacc-447d-11ec-9781-7194727bb9b2
khaos.jpg
token.rubiconproject.com/ Frame 8CF9 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
aFRjdzF/DZHh+rYelBbjK34hNPbsk4I/eOnO1LaoNiF6cfT7H0uNorDgGmZW1PX7c/trrvJlAmzM1oTu9W6pMQ==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Sat, 13 Nov 2021 12:33:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
5e9e00b619144f0012bc03cf
api.pushnami.com/scripts/v1/pushnami-adv/ 		404 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/5e9e00b619144f0012bc03cf
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-114.fra2.r.cloudfront.net
Software
/
Resource Hash
527868c770ef179e8346dd82e084d21799a65be6ccc7514969d66656bd68503b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:24:01 GMT
via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
age
588
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-pop
FRA2-C1
content-encoding
gzip
x-amz-cf-id
gphIxq0HzhCdizVMvBmuff_rMKSESSW-syz2dYjMBN0Uu4qq8jbpwQ==
partner
sync.search.spotxchange.com/ 		0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Sat, 13 Nov 2021 12:33:49 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
71
Connection
keep-alive
Content-Length
0
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6972086/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.225.78.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:31:46 GMT
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
0
x-amz-cf-id
NtE6D0dlkxQpqfNe72jXDRNsK9WIpeWiRDuD9dykfFNPPW8_Q8h-YQ==

Redirect headers

date
Sat, 13 Nov 2021 12:33:49 GMT
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
9-UdxlxEsAjagIDuxLorVWLdRmeoWqfAjkJiMoP676I7YwPgOZ9U4A==
496391994180701
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/496391994180701?v=2.9.48&r=stable
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fe54b5127cc6707048a0042f4477cd02d27edd5e08690a3ad70ac63ec6d3af66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89313
x-xss-protection
0
pragma
public
x-fb-debug
dVihu/ai5KrN3T4Okf6a+DA4NMREb/324EhlVcs6zNGqvGyYvn/v07O9tPjt3mZMv8R5uR5CaFd2p1wkEHlRaw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Sat, 13 Nov 2021 12:33:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
hub
api.pushnami.com/scripts/v1/ Frame 8466 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-114.fra2.r.cloudfront.net
Software
/
Resource Hash
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

content-type
text/html; charset=utf-8
date
Sat, 13 Nov 2021 11:50:33 GMT
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-headers
X-Requested-With
content-security-policy
default-src 'unsafe-inline' *
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
cache-control
no-cache
content-encoding
gzip
vary
accept-encoding
x-cache
Hit from cloudfront
via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
oxyygruUgC_0dNBrk5aezgtMF6_a5HDnxlpRrspdpkcSuLI-5h7aig==
age
2596
track
trc.pushnami.com/api/push/ 		2 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.50.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-50-145.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://www.newsweek.com/
key
5e9e00b619144f0012bc03cf
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 13 Nov 2021 12:33:49 GMT
cache-control
no-cache
content-type
text/html; charset=utf-8
content-length
2
access-control-expose-headers
WWW-Authenticate,Server-Authorization
track
trc.pushnami.com/api/push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.50.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-50-145.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
key
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 13 Nov 2021 12:33:49 GMT
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age
86400
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=496391994180701&ev=PageView&dl=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&rl=&if=false&ts=1636806829170&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636806829168.1666186972&it=1636806829062&coo=false&exp=p0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sat, 13 Nov 2021 12:33:49 GMT
psp
psp.pushnami.com/api/ 		2 B
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.124.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-124-237.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://www.newsweek.com/
key
5e9e00b619144f0012bc03cf
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:49 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
accept-encoding
content-type
text/html; charset=utf-8
psp
psp.pushnami.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.124.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-124-237.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
key
Origin
https://www.newsweek.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 13 Nov 2021 12:33:49 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
access-control-expose-headers
content-type, content-length, etag
access-control-max-age
600
access-control-allow-headers
key
access-control-allow-methods
POST
cache-control
no-cache
vary
accept-encoding
content-encoding
gzip
v3_270443_4020.json
player.spotim.market/prebidlink/2728011/ Frame D230 		276 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/2728011/v3_270443_4020.json?cb=www.newsweek.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/454668/wrapper_hb_270443_4020.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2c33e1379a8c126e1a41ded8a3a513ffc5da1f2ca8b3f21313f29345d022bd39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:49 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 14:25:06 GMT
server
nginx/1.18.0
etag
W/"618e7942-44ec7"
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
expires
Sat, 13 Nov 2021 13:33:49 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
v3_270443_4020.json
player.spotim.market/prebidlink/2728011/ Frame 6FC1 		276 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/2728011/v3_270443_4020.json?cb=www.newsweek.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/454668/wrapper_hb_270443_4020.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2c33e1379a8c126e1a41ded8a3a513ffc5da1f2ca8b3f21313f29345d022bd39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:49 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 14:25:06 GMT
server
nginx/1.18.0
etag
W/"618e7942-44ec7"
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
expires
Sat, 13 Nov 2021 13:33:49 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
/
www.facebook.com/tr/ Frame 13F5 		0
108 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.newsweek.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
date
Sat, 13 Nov 2021 12:33:50 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1362449
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3279
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-ce35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hOY7ZRVG4FOyZBdg%2BeTE1dyef5JkxmiWEuheNkXROMxGKt8jYyWBrHOsN%2FVZGZkImaqsw6ZCg50W65glUygyaowauSYAGcGzQQrpAtxpvecICUF6Y83nabanSsZlbVy8tHuAF%2BcjfghHZ%2BX%2F9iF4Ihq"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ad807e26a296973-FRA
expires
Thu, 03 Nov 2022 12:33:50 GMT
css
fonts.googleapis.com/ 		2 KB
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 12:03:27 GMT
server
ESF
date
Sat, 13 Nov 2021 12:33:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Nov 2021 12:33:50 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 84B0 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156758&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156758
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
s2s
s2s.aniview.com/api/adserver/ 		1 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=2774da537284ea90966d4f68a811cab4_1723154173&wpm=&ssrtb=&pbjs=&tms=450&AV_C_USER_ID=1636806827343-918702922763-005943-007-001806&AV_CDIM1=sp_vNTS7w0J&AV_CDIM2=Desktop&AV_CDIM3=conversation_header_siderail&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&AV_CDIM4=696641cb-0958-4cfe-9528-2bd52ced2345&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_CDIM7=row1-column1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6016e744dd1cb968d906f916&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.newsweek.com&AV_DADPOS=3&d36=6.1.2.85&sver=1&avtoken=826567&AV_WIDTH=310&AV_HEIGHT=253&AV_DNT=0&cb=6806830991&tgt=0&&AV_VI=73&AV_VID=0&d4=3&d5=4
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.199.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-199-60.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Nov 2021 12:33:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 01 Nov 2021 22:47:11 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545628832&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806830992&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545647348&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806830992&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545647358&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806830992&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545694942&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806830992&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=544085322&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806830992&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.newsweek.com&rs=www.newsweek.com&sid=95279&t=1636806827&cip=91.199.118.72&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=310&he=253&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1636806827343-918702922763-005943-007-001806&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=24252733482&cd6=true&cd7=row1-column1&cd1=sp_vNTS7w0J&cd2=Desktop&cd3=conversation_header_siderail&cd4=696641cb-0958-4cfe-9528-2bd52ced2345&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&d9=1000&d37=realtime1&AV_WIDTH=310&AV_HEIGHT=253&nid=5e0e296628a061270b21ccab&ncid=6016e744dd1cb968d906f916&e=request&cb=1636806830995&asid=60feac4ce03fa73380094e24%2C60f8569c4715e155ed794d35%2C61113cee6b87b82c901965fc%2C61113d66a42da955751a8568%2C614875aa3f4a8c1c94515a83%2C60b8f0b10b77a80da5449b88%2C60f84cc174472351b879a059%2C61309c449070072bf8053a8f%2C6145f6478212a71e64511bed%2C613ef890aabbcc1fe20065e5%2C614b567f9101b84b0b7a8835%2C6123c78d153d805ac51f3494%2C615f1551a5871a3d5225639c%2C610a78a0f82fe519c712a5c5&ofpr=5.5%2C%2C%2C%2C%2C%2C5.5%2C8.8%2C3.53%2C13.65%2C3.61%2C5.5%2C5.5%2C2.56&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:51 GMT
X-SpotX-Timing-Transform
0.000339
X-SpotX-Timing-SpotMarket
0.005145
X-SpotX-Timing-Page-Mux
0.001877
X-SpotX-Timing-Page-Require
0.000329
X-fe
116
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000027
X-SpotX-Timing-Page
0.012265
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000306
Last-Modified
Sat, 13 Nov 2021 12:33:51 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005145
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.004230
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
0ca469ed8abd3e3e56ff48a67c98bfe747cc3b3d8ad1ab545f39865eb626e4c7

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5686be3c-69b6-4154-b2b7-e2aae066e318&nocache=1636806831009&pubcid=3c16b188-8114-467a-8d00-5e50b42b8f6e&schain=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A310%2C%22h%22%3A253%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=545712395&vwd=310&vht=253&aumfs=5500
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2251d41c84cce9f6b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2252b6b45ecc1d5eb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B310%2C253%5D%5D%2C%22w%22%3A310%2C%22h%22%3A253%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.56%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%2C%22asi%22%3A%22spotim.market%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4f6c6accb7e542c3bc48d84d4ec2d1360bd96825956d858f6fc7095776b1d1b2

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:51 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:51 GMT
X-SpotX-Timing-Transform
0.000570
X-SpotX-Timing-SpotMarket
0.007562
X-SpotX-Timing-Page-Mux
0.001081
X-SpotX-Timing-Page-Require
0.000459
X-fe
090
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000032
X-SpotX-Timing-Page
0.012907
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000419
Last-Modified
Sat, 13 Nov 2021 12:33:51 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.007562
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.002768
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9aa11438-6ab9-4e9f-9803-732184641fe7&nocache=1636806831014&pubcid=3c16b188-8114-467a-8d00-5e50b42b8f6e&schain=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A310%2C%22h%22%3A253%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=545663990&vwd=310&vht=253&aumfs=5500
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
a14a285ec68902299fcfba7158800035f7bc7378a1dcfa54c6b63da58fed5e25

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
s2s
s2s.aniview.com/api/adserver/ 		1 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=783ee43972b68b854ee686ba35ae9ee8_1723163249&wpm=&ssrtb=&pbjs=&tms=450&AV_C_USER_ID=1636806827034-953941052763-008499-003-008044&AV_CDIM1=sp_vNTS7w0J&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&AV_CDIM4=696641cb-0958-4cfe-9528-2bd52ced2345&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_CDIM7=row1-column1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=61828478d7375b75c9123cf8&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.newsweek.com&AV_DADPOS=3&AV_PLACEMENT=1&d36=6.1.2.85&sver=1&avtoken=826595&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=6806831207&tgt=0&&AV_VI=0&AV_VID=3178.390625&d4=3&d5=4
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.199.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-199-60.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Nov 2021 12:33:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 01 Nov 2021 22:47:11 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.newsweek.com&rs=www.newsweek.com&sid=82672&t=1636806827&cip=91.199.118.72&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1636806827034-953941052763-008499-003-008044&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=97768579429&cd1=sp_vNTS7w0J&cd2=Desktop&cd3=pitc&cd4=696641cb-0958-4cfe-9528-2bd52ced2345&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&cd7=row1-column1&d9=1000&d37=realtime1&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=61828478d7375b75c9123cf8&e=request&cb=1636806831209&asid=610a78a0f82fe519c712a5c5%2C614ca74a3f22850e2c64516b%2C613f3a604851872cdd37e8ae%2C6167f722f4f5be3f3b74f7ac%2C6145f6478212a71e64511bed%2C614b567f9101b84b0b7a8835%2C61312cb99bd61a2e0c1d0f94%2C61312c6f520a741f1b4d5991%2C614337343965e665fb4b2067%2C614c4a387c7c2f0b100ab1b1%2C614ca70120845e08015d7cfc%2C61309c449070072bf8053a8f&ofpr=2.56%2C2.75%2C4.6%2C3.56%2C3.53%2C3.61%2C9.44%2C2.93%2C2.36%2C3.26%2C3.61%2C8.8&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:51 GMT
X-SpotX-Timing-Transform
0.000352
X-SpotX-Timing-SpotMarket
0.004425
X-SpotX-Timing-Page-Mux
0.001021
X-SpotX-Timing-Page-Require
0.000546
X-fe
100
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000035
X-SpotX-Timing-Page
0.011298
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000461
Last-Modified
Sat, 13 Nov 2021 12:33:51 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004425
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.004441
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000016
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:51 GMT
X-SpotX-Timing-Transform
0.000358
X-SpotX-Timing-SpotMarket
0.005200
X-SpotX-Timing-Page-Mux
0.000943
X-SpotX-Timing-Page-Require
0.000340
X-fe
032
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
X-SpotX-Timing-Page
0.010086
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000331
Last-Modified
Sat, 13 Nov 2021 12:33:51 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005200
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.002877
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:51 GMT
X-SpotX-Timing-Transform
0.000916
X-SpotX-Timing-SpotMarket
0.005086
X-SpotX-Timing-Page-Mux
0.000844
X-SpotX-Timing-Page-Require
0.000279
X-fe
032
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000029
X-SpotX-Timing-Page
0.010446
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000258
Last-Modified
Sat, 13 Nov 2021 12:33:51 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005086
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.003021
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
316720
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/316720?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:51 GMT
X-SpotX-Timing-Transform
0.000372
X-SpotX-Timing-SpotMarket
0.005940
X-SpotX-Timing-Page-Mux
0.001072
X-SpotX-Timing-Page-Require
0.000432
X-fe
014
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000025
X-SpotX-Timing-Page
0.011268
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000315
Last-Modified
Sat, 13 Nov 2021 12:33:51 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005940
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.003098
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:51 GMT
X-SpotX-Timing-Transform
0.000352
X-SpotX-Timing-SpotMarket
0.005226
X-SpotX-Timing-Page-Mux
0.001020
X-SpotX-Timing-Page-Require
0.000296
X-fe
103
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000029
X-SpotX-Timing-Page
0.011565
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000249
Last-Modified
Sat, 13 Nov 2021 12:33:51 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005226
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.004371
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000021
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22775a99153216ec4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2278e0d3686141fcc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3.26%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5658d2e96e8b574fe84cdba7fb5344fe8ec4f9624403ee24685929a8f91ce52b

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:51 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:51 GMT
X-SpotX-Timing-Transform
0.000304
X-SpotX-Timing-SpotMarket
0.004767
X-SpotX-Timing-Page-Mux
0.001121
X-SpotX-Timing-Page-Require
0.000292
X-fe
020
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000024
X-SpotX-Timing-Page
0.010874
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000260
Last-Modified
Sat, 13 Nov 2021 12:33:51 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004767
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.004091
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22812bcb141a514c9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22820682c9fa672f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.56%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f683d45e98691b2f1a91ee5a3c537bfe66be72d969348f0c80b346086e244dad

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:51 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
s2s
s2s.aniview.com/api/adserver/ 		1 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=2774da537284ea90966d4f68a811cab4_1723154173&wpm=&ssrtb=&pbjs=&tms=450&AV_C_USER_ID=1636806827343-918702922763-005943-007-001806&AV_CDIM1=sp_vNTS7w0J&AV_CDIM2=Desktop&AV_CDIM3=conversation_header_siderail&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&AV_CDIM4=696641cb-0958-4cfe-9528-2bd52ced2345&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_CDIM7=row1-column1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6016e744dd1cb968d906f916&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.newsweek.com&AV_DADPOS=3&d36=6.1.2.85&sver=1&avtoken=826567&AV_WIDTH=310&AV_HEIGHT=253&AV_DNT=0&cb=6806831245&tgt=0&&AV_VI=73&AV_VID=0&d4=4&d5=4
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.199.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-199-60.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Nov 2021 12:33:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 01 Nov 2021 22:47:11 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=544085322&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806831246&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545647348&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806831246&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545628832&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806831246&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.newsweek.com&rs=www.newsweek.com&sid=95279&t=1636806827&cip=91.199.118.72&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=310&he=253&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1636806827343-918702922763-005943-007-001806&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=24252733482&cd6=true&cd7=row1-column1&cd1=sp_vNTS7w0J&cd2=Desktop&cd3=conversation_header_siderail&cd4=696641cb-0958-4cfe-9528-2bd52ced2345&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&d9=1000&d37=realtime1&AV_WIDTH=310&AV_HEIGHT=253&nid=5e0e296628a061270b21ccab&ncid=6016e744dd1cb968d906f916&e=request&cb=1636806831246&asid=60feac4ce03fa73380094e24%2C60feac2869247575ad0d8bb6%2C6123c5357a7c2e7070230821%2C6135f55d4148b660af7468ca%2C613f55f2b41dd2740e4a5bd1%2C60d9d6ef557a6a44827e2b17%2C60f84cc174472351b879a059%2C61113cee6b87b82c901965fc%2C613ef890aabbcc1fe20065e5%2C610a78a0f82fe519c712a5c5%2C60f8569c4715e155ed794d35%2C614ca70120845e08015d7cfc%2C6123c78d153d805ac51f3494%2C60ec36ec2d3e404656368d06&ofpr=5.5%2C5.5%2C5.5%2C5.5%2C5.5%2C%2C5.5%2C%2C13.65%2C2.56%2C%2C3.61%2C5.5%2C7.445&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2261c67e094a91977%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226292d9439860bb7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B310%2C253%5D%5D%2C%22w%22%3A310%2C%22h%22%3A253%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.56%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22sid%22%3A%22sp_vNTS7w0J%22%2C%22hp%22%3A1%2C%22asi%22%3A%22spotim.market%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
57358efdf2dc46cb220a3cbb45c8e914b7eda53673a69adaa2a47a77edeff562

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.72], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sat, 13 Nov 2021 12:33:51 GMT
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d3e52e69-184b-40b0-a458-4383b719e3b5&nocache=1636806831254&pubcid=3c16b188-8114-467a-8d00-5e50b42b8f6e&schain=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A310%2C%22h%22%3A253%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=545663990&vwd=310&vht=253&aumfs=5500
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e400ca183538fec825251c3f0a11ab0b88011a58fa5de1d5775f7a279b445300

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
8208435e623bb148f9a5b3e6a0759e7aea6138cde3d0a69a4257f71a0e9e20e6

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
9fbfca6b909c040e978a7c8e8471531e2c03e4af349c02263586dca5f1102fab

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
16c79c55434a5e900ee21a4fe22011d460398bbc7e9dce025a6a8a0e462c0657

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:51 GMT
X-SpotX-Timing-Transform
0.000313
X-SpotX-Timing-SpotMarket
0.005514
X-SpotX-Timing-Page-Mux
0.001157
X-SpotX-Timing-Page-Require
0.000479
X-fe
059
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000028
X-SpotX-Timing-Page
0.011234
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000469
Last-Modified
Sat, 13 Nov 2021 12:33:51 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005514
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.003254
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000019
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:51 GMT
X-SpotX-Timing-Transform
0.000320
X-SpotX-Timing-SpotMarket
0.003710
X-SpotX-Timing-Page-Mux
0.001043
X-SpotX-Timing-Page-Require
0.000468
X-fe
114
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000018
X-SpotX-Timing-Page
0.009088
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000379
Last-Modified
Sat, 13 Nov 2021 12:33:51 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003710
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.003133
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000016
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=032d6fb7-2d61-432d-9a8b-5d1632ea153f&nocache=1636806831261&pubcid=3c16b188-8114-467a-8d00-5e50b42b8f6e&schain=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A310%2C%22h%22%3A253%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=545663988&vwd=310&vht=253&aumfs=5500
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
d5b4ef7b6d923614cc4dd27570e7f95c8df504dea5af1d3ddcc775e45b0ba4da

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
implement-r.js
fqtag.com/tag/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fqtag.com/tag/implement-r.js?org=YQwTNw4Muk9XFo4QH9JJ&p=www.newsweek.com_article_risk_Y&a=article&cmp=none&rd=none&rt=display&sl=1&fq=1
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4e9fb77522b8c03b36b0df30b4d795dcea3dae457825f7dbedf58d427410b64e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:51 GMT
via
1.1 google
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2172
x-xss-protection
0
expires
0
pixel.js
cdn.fqtag.com/1.27.339-ccfb11a/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.36.172 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.36.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:13:42 GMT
age
1209
x-guploader-uploadid
ADPycdvG1MrM9EKl16G0i8hu309AZNl_AJtKFZYmOM1DxolSPFz0zmmAGj158mzHpRoOpalJiZ4EqQSdqU6f1Axa5Bk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89647
last-modified
Wed, 27 Jan 2021 19:48:44 GMT
server
UploadServer
etag
"e0eff30579598f76147c9ea12f490d21"
x-goog-hash
crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
content-language
en
x-goog-generation
1611776924905378
x-goog-expiration
Sun, 11 Nov 2294 19:48:44 GMT
cache-control
public, max-age=3600
x-goog-stored-content-length
89647
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 13 Nov 2021 13:13:42 GMT
pixel
fqtag.com/ 		0
10 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fqtag.com/pixel
Requested by
Host: cdn.fqtag.com
URL: https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.72.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Nov 2021 12:33:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s2s
s2s.aniview.com/api/adserver/ 		1 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=783ee43972b68b854ee686ba35ae9ee8_1723163249&wpm=&ssrtb=&pbjs=&tms=450&AV_C_USER_ID=1636806827034-953941052763-008499-003-008044&AV_CDIM1=sp_vNTS7w0J&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&AV_CDIM4=696641cb-0958-4cfe-9528-2bd52ced2345&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_CDIM7=row1-column1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=61828478d7375b75c9123cf8&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.newsweek.com&AV_DADPOS=3&AV_PLACEMENT=1&d36=6.1.2.85&sver=1&avtoken=826595&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=6806831419&tgt=0&&AV_VI=0&AV_VID=3178.390625&d4=4&d5=4
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.199.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-199-60.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Nov 2021 12:33:52 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 01 Nov 2021 22:47:12 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.newsweek.com&rs=www.newsweek.com&sid=82672&t=1636806827&cip=91.199.118.72&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1636806827034-953941052763-008499-003-008044&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=97768579429&cd1=sp_vNTS7w0J&cd2=Desktop&cd3=pitc&cd4=696641cb-0958-4cfe-9528-2bd52ced2345&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&cd7=row1-column1&d9=1000&d37=realtime1&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=61828478d7375b75c9123cf8&e=request&cb=1636806831420&asid=6167f722f4f5be3f3b74f7ac%2C6145f6478212a71e64511bed%2C613f3a604851872cdd37e8ae&ofpr=3.56%2C3.53%2C4.6&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.newsweek.com&rs=www.newsweek.com&sid=95279&t=1636806827&cip=91.199.118.72&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=310&he=253&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1636806827343-918702922763-005943-007-001806&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=24252733482&cd6=true&cd7=row1-column1&cd1=sp_vNTS7w0J&cd2=Desktop&cd3=conversation_header_siderail&cd4=696641cb-0958-4cfe-9528-2bd52ced2345&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&d9=1000&d37=realtime1&AV_WIDTH=310&AV_HEIGHT=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Nov 2021 12:33:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.newsweek.com&rs=www.newsweek.com&sid=82672&t=1636806827&cip=91.199.118.72&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1636806827034-953941052763-008499-003-008044&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=97768579429&cd1=sp_vNTS7w0J&cd2=Desktop&cd3=pitc&cd4=696641cb-0958-4cfe-9528-2bd52ced2345&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&cd7=row1-column1&d9=1000&d37=realtime1&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Nov 2021 12:33:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pixels
pix.spot.im/api/v1/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_vNTS7w0J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-53.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
s2s
s2s.aniview.com/api/adserver/ 		1 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=2774da537284ea90966d4f68a811cab4_1723154173&wpm=&ssrtb=&pbjs=&tms=450&AV_C_USER_ID=1636806827343-918702922763-005943-007-001806&AV_CDIM1=sp_vNTS7w0J&AV_CDIM2=Desktop&AV_CDIM3=conversation_header_siderail&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&AV_CDIM4=696641cb-0958-4cfe-9528-2bd52ced2345&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_CDIM7=row1-column1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6016e744dd1cb968d906f916&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.newsweek.com&AV_DADPOS=3&d36=6.1.2.85&sver=1&avtoken=826567&AV_WIDTH=310&AV_HEIGHT=253&AV_DNT=0&cb=6806834471&tgt=0&&AV_VI=73&AV_VID=0&d4=5&d5=7
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.199.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-199-60.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Nov 2021 12:33:55 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 01 Nov 2021 22:47:15 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545694942&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806834472&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:54 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545638985&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806834472&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:54 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=544085322&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806834472&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:54 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545647358&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806834472&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:54 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.newsweek.com&rs=www.newsweek.com&sid=95279&t=1636806827&cip=91.199.118.72&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=310&he=253&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1636806827343-918702922763-005943-007-001806&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=24252733482&cd6=true&cd7=row1-column1&cd1=sp_vNTS7w0J&cd2=Desktop&cd3=conversation_header_siderail&cd4=696641cb-0958-4cfe-9528-2bd52ced2345&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&d9=1000&d37=realtime1&AV_WIDTH=310&AV_HEIGHT=253&nid=5e0e296628a061270b21ccab&ncid=6016e744dd1cb968d906f916&e=request&cb=1636806834472&asid=60feac4ce03fa73380094e24%2C614875aa3f4a8c1c94515a83%2C6107bcb23e6e2545e528c935%2C615f1551a5871a3d5225639c%2C60b8f0b10b77a80da5449b88%2C60f84cc174472351b879a059%2C6145f6478212a71e64511bed%2C614b567f9101b84b0b7a8835%2C60ec36ec2d3e404656368d06%2C60feac2869247575ad0d8bb6%2C6145f6066113ab6dad4d782a%2C61113d66a42da955751a8568%2C614ca70120845e08015d7cfc%2C6123c5357a7c2e7070230821&ofpr=5.5%2C%2C%2C5.5%2C%2C5.5%2C3.53%2C3.61%2C7.445%2C5.5%2C3.32%2C%2C3.61%2C5.5&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e14bf3b2258b56e6788da675f193addb19321144269e7edc3116564a11491543

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:54 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
21ab438e5eea8e502cab483479b9b921cd30e6026d1382cda33690490d955113

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:54 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:54 GMT
X-SpotX-Timing-Transform
0.001250
X-SpotX-Timing-SpotMarket
0.008187
X-SpotX-Timing-Page-Mux
0.001012
X-SpotX-Timing-Page-Require
0.000307
X-fe
014
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000024
X-SpotX-Timing-Page
0.015140
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000279
Last-Modified
Sat, 13 Nov 2021 12:33:54 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.008187
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.004067
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f72da5d5-b2c7-43b1-87cd-2fa62cb1d5d1&nocache=1636806834484&pubcid=3c16b188-8114-467a-8d00-5e50b42b8f6e&schain=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A310%2C%22h%22%3A253%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=545712395&vwd=310&vht=253&aumfs=5500
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:54 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6c0cad4b-0074-429a-b92a-b4a3a529e021&nocache=1636806834486&pubcid=3c16b188-8114-467a-8d00-5e50b42b8f6e&schain=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A310%2C%22h%22%3A253%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=545663988&vwd=310&vht=253&aumfs=5500
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:54 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
308962
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/308962?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Nov 2021 12:33:54 GMT
X-SpotX-Timing-Transform
0.000390
X-SpotX-Timing-SpotMarket
0.006098
X-SpotX-Timing-Page-Mux
0.001352
X-SpotX-Timing-Page-Require
0.000615
X-fe
016
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000032
X-SpotX-Timing-Page
0.012616
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000471
Last-Modified
Sat, 13 Nov 2021 12:33:54 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006098
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newsweek.com
X-SpotX-Timing-Page-Misc
0.003638
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000019
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		214 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
57a1ce6a464cb160f6e924508226a255713ef8684ba52bc1ff781cf6da0d5835

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:54 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
214
expires
0
s2s
s2s.aniview.com/api/adserver/ 		1 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=783ee43972b68b854ee686ba35ae9ee8_1723163249&wpm=&ssrtb=&pbjs=&tms=450&AV_C_USER_ID=1636806827034-953941052763-008499-003-008044&AV_CDIM1=sp_vNTS7w0J&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&AV_CDIM4=696641cb-0958-4cfe-9528-2bd52ced2345&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_CDIM7=row1-column1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=61828478d7375b75c9123cf8&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.newsweek.com&AV_DADPOS=3&AV_PLACEMENT=1&d36=6.1.2.85&sver=1&avtoken=826595&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=6806834668&tgt=0&&AV_VI=0&AV_VID=3178.390625&d4=5&d5=8
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.199.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-199-60.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Nov 2021 12:33:55 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 01 Nov 2021 22:47:15 GMT
s2s
s2s.aniview.com/api/adserver/ 		1 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=2774da537284ea90966d4f68a811cab4_1723154173&wpm=&ssrtb=&pbjs=&tms=450&AV_C_USER_ID=1636806827343-918702922763-005943-007-001806&AV_CDIM1=sp_vNTS7w0J&AV_CDIM2=Desktop&AV_CDIM3=conversation_header_siderail&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&AV_CDIM4=696641cb-0958-4cfe-9528-2bd52ced2345&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_CDIM7=row1-column1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6016e744dd1cb968d906f916&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.newsweek.com&AV_DADPOS=3&d36=6.1.2.85&sver=1&avtoken=826567&AV_WIDTH=310&AV_HEIGHT=253&AV_DNT=0&cb=6806834713&tgt=0&&AV_VI=73&AV_VID=0&d4=6&d5=8
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.199.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-199-60.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Nov 2021 12:33:55 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 01 Nov 2021 22:47:15 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=544085322&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806834714&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:55 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545638985&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806834714&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:55 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545647359&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806834714&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:55 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
spot-im-d.openx.net/v/1.0/ 		48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/av?auid=545628832&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806834714&vwd=310&vht=253
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:55 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.newsweek.com&rs=www.newsweek.com&sid=95279&t=1636806827&cip=91.199.118.72&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=310&he=253&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1636806827343-918702922763-005943-007-001806&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=24252733482&cd6=true&cd7=row1-column1&cd1=sp_vNTS7w0J&cd2=Desktop&cd3=conversation_header_siderail&cd4=696641cb-0958-4cfe-9528-2bd52ced2345&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&d9=1000&d37=realtime1&AV_WIDTH=310&AV_HEIGHT=253&nid=5e0e296628a061270b21ccab&ncid=6016e744dd1cb968d906f916&e=request&cb=1636806834714&asid=60feac4ce03fa73380094e24%2C6135f55d4148b660af7468ca%2C60d9d6ef557a6a44827e2b17%2C61309c449070072bf8053a8f%2C6145f6066113ab6dad4d782a%2C615f1551a5871a3d5225639c%2C6107bcb23e6e2545e528c935%2C61113d9c30d7241a532153f1%2C60fecb1fcacdfd5b6a5243b7%2C60feac2869247575ad0d8bb6%2C60f84cc174472351b879a059%2C613f55f2b41dd2740e4a5bd1&ofpr=5.5%2C5.5%2C%2C8.8%2C3.32%2C5.5%2C%2C%2C%2C5.5%2C5.5%2C5.5&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.242.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-242-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 12:33:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		214 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
c66da0325b852265a9c4d09067e8bb85dad6b8081953fd376b76202ec16c22cd

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:55 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
214
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		214 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
f7bf4fbf497360e80618e2be266274d02a15d555c93202e27076e5772d2eb7fc

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:55 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
214
expires
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		214 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
894eb967c30bf1def47148fb71f3635a7e856cad4c3c8800cfcd21cc088ad088

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:55 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
214
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		214 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
25e3d8a882cb6c23fb986f3e2d5a4c4a09807a7a23a81416b2c4b016a68e3d0a

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:55 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
214
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		214 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
669cc72874b0a8266004f98a8d435e1acce502e8eb9d1c5eba43263d36538d2c

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:55 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
214
expires
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.newsweek.com
date
Sat, 13 Nov 2021 12:33:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
spot-im-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bc1561b9-3003-4492-b4f3-7244c1e1d18e&nocache=1636806834724&pubcid=3c16b188-8114-467a-8d00-5e50b42b8f6e&schain=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A310%2C%22h%22%3A253%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=545712395&vwd=310&vht=253&aumfs=5500
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 12:33:55 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newsweek.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
s2s
s2s.aniview.com/api/adserver/ 		1 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=783ee43972b68b854ee686ba35ae9ee8_1723163249&wpm=&ssrtb=&pbjs=&tms=450&AV_C_USER_ID=1636806827034-953941052763-008499-003-008044&AV_CDIM1=sp_vNTS7w0J&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_vNTS7w0J%2C1%2C%2C%2C&AV_CDIM4=696641cb-0958-4cfe-9528-2bd52ced2345&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_CDIM7=row1-column1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=61828478d7375b75c9123cf8&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.newsweek.com&AV_DADPOS=3&AV_PLACEMENT=1&d36=6.1.2.85&sver=1&avtoken=826595&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=6806834852&tgt=0&&AV_VI=0&AV_VID=3178.390625&d4=6&d5=8
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.199.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-199-60.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.newsweek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Nov 2021 12:33:55 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 01 Nov 2021 22:47:15 GMT
track
trc.pushnami.com/api/push/ Frame 		0
0
track
trc.pushnami.com/api/push/ 		0
0
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fddc60b2dffc77cdd676277da60c6628f8402f7aef5157d5164f2a3e8b836fab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
6070b6ecbb1304001068775e
api.pushnami.com/api/push/icon/id/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.pushnami.com/api/push/icon/id/6070b6ecbb1304001068775e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-114.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.newsweek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 09:20:53 GMT
via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
age
11582
x-cache
Hit from cloudfront
content-type
image/png
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
6880
x-amz-cf-id
AnZ5mt9T2GcWM1V_LCOHa-oLjDkrRJxbArY5L59Ha0EhbwzvypXhwg==
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c72659bec2957fe7d11d64fd336a9a0afdcc65e7e7d6c2fab8bd0cf0f8176fd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.newsweek.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:39:48 GMT
x-content-type-options
nosniff
age
82447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 13:39:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gdpr-wrapper.privacymanager.io
URL
https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/vendor-list.json
Domain
video.newsweek.com
URL
https://video.newsweek.com/transcoder/480hls/2614/crime-by-the-numbers-1632931619.m3u8
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=7652432736333484131
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-nBsut8FE2uHQCtbGE5dmYbdVxvLWfBcg~A~UPf157655a-447d-11ec-8f6a-02b4e0b7a90e
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=f15a8bf8-447d-11ec-89bf-14f0ef8b0406
Domain
www.newsweek.com
URL
blob:https://www.newsweek.com/48bf50ec-39d2-436d-8b85-013aae4bb387
Domain
www.newsweek.com
URL
blob:https://www.newsweek.com/48bf50ec-39d2-436d-8b85-013aae4bb387
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=281178&extuid=E8A3413E-B039-465D-BAAD-4DAC41B05914
Domain
hb.spotim.market
URL
https://hb.spotim.market/geo/
Domain
hb.spotim.market
URL
https://hb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=4020&full_page_url=https%3A%2F%2Fwww.newsweek.com&adid=xsiu2n.mg&vpbv=N006&lifecycle_tte=1188
Domain
hb.spotim.market
URL
https://hb.spotim.market/geo/
Domain
hb.spotim.market
URL
https://hb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=4020&full_page_url=https%3A%2F%2Fwww.newsweek.com&adid=xsiu3m.on&vpbv=N006&lifecycle_tte=1209
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjI1N2Q4MjctZDE2MS02ZTEwLTcxOTUtMWI5NjhkZmFiMjU1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
Domain
nodeny.targetspot.com
URL
https://nodeny.targetspot.com/callback/uuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=ts&uid=$UID&pubId=28113
Domain
trc.pushnami.com
URL
https://trc.pushnami.com/api/push/track
Domain
trc.pushnami.com
URL
https://trc.pushnami.com/api/push/track

Verdicts & Comments Add Verdict or Comment

468 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler number| current_timestamp boolean| mobile_device boolean| bot_engine object| dfpSlots object| dfpEx number| brW number| brH function| LJ function| setCookie function| setCookieHours function| getCookie function| deleteCookie function| getUrlParameters function| checkDataCentre function| NW_DO_READY function| LSYE function| callbackCSS object| doFir object| docReady object| dataLayer function| loadJS function| GCSS object| Drupal object| documentReady function| execFunc function| NW_FUNC function| execDrupal function| multiLJ function| openLogin function| closeLogin function| adjustLoginHeight function| login_success function| LC function| loadCSS object| relList function| JSONsplit function| getGeoCookie function| getCookie2 object| xuaInfo function| LJS function| LJSA boolean| gdpr_eu boolean| gdpr_applies boolean| ccpa_applies number| is_gdpr boolean| ccpa_status string| uspString object| consentPrebid object| geoLabels function| setCookieSecure function| __tcfapi function| parseQuery function| sha256 function| sendToLiveRamp function| PelcroToLiveRamp function| LRScrape function| atsCallback string| referrer function| getUrlParameters2 object| utm_result2 function| TrafficSource string| trsource boolean| isAndroid boolean| highval string| emlhs string| frhp object| connection string| con_type string| brtype boolean| is_wv_android boolean| is_wv_ios string| highval_str number| p number| _sf_startpt number| timerStart number| hb_debug object| pbjs object| googletag function| parseQueryString function| ibtGetCookie function| nwsetCookie function| nw_log function| getBrowser string| site_name string| site_id string| site_domain number| site_ads string| ibtmedia_device boolean| iOS boolean| ipadMac string| is_uxab string| is_video_embed string| ibp1 string| ibp2 string| is_slideshow string| s_layout string| is_slideshow_firstpage string| s_player string| enable_sponsor_logo string| sponsor_logo_slot number| numPr number| rf string| dfp_cat string| group_cat string| excl_label string| amzn_video_bid number| amzn_video_bid_flag string| prebid_video_bid string| prebid_cust_param string| NoPassFQ string| DVPreFilter string| fbprom string| fbpromoc string| otherpromoc object| keyEx string| keyExC number| wo_on number| iter function| checkGAcookie number| GAtimeout string| gdpr_video string| npa_consent string| consent_string string| dfp_adunit string| w1200 function| pageRefresh boolean| pb_allbids number| fqv string| ts object| utm_result number| nonPersonalizedAds function| setDfpRefreshKV function| setDfpRefreshKey function| setDfpRefreshKVLazy function| clearDfpRefreshKey function| verification_callback number| win_w number| win_h string| wo_browser string| wo_pageurl string| win_size string| wo_placement string| wo_section string| wo_layout string| wo_pagetype string| fq_pagetype string| pageFocus object| apstag boolean| fqs_loaded boolean| fqsp_loaded boolean| fqs_load_timeout boolean| pbjs_loaded boolean| amznads2_loaded boolean| all_hb_loaded boolean| is_bot number| abt_rand string| abt number| lazy_start number| abt100 number| abpr string| purlen string| fq_ref function| extractHostname string| doc_hostname string| utm_source string| fq_source string| pb_videos object| videoAdUnit object| videoAdUnitiOS object| adUnits object| amzSlotCfg object| adUnitsLazy object| amzSlotCfgLazy object| amzSlotNonU object| PWT object| fqtag function| fq_callback function| ivt_common object| d number| utc_hour string| fl_multi string| disp_floor string| disp_floor_str number| disp_floor_num string| sticky_floor string| sticky_floor_str number| sticky_floor_num string| vid_floor number| vid_floor_openx string| vid_floor_str number| vid_floor_num string| pb_env function| amznVideoAPS function| amznVideoAPS_refresh object| adexl_fpd function| addSpotxParam number| PREBID_TIMEOUT number| PREBID_TIMEOUT_LAZY number| FAILSAFE_TIMEOUT number| pb_auctionDelay number| pb_syncsPerBidder object| pbjsBpParams function| defineDFPSlot function| initAdserver number| hb_timeout_var function| prebidVideoAd_refresh object| fonts object| font number| pos number| current_time undefined| key number| is_prod object| Pelcro boolean| americas function| PelcroUserSubscriptionCheck function| runPlayer object| cmp object| gdprConfiguration object| node undefined| exe boolean| apstagLOADED object| google_tag_manager string| a string| str string| DOMAIN string| SNS_D string| STATS_D string| MAIN_D string| DATA_D string| GRAPHIC_D number| rtid object| browser object| doWLoad number| text_pass number| main_body_pass string| bsettime function| createBookmark function| loadScript number| uuuui function| closeFrame function| get_msg function| sessSync function| signin_page function| login_callback function| logout_callback number| scroll_top_sign function| openSignin function| closeSignin function| _hasPopupBlocker object| scroll_initial function| scroll_active function| doAfterLoad function| isEmpty function| localLogin function| setJsonData function| putJsonData function| work_editor_region function| work_editor boolean| m_moving_on boolean| adjust_height function| m_move_next function| m_move_prev function| poll_result function| get_poll function| active_poll number| slide_started function| check_slide function| begin_slide function| lazyEmbed function| stickyRecommendation function| windowBlack function| closeBlack function| stickyAside function| nw_paywall function| close_paywall object| webAuth number| lastScrollTop2 number| paywallScrollUp function| signup_slide function| run_metering function| $ function| jQuery function| analyticsEvent boolean| gaLoaded boolean| domLoaded object| google_tag_data string| GoogleAnalyticsObject function| ga function| analyticsSocial function| analyticsVPV function| analyticsClearVPV function| analyticsForm object| _sf_async_config object| _cbq object| vttjs function| WebVTT function| videojs number| incognito object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google string| fq_ua2 boolean| saf13 function| refreshInViewSlot object| ibt_cter object| regeneratorRuntime object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| ats function| pbjsChunk object| _pbjsGlobals object| ADAGIO string| o object| ggeac function| DataLayerHelper string| t object| wpJsonpLiverampGdprCmp string| videoad_bid_request object| adslider object| adsliderlv object| seekBar object| closure_lm_8455 object| _cbv object| gascrolldepth object| PublisherCommonId object| __twttrll object| twttr object| __twttr object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| gaplugins object| gaGlobal object| gaData function| sys_callback function| news_counter object| closure_lm_562527 function| fqPixel undefined| google_measure_js_timing object| __OW_CONFIG__ object| webpackChunk_spotim_launcher object| __SPOTIM__ object| process string| OW_AD_UNIT_TYPE object| __OPEN_WEB__ string| __SPOTIM_PAGE_VIEW_ID__ object| webpackChunkads boolean| __OW_STANDALONE_SCRIPT_RUN__ object| __OW_ASYNC_CALL_POST_IDS__ undefined| $$SPOTIM_VID$$ string| $$SPOTIM_BID$$ object| currentScript number| __TRINITY_TAG_TIME__ object| TRINITY_PLAYER object| _mgIntExchangeNews object| __OW_AD_OPS_CONFIG__ object| SPOTIM function| __SPOTIM_DISABLE_ADS__ object| webpackChunk_spotim_conversation object| webpackJsonp_spotim_2087778507 object| webpackChunkspotlight object| spotim-analytics-pusher function| owActionQueue function| avPlayer object| storageAni object| __SPOTIM_DEV_STORE__ object| onClickExcludes function| mgReject734388 function| mgLoadAds734388_02d3d function| MarketGidCReject734388 function| MarketGidLoadGoods734388_02d3d function| mgReject735285 function| mgLoadAds735285_02d3d function| MarketGidCReject735285 function| MarketGidLoadGoods735285_02d3d function| mgReject735327 function| mgLoadAds735327_02d3d function| MarketGidCReject735327 function| MarketGidLoadGoods735327_02d3d function| mgReject735330 function| mgLoadAds735330_02d3d function| MarketGidCReject735330 function| MarketGidLoadGoods735330_02d3d function| mgReject764712 function| mgLoadAds764712_02d3d function| MarketGidCReject764712 function| MarketGidLoadGoods764712_02d3d function| mgReject865224 function| mgLoadAds865224_02d3d function| MarketGidCReject865224 function| MarketGidLoadGoods865224_02d3d function| mgReject1088890 function| mgLoadAds1088890_02d3d function| MarketGidCReject1088890 function| MarketGidLoadGoods1088890_02d3d function| mgReject1174081 function| mgLoadAds1174081_02d3d function| MarketGidCReject1174081 function| MarketGidLoadGoods1174081_02d3d object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint412698 string| _mgPvid boolean| _mgPageView412698 function| LoadCriteoAllPlaces764712_02d3d boolean| i.js.loaded boolean| i-noref.js.loaded function| fbq function| _fbq number| pushnamiInterval function| grabPushmamiEmail object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule boolean| isOSXSafari undefined| safariScript boolean| _babelPolyfill function| bowser object| mailnami function| CrossStorageClient object| pushnamiStorage function| uuid object| Pushnami

158 Cookies

Domain/Path Name / Value
www.newsweek.com/ Name: has_js
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1WEOM9CJVHXJPE79LMB6HBg1636806824
.newsweek.com/ Name: PHPSESSID
Value: 35262hun5b9od97eese11l5t3u
.newsweek.com/ Name: nwmetering
Value: %5B%7B%22time%22%3A%222021-11%22%2C%22url%22%3A%22https%3A%5C%2F%5C%2Fwww.newsweek.com%5C%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966%22%7D%5D
www.newsweek.com/ Name: gdpr-auditId
Value: 25ad0fe6089c478ca48b8dc3982b10af
.mgid.com/ Name: __cf_bm
Value: A3WZrtBgHSzuVd2JUgfcXzKhCwtrEpxsXTCyflPole8-1636806824-0-AfwoHlJ66ZcOVG+sSCR/5PFbAUcQnyPvdngb5M5xlnJOGZbayuVWePjz5xDU9OAQoCDHV4QM4bOruc+3J2FnKF0=
www.newsweek.com/ Name: _cb_ls
Value: 1
www.newsweek.com/ Name: _cb
Value: Bh6ZGDxyn0bi3ygX
www.newsweek.com/ Name: _chartbeat2
Value: .1636806824108.1636806824108.1.C9HJlNDY_s9wiJf8RhU6KQDG9L_p.1
www.newsweek.com/ Name: _cb_svref
Value: null
.newsweek.com/ Name: _ga
Value: GA1.2.1101406214.1636806824
.newsweek.com/ Name: _gid
Value: GA1.2.496113272.1636806824
.newsweek.com/ Name: _dc_gtm_UA-44450862-1
Value: 1
www.newsweek.com/ Name: geo-location
Value: {"country":"DE","region":"HE"}
www.newsweek.com/ Name: orir
Value:
www.newsweek.com/ Name: _lr_geo_location
Value: DE
.newsweek.com/ Name: cds1
Value: 2021-11-13
.newsweek.com/ Name: cus1
Value: 2021-11-13
.newsweek.com/ Name: cmx1
Value: 2021-11-13
.advertising.com/ Name: APID
Value: UPf157655a-447d-11ec-8f6a-02b4e0b7a90e
.spotxchange.com/ Name: audience
Value: f15a8bf8-447d-11ec-89bf-14f0ef8b0406
.adnxs.com/ Name: uuid2
Value: 7652432736333484131
.newsweek.com/ Name: spotim_visitId
Value: {%22creationDate%22:%222021-11-13T12:33:44.472Z%22%2C%22duration%22:1}
.yahoo.com/ Name: A3
Value: d=AQABBKmwj2ECEGUX2JMtfGZDZXfr8K6UaRIFEgEBAQECkWGZYQAAAAAA_eMAAA&S=AQAAAvHTAWCR1NfTgC01LxlMfTg
www.newsweek.com/ Name: TRINITY_USER_DATA
Value: eyJ1c2VySWRUUyI6MTYzNjgwNjgyNTEzOH0=
www.newsweek.com/ Name: TRINITY_USER_ID
Value: 10531018-3866-43aa-8db6-53be8c16dd4c
.yahoo.com/ Name: APID
Value: UPf157655a-447d-11ec-8f6a-02b4e0b7a90e
.yahoo.com/ Name: APIDTS
Value: 1636806825
.pubmatic.com/ Name: KADUSERCOOKIE
Value: E8A3413E-B039-465D-BAAD-4DAC41B05914
trinitymedia.ai/ Name: AWSALBCORS
Value: NxcbrEI5uGRDU5QRCeC8xrKs/E5eie4P9Z3wRanYiU7PEZPuvyzsxiHEt/StmnLl8yfftOBKEw69tXNo2KMViox7Hehu3mfLur+tyfGD0SMXFwo0yH8frXhofES0
.trinitymedia.ai/ Name: AUID
Value: 10531018-3866-43aa-8db6-53be8c16dd4c
.analytics.yahoo.com/ Name: IDSYNC
Value: "18wk~21ic:18z8~21ic"
.adfarm1.adition.com/ Name: UserID1
Value: 7030031783265892502
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: d337618f-b0a9-4000-804c-2a0da40c5b92
.adform.net/ Name: uid
Value: 6227458662698629402
.simpli.fi/ Name: suid
Value: DC16BD8812594D63B2B9EA6DEEC5A06C
.erne.co/ Name: u
Value: XaiZl4WjbSGlhM0ClR0qXz2x
.de17a.com/ Name: guid2
Value: 1.5023303151511653049
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7030031783265892502
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-XaiZl4WjbSGlhM0ClR0qXz2x
.iprom.net/ Name: UID
Value: 55814649584895
.adsrvr.org/ Name: TDID
Value: df68f151-ab4d-403f-9f99-5ef5e520a685
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5023303151511653049
.pubmatic.com/ Name: KRTBCOOKIE_1277
Value: 23327-55814649584895
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YY_wqQAEOa-dogBR
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YY_wqQAEOa-dogBR&KRTB&22978-YY_wqQAEOa-dogBR&KRTB&23194-YY_wqQAEOa-dogBR&KRTB&23209-YY_wqQAEOa-dogBR
.bidr.io/ Name: bito
Value: AAFKdk7DH2EAACmlG-7c4w
.bidr.io/ Name: bitoIsSecure
Value: ok
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-550987c7-3be2-4f4b-b182-16307aaa3443-003%22%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUmSmgjrsPY3-iNqza0FoRN4ziHFcVJyxMX_GJFX9IZBcqweOqfJzCMemQaFYBA
.quantserve.com/ Name: mc
Value: 618fb0aa-147ac-41336-8488c
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-550987c7-3be2-4f4b-b182-16307aaa3443-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-550987c7-3be2-4f4b-b182-16307aaa3443-003
.onaudience.com/ Name: cookie
Value: f49f0e2abc99925f
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7652432736333484131
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:d337618f-b0a9-4000-804c-2a0da40c5b92&KRTB&16736-uid:d337618f-b0a9-4000-804c-2a0da40c5b92&KRTB&23019-uid:d337618f-b0a9-4000-804c-2a0da40c5b92&KRTB&23114-uid:d337618f-b0a9-4000-804c-2a0da40c5b92
.tribalfusion.com/ Name: ANON_ID
Value: aDnseFrwZayaQXwrSQEbQjbfUfgZcWwZdZbsZdnqsuqeD9FBnY54A7HCaobmZdHTEZbnvwqogomM4X1NDYmfYMKBLjt
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6227458662698629402&KRTB&23263-6227458662698629402
.bidswitch.net/ Name: tuuid
Value: aedfd784-7c69-4ba6-a150-35f267800208
.bidswitch.net/ Name: c
Value: 1636806826
.bidswitch.net/ Name: tuuid_lu
Value: 1636806826
.turn.com/ Name: uid
Value: 3878890920847137775
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-p-11sfPsLLa87Xng8L9g46DvfuG85Hnvqb8RXAsY&KRTB&22979-p-11sfPsLLa87Xng8L9g46DvfuG85Hnvqb8RXAsY
ads.playground.xyz/ Name: connect.sid
Value: s%3AQRITsRHZTPvU615rDD2bTalIPhAAafSb.f%2B18O8knDBOdWT66yL%2BPlsmgLlKbEoQkN3LEc7UkasY
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELsC0JqqipN6JlWTxLSOEhI&KRTB&16514-CAESELsC0JqqipN6JlWTxLSOEhI&KRTB&23025-CAESELsC0JqqipN6JlWTxLSOEhI
.adsby.bidtheatre.com/ Name: __kuid
Value: 8a041eef-95b8-41a7-8c43-4863e3b33ce0.406020826
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3878890920847137775
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-df68f151-ab4d-403f-9f99-5ef5e520a685&KRTB&22918-df68f151-ab4d-403f-9f99-5ef5e520a685&KRTB&23031-df68f151-ab4d-403f-9f99-5ef5e520a685
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_2daa2267-df23-45b9-8bcc-56333d1b2257
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: f4a03b1560606725037a1ef00fd5a29c
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDNJNDBOMjQ1MwBCcyNTA2PzRMPUNAODtBTTRCPLZAYgSOzfsApEQwEARsgKtg%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI7N%2BwCkhBAQAcMQJL"
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-aedfd784-7c69-4ba6-a150-35f267800208
.onaudience.com/ Name: done_redirects147
Value: 1
.onaudience.com/ Name: done_redirects161
Value: 1
.exelator.com/ Name: EE
Value: "9211cc3ed059bf1acbbcb99efaca1297"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHSyNAwOdk4NcXA1DIpzTAxOSkpOcnSMjUtMTnR0MjSfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ0SX5RZvoiF9fFRSlpDItKik8F7%252BtZCgDJHCtB"
.aniview.com/ Name: aniC
Value: 1636806827343-918702922763-005943-007-001806
.live.streamtheworld.com/ Name: uuid-s
Value: f7914556-1b99-4301-8bca-4a7ca386e87b
.adtelligent.com/ Name: vmuid
Value: 60606f63075ef7d4
.casalemedia.com/ Name: CMID
Value: YY.wqxjwO3d87n6xxUDOxAAA
.casalemedia.com/ Name: CMPS
Value: 5223
.openx.net/ Name: i
Value: 4d9434b4-b191-0f43-3ea3-89c7233f4fc8|1636806827
.casalemedia.com/ Name: CMPRO
Value: 1173
www.newsweek.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.newsweek.com/ Name: _pubcid
Value: 3c16b188-8114-467a-8d00-5e50b42b8f6e
.aniview.com/ Name: 2_C_55
Value: 7652432736333484131
sync.aniview.com/ Name: 2_C_55
Value: 7652432736333484131
.aniview.com/ Name: 2_C_2
Value: f15a8bf8-447d-11ec-89bf-14f0ef8b0406
sync.aniview.com/ Name: 2_C_2
Value: f15a8bf8-447d-11ec-89bf-14f0ef8b0406
.aniview.com/ Name: 2_C_42
Value: YY.wqxjwO3d87n6xxUDOxAAA&1173
sync.aniview.com/ Name: 2_C_42
Value: YY.wqxjwO3d87n6xxUDOxAAA&1173
.casalemedia.com/ Name: CMST
Value: YY+wq2GPsKwA
.eqads.com/ Name: EQUser
Value: UID=a24a3912-4cf2-4507-8ca7-6bb2e6cccefe
servicer.mgid.com/ Name: __mglb
Value: b77c90ace61932b85ead847cc0fcb78b
.mgid.com/ Name: muidn
Value: ladM0btP5Rx4
www.newsweek.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C734388%22%3A%7B%22page%22%3A1%2C%22time%22%3A1636806827962%7D%7D
.casalemedia.com/ Name: CMRUM3
Value: 58618fb0ab05a0&f1618fb0ab05a0&27618fb0ab0b40&5a618fb0ab05a0&28618fb0ac2760a24a3912-4cf2-4507-8ca7-6bb2e6cccefe&e6618fb0ab2760&40618fb0ab2760no-consent&2d618fb0ac2760CAESEGpxxnf19RKxZi2WNy82lYM
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiQivDn-6qTOhAFGAEgASgCMgsI8pf2qZKrkzoQBTgBWgdvbW42N2hsYAI.
.creativecdn.com/ Name: u
Value: R3Ih0TYimkeiWqiJQpMi
.creativecdn.com/ Name: ts
Value: 1636806828
.zeotap.com/ Name: zc
Value: 7831591e-1d1f-45dd-655f-f7ea15f58bcb
.e-volution.ai/ Name: v_usr
Value: e9b0a4bf-07d4-4b6e-97a5-235ea77e3758
.lentainform.com/ Name: muidn
Value: ladM0btP5Rx4
.4dex.io/ Name: uids
Value: eyJ1aWRzIjp7ImJpZHN3aXRjaCI6eyJ1aWQiOiJhZWRmZDc4NC03YzY5LTRiYTYtYTE1MC0zNWYyNjc4MDAyMDgiLCJleHBpcmVzIjoiMjAyMi0wMS0xMlQxMjozMzo0OC41OTk2NTIyMDFaIn19LCJiZGF5IjoiMjAyMS0xMS0xM1QxMjozMzo0OC41OTk2MzU3OTFaIn0=
.idealmedia.io/ Name: muidn
Value: ladM0btP5Rx4
.360yield.com/ Name: tuuid
Value: 9b3313a6-e6bf-4ef0-978d-055bd6ef2df0
.360yield.com/ Name: tuuid_lu
Value: 1636806828
.openx.net/ Name: pd
Value: v2|1636806827.1|gu.mWkigqiysLommOgevNnsn0gi
.smartadserver.com/ Name: pid
Value: 2044897065896456539
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156758:3
.pubmatic.com/ Name: DPSync3
Value: 1637971200%3A227_235_201_197_219_221_226%7C1636848000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1637971200%3A231_22_189_238_55_166_71_88_3_234_5_21_99_56_54_81_220_161_165_230_176_7_222_104_13_204_57_8_233%7C1639353600%3A203%7C1637366400%3A15_2_223%7C1637625600%3A63%7C1641945600%3A69%7C1638057600%3A35
.quantserve.com/ Name: d
Value: EKYBEQHbJPijCJiTAA
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFKdk7DH2EAACmlG-7c4w
.w55c.net/ Name: wfivefivec
Value: LjRkZnva1MLSe85
.bidswitch.net/ Name: stn
Value: T_I_M
.w55c.net/ Name: matchopenx
Value: 5
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:LjRkZnva1MLSe85
.pubmatic.com/ Name: PugT
Value: 1636806828
.acuityplatform.com/ Name: auid
Value: 622165913475
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTMz+o11c2VyTWF0Y2hpbmdJZCQEipFsYXN0RHJvcFRpbWVNaWxsaXMlAT5GKSIcvphsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQE+RikiHL6PdGhpcmRQYXJ0eVVzZXJJZGNmNzkxNDU1Ni0xYjk5LTQzMDEtOGJjYS00YTdjYTM4NmU4N2L7+4Z2ZXJzaW9uwvs="
.taboola.com/ Name: t_gid
Value: 74f28eae-bb41-4be8-98ef-2cc8ff2cdf47-tuct889362c
.fiftyt.com/ Name: fifid
Value: 1ad32ad3-53ec-4b0d-6085-ecc2787db8ce
.semasio.net/ Name: SEUNCY
Value: 717837FB88C81728
.rqtrk.eu/ Name: browser_id
Value: 1:f87e083f-1662-41f0-8440-5486e607661a
.mfadsrvr.com/ Name: tuuid
Value: ed3fc32a-1ee4-48c6-b18d-8d0449b3c158
.mfadsrvr.com/ Name: c
Value: 1636806828
.fiftyt.com/ Name: cs
Value: MTYzNjgwNjgyOXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fCmTQ5kKTuUg2CngfUQXkUXk7exTA8Oz5yEofuoQCGIb
.fiftyt.com/ Name: fppm
Value: 20211113123349
.live.streamtheworld.com/ Name: idsync-mm-uid-s
Value: d337618f-b0a9-4000-804c-2a0da40c5b92
.live.streamtheworld.com/ Name: idsync-amb-uid-s
Value: 3878890920847137775
.live.streamtheworld.com/ Name: idsync-an-uid-s
Value: 7652432736333484131
.live.streamtheworld.com/ Name: idsync-aw-uid-s
Value: 45010bbee659c47fc5a3cef2f41b7944
.live.streamtheworld.com/ Name: idsync-cto-uid-s
Value: no-consent
.live.streamtheworld.com/ Name: idsync-acu-uid-s
Value: 622165913475
.mfadsrvr.com/ Name: tuuid_lu
Value: 1636806829
.mfadsrvr.com/ Name: ssh
Value: !mgid,1636806829
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ebde24c6cb1cd9cc
cm.mgid.com/ Name: mg_sync
Value: {"287839":1636806829,"433145":1636806828,"665953":1636806828}
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4a8f985c-817b-45bd-6e01-b26d2965ed50.wvtOsXyKp%2FkYDun%2B3yKApCO60mUGQbfLlH40V585K5s
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-4a8f985c-817b-45bd-6e01-b26d2965ed50%24ip%2491.199.118.72.5owTKuwQj6qv3T3ccve6CwydV%2Fuhl7pekaiamtkYcRc
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-So-YXIF7Rb1uAbJtKWXtUFvHdkg
.ipredictive.com/ Name: cu
Value: f3c3aacb-447d-11ec-9781-7194727bb9b2|1636806829293
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-f3c3aacb-447d-11ec-9781-7194727bb9b2&KRTB&23011-f3c3aacb-447d-11ec-9781-7194727bb9b2
.audrte.com/ Name: arcki2
Value: a57URuQ-jTjR9mFl9n04hATOQ!20210804!1636806829360
.newsweek.com/ Name: _fbp
Value: fb.1.1636806829168.1666186972
.live.streamtheworld.com/ Name: idsync-dbm-uid-s
Value: CAESECu_9824IzXmMKCNnw5Fd60
.live.streamtheworld.com/ Name: idsync-dbm-profile-s
Value: false
www.newsweek.com/ Name: X-UA-Info
Value: country|DE|state|HE|city|Frankfurt am Main|latitude|50.118800|longitude|8.684300|isp|Clouvider Limited|ip|91.199.118.72|device|desktop|time|1636806830
.pubmatic.com/ Name: SPugT
Value: 1636806829

30 Console Messages

Source Level URL
Text
javascript warning URL: https://d275im4r3zngba.cloudfront.net/script.js
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript error URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Message:
Access to fetch at 'https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/vendor-list.json' from origin 'https://www.newsweek.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://gdpr-wrapper.privacymanager.io/gdpr/ebf8af42-55bb-4edc-9b43-17427be9d524/vendor-list.json
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://di.rlcdn.com/710530.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://di.rlcdn.com/710530.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.spotim.market/csync/?t=a&ep=301276&extuid=f15a8bf8-447d-11ec-89bf-14f0ef8b0406
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.spotim.market/csync?t=a&ep=271858&extuid=7652432736333484131
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: blob:https://www.newsweek.com/48bf50ec-39d2-436d-8b85-013aae4bb387
Message:
Failed to load resource: net::ERR_FILE_NOT_FOUND
network error URL: blob:https://www.newsweek.com/48bf50ec-39d2-436d-8b85-013aae4bb387
Message:
Failed to load resource: net::ERR_FILE_NOT_FOUND
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-nBsut8FE2uHQCtbGE5dmYbdVxvLWfBcg~A~UPf157655a-447d-11ec-8f6a-02b4e0b7a90e
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
javascript error URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc' (redirected from 'https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827307&vwd=400&vht=300') from origin 'https://www.newsweek.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc' (redirected from 'https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253') from origin 'https://www.newsweek.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjI1N2Q4MjctZDE2MS02ZTEwLTcxOTUtMWI5NjhkZmFiMjU1' (redirected from 'https://spot-im-d.openx.net/v/1.0/av?auid=545647370&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253') from origin 'https://www.newsweek.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjI1N2Q4MjctZDE2MS02ZTEwLTcxOTUtMWI5NjhkZmFiMjU1
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc' (redirected from 'https://spot-im-d.openx.net/v/1.0/av?auid=545647353&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253') from origin 'https://www.newsweek.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc' (redirected from 'https://spot-im-d.openx.net/v/1.0/av?auid=545638986&url=https%3A%2F%2Fwww.newsweek.com%2Ffbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966&cb=6806827328&vwd=310&vht=253') from origin 'https://www.newsweek.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://nodeny.targetspot.com/callback/uuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=ts&uid=$UID&pubId=28113
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
other error URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
javascript warning URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Message:
The resource https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Message:
The resource https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Message:
The resource https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.newsweek.com/fbi-email-system-reportedly-hacked-fake-dhs-cyberattack-messages-1648966
Message:
The resource https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
api-2-0.spot.im
api.pushnami.com
ats.rlcdn.com
aud.pubmatic.com
bh.contextweb.com
bttrack.com
c.amazon-adsystem.com
c.mgid.com
c1.adform.net
cdn.fqtag.com
cdn.mgid.com
cdn.syndication.twimg.com
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cmod.live.streamtheworld.com
cmp-consent-tool.privacymanager.io
connect.facebook.net
core.iprom.net
creativecdn.com
csync.loopme.me
d.newsweek.com
d275im4r3zngba.cloudfront.net
d5p.de17a.com
delivery-cdn-cf.adswizz.com
depart.trinitymedia.ai
di.rlcdn.com
direct-events-collector.spot.im
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
events-collector.spot.im
fonts.googleapis.com
fonts.gstatic.com
fqtag.com
g.newsweek.com
gc.newsweek.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
ghb.adtelligent.com
go1.aniview.com
green.erne.co
gu.dyntrk.com
hb.spotim.market
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.spot.im
imasdk.googleapis.com
js-sec.indexww.com
jsc.mgid.com
launcher.spot.im
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
metrics-logger.spot.im
mp.4dex.io
mwzeom.zeotap.com
myaccount.newsweek.com
nodeny.targetspot.com
odr.mookie1.com
p.getadcdn.com
p.safeservingcdn.com
pagead2.googlesyndication.com
pbs.twimg.com
ping.chartbeat.net
pix.spot.im
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
player.adtelligent.com
player.aniview.com
player.spotim.market
playerservices.live.streamtheworld.com
pm.w55c.net
pr-bh.ybp.yahoo.com
psp.pushnami.com
publisher-assets.spot.im
pubmatic-match.dotomi.com
query.fqtag.com
recirculation.spot.im
recommendationengine.googleapis.com
rtb-usw.mfadsrvr.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
rumcdn.geoedge.be
s-img.mgid.com
s.adtelligent.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s2s.aniview.com
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spot-im-d.openx.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-cdn.spot.im
static.chartbeat.com
stats.g.doubleclick.net
stats.newsweek.com
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.aniview.com
sync.crwdcntrl.net
sync.e-volution.ai
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
synchrobox.adswizz.com
synchroscript.deliveryengine.adswizz.com
syndication.twitter.com
token.rubiconproject.com
track1.aniview.com
trc.pushnami.com
trc.taboola.com
trinitymedia.ai
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
vd.trinitymedia.ai
vendors.privacymanager.io
vid.pubmatic.com
video.newsweek.com
visitor.fiftyt.com
web.hb.ad.cpe.dotomi.com
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.newsweek.com
x.bidswitch.net
yield-op-idsync.live.streamtheworld.com
cm.g.doubleclick.net
gdpr-wrapper.privacymanager.io
hb.spotim.market
nodeny.targetspot.com
sync.adtelligent.com
sync.spotim.market
trc.pushnami.com
video.newsweek.com
www.newsweek.com
104.109.78.125
104.111.219.144
104.16.199.73
104.19.132.78
104.19.133.78
104.19.217.61
104.244.42.200
107.23.223.65
108.128.238.12
109.206.161.21
13.224.186.114
13.224.186.129
13.224.186.42
13.224.186.53
13.224.186.84
13.224.198.4
13.225.78.101
13.225.78.129
13.225.78.18
142.250.185.130
142.250.186.98
15.197.193.217
151.101.1.44
151.101.66.49
151.139.128.11
154.59.122.79
159.65.197.210
162.55.6.210
169.197.150.8
169.50.137.184
178.250.2.151
18.196.197.61
18.197.219.57
18.207.50.145
18.233.199.60
184.31.84.150
185.184.8.65
185.29.132.241
185.33.221.15
185.33.221.89
185.64.189.110
185.64.189.111
185.64.189.112
185.64.189.229
185.64.190.78
185.86.137.107
185.94.180.124
185.94.180.126
192.132.33.46
192.173.28.145
195.5.165.20
198.148.27.140
198.47.127.20
2.16.186.10
2.16.186.18
2.16.186.19
2.16.186.34
2.16.186.9
2.18.233.180
2.18.234.21
2.19.35.65
2001:678:cb4:bbbb::11
205.185.216.10
208.80.55.87
208.92.55.233
209.54.180.3
209.58.175.20
213.155.156.169
213.174.135.1
213.174.135.2
213.19.147.44
216.52.31.73
23.23.108.37
2600:9000:20eb:1e00:18:1fcd:34f:cdc1
2600:9000:20eb:4200:11:2a6a:9480:93a1
2600:9000:20eb:5200:1b:d3ea:d40:93a1
2600:9000:20eb:6e00:8:bd4:5580:21
2600:9000:21f3:1800:16:f82a:8600:93a1
2600:9000:21f3:f000:4:b37b:9440:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1957
2606:4700:20::ac43:4a81
2606:4700::6810:135e
2606:4700::6812:272
2606:4700::6812:c05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:803::2004
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:809::2008
2a00:1450:4001:812::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9d
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00::210:ba28
2a02:fa8:8806:12::1400
2a02:fa8:8806:16::1460
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:400::300
2a06:8640:476:0:ec4:7aff:fe7e:de5e
3.126.56.137
3.226.53.204
3.227.93.166
34.102.253.54
34.206.115.172
34.237.48.88
34.239.242.184
34.248.112.127
34.254.143.235
34.254.143.3
34.95.69.49
34.98.64.218
34.98.67.61
35.186.195.222
35.186.253.211
35.190.36.172
35.190.72.161
35.201.96.126
35.212.212.222
35.244.174.68
37.157.5.142
38.27.122.101
51.178.20.140
51.79.83.225
52.4.236.19
52.45.237.203
52.49.53.128
52.57.216.146
52.59.79.223
54.159.124.237
54.194.226.253
54.236.81.149
54.243.44.20
54.246.208.198
54.36.172.109
54.81.207.173
66.155.71.25
69.173.144.139
77.243.60.138
85.114.159.118
87.98.242.60
99.83.219.100
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
013461d432d37185d5ccd23051ec3c2ef851ea19824b7b40b20859b15553fed2
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
017aa4f558f70fdc652bef9b0aba526204045ff2b4522fd983af3b4aa21fe7a9
01a6652ff92be63a01941aedd79bc71a497d0f2a517811b0edaa119930ebfbee
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01bfbebcf7a916d8709096744dfd6c21d256f9d17f12ebca3cb172c669614b17
033f11d1ea409362f54133ff86a417a137a87b24caf87160fd6ddf162ac17fb3
058a98c46e5b15ed2c067641fe8cc79cc167a3c1aa024247d3675135a70392a9
059ea9b739e16391a95f05e514efef0402980411e86d4ab735f26552773ba4aa
06121602e76bebd8a474c28cf12e9fcf1d8ee8d586ee61997702e39fe3b365dc
069201005cb27ac9084cff346dfe72d1a12ec3b431cf9c0b62c7b5c503db762e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a0e98533e70960f740a5218c2e601aaa3ad0fa9f4238ef1f64f583727624677
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b93c76e862c4698e9f493b9154680494cb2b736e5c5f0ee9f57f72422d2e140
0ca469ed8abd3e3e56ff48a67c98bfe747cc3b3d8ad1ab545f39865eb626e4c7
0d3c9be24dd2755dc74b547b2c7799f3a754c3b602be048af1b94dfb12a19b5e
0e053801f5ad997ee119aa361de6af141f95d529dda51ffd9881efd7a28e0160
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e
10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1102c1d55879469a1f0ca47d2626beaf313e2df7e39523f0ad688956fc1b5cae
11fad5790dad6ad4d5b6caec0674c9a6ea62220e5ffdc30a4cb90ea927416dee
156b3c84cd11fe2645859daf3f77742bb030a7c59d6e869406a94e50eab75ffc
167982fa128d47a62bd03befe22b8adb08f6d0a1590601b325d3d1a14f7c309d
16c79c55434a5e900ee21a4fe22011d460398bbc7e9dce025a6a8a0e462c0657
16ca60073befb1da5df5c00892f6d2f68dad90be6738036064559dc51bce01c3
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
17cacfdab3acb52f70136941db9ed504dd974da5158b4363e3f8e1d69e97aaeb
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18a676d8b55b92e6d83f4d333671c02e89b9558db94dd82a59187d05f5d1ed21
18bcde0edaa7d961a524aa1759d884d0ffcf11de78a5d0200fc42127a7ef8fcd
1b47d716e32c592a42fa54a2ddfd7654e63a0600bfe206d57524cc64f7e92061
1c04e29b5adf55e84c5d3703381232577ef4e47400762f5d460de49312f3691f
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1d656a62d00379daf3bbc8d0f465cd1a4dd061289996f2e3b39d6f55abd21f8b
1e19cd0114d128362c000a6cc35cd95bc20b8bfd78a637f3cc90a66b86319eca
21778a3a131fbbf7366d7f69a3a8d97df1f7c7a186268cf20962468daeed07ae
21ab438e5eea8e502cab483479b9b921cd30e6026d1382cda33690490d955113
2231cc2675089160d0dc3639efe8205cca08f8cced8ab45178afcfb3bfc8df27
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23bc2e4266f918f69d9626f506a2ce0fa33cc3b56bad3d74f6882500c31f8f56
250a0280938365d9f83769f776b3834a605a6560ca3df785029ba97b6ddd5c4e
25e3d8a882cb6c23fb986f3e2d5a4c4a09807a7a23a81416b2c4b016a68e3d0a
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
2999d371b9a26f0b9586afa9b7f01395b6bfc8264da8bee02b8e001b33b806e5
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b47d953a354f4b5c05ba19a91bd4b631aa6c5f530cab2e6807070ab67d189ed
2c33e1379a8c126e1a41ded8a3a513ffc5da1f2ca8b3f21313f29345d022bd39
2dec0d4cc4bf29ce5d5e170ff7415ef8b71f1badbfc84b79b676d31794cc7c24
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6de84703323876264451abd8cc5efb3c186692e6ca8d0064b49cd1e4943360
2ec0b21f417bbe2beccc0a0fdc58fd9b26c97958897c46c07185ad3d97be9f48
2f61970ee82fc1a77de3e31b33dac2f1f051d18c90ac175874f3fb738cc788c3
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
325c12c0b93d44d2d741a4f516f478e8160151c3d5adcdf6fdd9af7d594f1ca0
32bd128f9959f9814ed0ffde4a48e3f72d552efa0619675d3c26fa8d8625d30b
32d33d25df6d8dcf31a0373c5d302f9de5d6043c391c546cec40f5911a9936ea
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3498075c5fecbfcba9f37d8a12a10c7f29aabe59cf17f808c307a931327f7035
34f8effad515000aac7e68be60523f14650a6d8c1f7acfd643da94526d3506f2
363cf7df688ddbc910a6522f1b2071b36facef761aef0d583d23f29b8b9ba9b5
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3823487585822362741e3a820aee8d41f4e0bf7a01a216543a3945f272c54f92
388af73744b09132aa6a876cf3534a0dc298c8f907d3f1d3747c9cc77e377709
39f0996445cb4715ed149e1f3ca16835f41d8d012213516af2ea4708c4212137
3c04106baf1333a6d9411aff493577c67786b171cfa91501c8eb3e31405b3059
3e239468b064b2f80965cf9fb04ebfad8c892c9b559a86f9da1723b705ef1b8b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f8a34538bbe9a958252846b40f70aa526eb00428dd94e0d0059d5fa38929748
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40c03692521e713a479574cbbb0a40efe24e9ab0891e4c4541d90ada1f00241b
41740d49b8d1af86946eba82010374d6d774f6b2332531e6c2b82eb70aba2827
42601741abf2ab05ec7cfff4ea5e183479d689e7f611dcc4c7f2a625cf7d8ff0
471963b669d576ba53390b27f5f0bf67e4b119d2eb87b5f0611e6328a5361a83
4743bde81c1c82725553cd6f972874b01c61cec6c54c85d320c05e0e5aed5177
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49c39bb14d7039f01f8daa925b12cf8b53877f6bb2fc36148e56ae69c7f964d5
4b988e62ec61489c76175d29a0349c313bd374cb5a9020e892db92c5964549f8
4c4d99f60e72cfe57207498be562bb5f7d086f9d7f21a889bc954b120c67bfe5
4c55439b5c46b610a8ad182c0189e0fb9041e76258e672b2c0c380467056991f
4dc4abcd99f7976c1a0938575631974c55fa42bf76681e84ca56aeea3180966e
4dc82571bd8e2f29babe66f7eac465bef3e005d74e1956fc2175faa775d9f131
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e823ffccdf09dea9aa2abe62b166958c8b9ac16a593dc0c924c82400b5b2a1b
4e9fb77522b8c03b36b0df30b4d795dcea3dae457825f7dbedf58d427410b64e
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f6c6accb7e542c3bc48d84d4ec2d1360bd96825956d858f6fc7095776b1d1b2
50615719936bc35316757bcb02395fefab2566e58d24573a1008ec133726b1b0
5155b7bbe62d813abcdb182e907ea44f88451b8539fdc934e25365aaf3e7f536
527868c770ef179e8346dd82e084d21799a65be6ccc7514969d66656bd68503b
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
56163a085edb7b1777d2ffeb32b0be2b0ca68f487aae3146052f691c236f5be8
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5658d2e96e8b574fe84cdba7fb5344fe8ec4f9624403ee24685929a8f91ce52b
57358efdf2dc46cb220a3cbb45c8e914b7eda53673a69adaa2a47a77edeff562
575d0cf263d704e24f5096cea99f9e9668833c419170835d030eb224684ddbb1
57a1ce6a464cb160f6e924508226a255713ef8684ba52bc1ff781cf6da0d5835
57efbb0de169a960d70a6348eaa28d134ffbe8aa5846c7b4879990406e953d60
58410c9fac9040eca4c9f578eac2bea0b9b568369e3ceb70c77f74b05cb2741a
584c77a6f70354f4e4f5a7630ab2a362c2d946d99e8bfee1f0fbed2e085e6987
58baccb67ad903c46490adfc5aa6f2b33b749f10c1a381eb330d0f542a1811f4
5904016c445d3f031376908baac63628cf95eff16fc97768da303004d5e59774
5ca45975608533f61111071d56e2e6b1ca951a252d12307f78af38886a7c4220
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5d998b8247e9380e64a822d26af8a738bc76edf381626cb64e45c4358f7825fc
5dfeee7676263de8026ea0bb14db900bfac35d3bbd3be2f769241260b595c19c
60fbd8d9e0fa95c1cfc90c9e436194063c8beb11205ea10964c849b0e1aee383
6117833ed26e2daea398326243a821955e5d8c6bc9aec8e213c0d4d5d5faf426
6120f0aad9f193337754eb88657ba07ff36b316c6d1b152095ae1340c89a646f
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61687d59dd436dab580ea9e5b0b4f39514976ec7cbc3bde85633654876e67c99
62650fd33dce4209d2585176f5f4fcee4fb5abdeba5f3140bec1dd5f9abe043a
6511c6b15d4c448c995938d19365a23d09870535e0f07ad19df1a23dbfdbfb46
669cc72874b0a8266004f98a8d435e1acce502e8eb9d1c5eba43263d36538d2c
674a4590b8869ced7d06de23dd01dccd5d5bd62eff778c25f9b9a4fafad579a6
67b08c185967e7dbda1aecb9e42a11c61f24a20c0ccefe9ebfea250a4d67990c
687d152ab8d45cbb766fb71b9c0fd9d14c9f19fdbb0fa250b8663f2a0ff726b2
698fd87ecc735206c818d5a9459f045f62ce92ac90575993130389cb3461fdf2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0e61208b6c7d8d00c555f2600fca6b806bec63dd35ee0344d523ba1dec999d
6bc1b2c36134d2a98237a5f4047459471de285d2a015bfc41cb418bc85d919ae
6f36e6ca9d7ccb6cacb5abf948ba9dacddba3e72fc9637a85f1c6b0d1fe8db4b
6ff1325c954b63a9f066a9e13d6d23da5f4de5e50f9dd6b9798fcd95a98510d9
706140393e998e0f826da74293261c79caa5cee0100f4ab00312d3ab7267d199
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
74082cd506834dcc8ee94dce64115b61b413e00d4c9cdee32c0dcef1cf0b1ac1
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7496e3f039bb97b38366c0800e71741c453757251648851ffd7a0cc5eab6fd57
75ca257d1c507b5f0f5648b26c6087ba0e2b20574c690c0b3797587729447e41
783355953bbe7e1f4e9c05108a4c07199a3b0c9b291cbebfcc4b5583ac4b2143
7834d77e08448c1971e67f0b3e0f1d9ae277579721183dbc8542fe29660427cb
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00
7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7d58d26c2f2e3df3af60c9f42d614d56cce81b84e956347a167242dbf645edf8
7eba5f41d59aefb5990b99a781e0dbdfff7ae1d6987dcb5b18e12fde3629f262
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8094694b3b51e98a5e38b919288c8952a4bdfff35966b53b9c5c3a37ee98dbef
81b32228173740d4c383980b671afc90e386a45e14c5959f8379e49b3b6dd73c
8208435e623bb148f9a5b3e6a0759e7aea6138cde3d0a69a4257f71a0e9e20e6
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84142a73a37299b33f343e84b14e1803e7bd3f37445e694b3b7ed3d444c498bf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8605c3013493000cbca3c3826e22da03c8c1c64a5380bfa6682b3a41dc099b1e
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
894eb967c30bf1def47148fb71f3635a7e856cad4c3c8800cfcd21cc088ad088
8961431d93a9024ccb6d08a572aef6c75500f5edcfdab57ed669a0c1da9a839c
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b56a849804016eed9d3431f2f1c5cffe2d8423648584a867d9f31e0084d2a93
8ba249758db15548c8cd6bc042aff04deaefda56e7feab1781c3dcfcd2258e03
8d49b3070550d94e487ca7bb67ff0b7b7413fb13805385cf9ddb9b5fb32a97d0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dac2b2835fbb8662ea0e40961db6a2619f842405b9b3e2863daead031cc7484
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4
8e9b56f27a9f53628247a4a86a74d9d6a087e6eead1480b556a5cd7517f42d61
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
906757966bd332f90e4d66a8333d21b7e1b2d38a9590a56cbc64bbed859e5e8b
90d12e4fe02622058f8601a9907aedb266e0a16d613d24122c6ddef19281369f
9187af1b7e5239651f452112d72bc8e8a07ece15187d6b2c0eb2c928cfc014d5
91bcd62b2aa20763962ef09ce1faa047971fe07e50f54dd4d1e23349e98d06e3
934f132ea4578f772694fb00a088656a0d8f4e7a0bf7333a38459a1e35a90b89
94836ee52d2c5c54de49ccb8cc02c9d9c86d9b1a3e59689b2a61ed925f8131ea
953f38645d8667c037f64cc00cc5f39b335719014a5c4b1d6317961c9f79cbae
95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230
963d91c9c0ec60abf54cf2933043d49778185495c96a4fd5994d01a2e1395def
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd
987cc943a7fde397c9f07e3185118c77aca5d1837a57c1e6b17542a33cb2f974
98ada2f20ace30c628f3e5c2aeae635372ad2687dc9824a7c81b04a3375e1c22
998e1202c2e488520a53e1d57ca8727b4949a877a7859b792b2e09c24478d91e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f1737b5914cb07c544213ac0e8ffd654bb155bf68d08a7de2d8cf5f75af7c8
9a19209483cd31f0227408730c75f1f372ea1218f347a7fe97db8a480d16081e
9a7d43fb69c7d6aa3963384c2e2c75b4effa00916db86c0d5f155896243d3ed9
9b143f93af30376885fd8fe5a3d6dbe0518ba634eab0434d14b89058c3fe9722
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a
9e55c77140a9e6f5e45ef8424133dc9c61876b48f9d9add51c00b5181a125cc3
9f756f9c70557d9d5b982f5e8dd3c154d4fff03346b5ef5a6546e151ff27a400
9fbfca6b909c040e978a7c8e8471531e2c03e4af349c02263586dca5f1102fab
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b51ba25024fedcd9074066b464ec2dd88d655aa7d0821046ec3cc91dbc082a
a14a285ec68902299fcfba7158800035f7bc7378a1dcfa54c6b63da58fed5e25
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a357a10d4e6778d96c6b21831b6a7b7340234fe074f43a1ed4c1419983f0a825
a413824c1742577f86205bbf9affe15a3296667a9dfeee0e7e3d018a7b36729f
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a79015554b61637f26c57bf9d96b036476986c06e4ea69722bbfc1abdb9ea63f
a86fae43a94ac408aab297fba5dff884ac532d1a7ad7264d5243dbc92ba6a154
a9ae481dbf919991dab73fd3aeb7534daf1bcfcb2e5ee195ce9e3e07ea97b8e9
a9fc35546d0197d065fb59e93ddd9d915fe05f7f96ba9131bed87672aa8a50e6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa12b6968b55d509378d47dc26722bd22f3b62a5d85d11685817da0275601693
abc6afbabc154a546a8e41368dcc5d9cc0047f7349218961be8204ab23a1a874
ac2bffc7500e6182a046a8c5f102eaa431ebe8574c63902360a430e3dfdc8971
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad08bd3100213ec0dee3b3dc030401d6d98c9e61f5719e6296ed7cbdc6ea3588
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b0110b50fad062a88efcd31a58682cbda18141baef55c5967418db23117b0103
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14eb182ca495ec7c5087d39c6ed180ac8cb5bf488549cf82f152435c394d161
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b3608c1e25f786e7fa295bde2152b045f2d08ae42ae1499b5a3f1e9839c0381d
b366ebedd73e588b51286728e2dc0e0037db6cc3e557d6f4a7ad604beae2fbcb
b4199385e38e1ef411e9dc7826935fd872a5f84b49089932493ae6b46747a001
b47e5237075b356e0f05ca40422cb2a28ddcc3a57e831c816b159f53f31d8d1c
b4b39ca5355ac1188ff4b7173a58a6698db34cb297a79f8f3404ede010c58d3b
b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b
bab164d85e467a11e91cec9a64238e29bc0e5b0d6d8c107ebe2a4f19a7e99ac3
bbdf803fc830c5f59f05e87c0fe242f839afd9a51abbd465147e9b9aefdfb131
bc239d6547dbb8200bc536bb57c6021eb12d93eb8c8ec785059534cd71f1da2f
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bd47e11f786a55e1999e5ad7ced555a79c2f1de7b39dac2d20a74d66c495b156
c1a6a7f8f7f3378698e33d49b1204c360f32644c8f9ecb0e554845dd1c0c2f18
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c41d80f7eb1b900d4e59c23708a2ed8b8b7d8d4a32085109872067ede671e7a0
c4288ea598515bb42c621803902b970fa13ef30493867e8754f3732c56835b19
c6193d59408bbccb28c14923312541fc683c94a3611f43af8ecaa780cbdde408
c631d3bebb168e8549f41a8137a8681fc6d87da3b1b4c2cd6377b7d79b236caf
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c66da0325b852265a9c4d09067e8bb85dad6b8081953fd376b76202ec16c22cd
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c72659bec2957fe7d11d64fd336a9a0afdcc65e7e7d6c2fab8bd0cf0f8176fd8
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c829f9d67ab7851c5ce62820191525d4581aa26bc0a18f6cba0b5af2c7912dd6
c923bebc2c4f932a1f26f7d1bfa199c71b4c463401139e8d413bd8960665c9ea
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
c9bd241ee0c6d7556411a40fddfae7370f30035ef21360520f3270f2f07d20cf
c9c5d42cd8dd7b93b1013d69255aaaeb2d49dc4119e2170cc39bc2a0d72155d2
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca41b626b0c40af7a0adedbf4119a770f01d932eb6681f5105a3aa3ff3966e17
cb18fedde6067b1eec1601267e3cc897d5f21c505a3ae753d184b7d866cb08f0
cbd7d2963b7d091247c61dfa94f627713cbad438d0f017f25ebd1c173d0c7d1e
cc3f6a45f20912b138b665ab775ff489de6fdb2f1773596b7bc05599e8dd5640
cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb
ceea53e44ec565f4238f76684d3c16fe2c0806d7d0208678105d6f64320b8e56
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b91cfabaf7ba140533e3b22fd06288a149501e26daa1a4811ebf0c4874c984
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d30195845ddfb57ef40a6030a04efbb6dce498de3f5b3edd55d6954ddb90a920
d5b4ef7b6d923614cc4dd27570e7f95c8df504dea5af1d3ddcc775e45b0ba4da
d63021a7579cb254773c59528d0fe1a2fce50b85b40f60eeeff867fab4f5fb2d
d64f5a6026be5ebd4c55a874964e4c3f25afc298ac5a339b1dd8953a02609928
d73c80c747e2ebaa8fce065cb77d293449cc8ca02591327c5a95d924c1948364
d96359b975ea60541c0a2af5c5de0197241e5e769841ac87cdb8dbb636dac16f
d9c2502c20756ad4e93fa04c37dfd7e8e11fa44cb2fd32f33231d496b8cb493d
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd68965e8c0fcdaa2d8981f06470677ed0bcef645e55830ad135654e2af02059
de05b8db19b9e3d5e77196d517f5be875ab0a91d7eb005bfd6ef5fb9f500d933
de8136fc9494cfa72d1b998dc1b50384d8544609650b479734b26f9beafbaaed
deeb560572ebd9bba091a7b32f4045935e7c1fb483c1c5741a2e9393dc9d70a0
e06fc339d38567b64374e674ffc323b3716ed66dbc81388608f36fffe3e6fb3e
e0f07a16dd57415ba9b70ac1e804ddca8cdab57b1f83d58975ad92fc032cd821
e14bf3b2258b56e6788da675f193addb19321144269e7edc3116564a11491543
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e400ca183538fec825251c3f0a11ab0b88011a58fa5de1d5775f7a279b445300
e4cf1c133b96419d7116640c9850740280ad5aed7e54b9749f7bb3211d6be4f7
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
e81d765fd9d13b7e471dd6c2fab410a3d2e375906cb2b23940b26fe5336640bc
eb2574d70d5f0772a1db3af3aa2c6e35e9bdff473091d125459bc55bf6c71b7f
ec7b0920edd587ab28f87f8dd09eb315b23c6253922f8a88f01811e09fc4cf45
ec81f7c2ee2dc189ce37face320d6d51c40b07327967ffa515e560fa91ccbffe
ed0644373b45c3887aac91458f0eb0ce20ecf6af81415572406e3e62583b80f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f299cc209b42386e835e582ab9df70812b17ca95bf1c403d955f612f4040d448
f29d04ee0f5958ea024817ae15ffbd3e6f15dfd6c741c1927a6d8c7b3fbd3e38
f4951af9b05287d59d886f60e84cd4b31f27b413bda703594642a2feb54c3561
f66c97d684875155618cb73deeea36588d952857e96eb1d9a28ae672a3cce7f3
f683d45e98691b2f1a91ee5a3c537bfe66be72d969348f0c80b346086e244dad
f68fb30cc89ecba117cf0a8c36d1715f779236fb616d5e2f6a8c6eaa1ee6cf3e
f695bd419cc1cc4959996d1441e57fb34dc4da7c4dd369d088fc9ed320069066
f74966512f04924db3b8316e29302c21659f974c9c6fe9e3a553db2f51d8a700
f7bf4fbf497360e80618e2be266274d02a15d555c93202e27076e5772d2eb7fc
f7f50ceea4dcad83eea61dff325d95f0b850b87d8624192f5a4e503dfef3ff3c
f824a26c7f61a78c7a831152c65e7e3f84805603113dfc5c6b5ab60c19c18c76
f8a4185d9d4367b48bb922a20cd461d72aeb180bdc5a1faf8cc3048f5b38e1cd
f94758f9d00a8640b643eb789a3718b8df478369c290c541f92923bc59b4f70e
f95c199571050efd8f5e76fbe151a162750f1550c4e4753097e9bc8dc45fa9d8
fb603fb9eb626a56cef3f9d4f148dc6b6501d7408b5a35f475459e9099234be9
fc6686761d3664feb55c6717335a43fcc4f9546505e3c1fd2d5c8bdb807b3b24
fddc60b2dffc77cdd676277da60c6628f8402f7aef5157d5164f2a3e8b836fab
fe54b5127cc6707048a0042f4477cd02d27edd5e08690a3ad70ac63ec6d3af66
fecf08d48dbc946b3487abedf98eda2cc270626b457f350347e67729bb4c007c
ff86910919f2816d04d7ae0cae0b28182b27974843c07650de4215edbb50e435