fivethirtyeight.com Open in urlscan Pro
192.0.66.240 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/
Submission: On November 09 via manual (November 9th 2022, 8:06:28 am UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 16 domains to perform 57 HTTP transactions. The main IP is 192.0.66.240, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is fivethirtyeight.com. The Cisco Umbrella rank of the primary domain is 41274.
TLS certificate: Issued by R3 on September 23rd 2022. Valid for: 3 months.

This is the only time fivethirtyeight.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	192.0.66.240 192.0.66.240	2635 (AUTOMATTIC) (AUTOMATTIC)
12	3.124.173.63 3.124.173.63	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.21.20.196 2.21.20.196	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1498	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:218... 2600:9000:2182:5a00:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.242.111.67 34.242.111.67	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:aa00:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1 3	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
1	34.197.79.82 34.197.79.82	14618 (AMAZON-AES) (AMAZON-AES)
2	52.49.142.208 52.49.142.208	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:231... 2600:9000:2315:d200:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
3	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	34.250.94.91 34.250.94.91	16509 (AMAZON-02) (AMAZON-02)
57	24

6 192.0.66.240 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

fivethirtyeight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com

dcf.espn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.20.196 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-196.deploy.static.akamaitechnologies.com

cdn.espn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1498 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.espn.go.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2182:5a00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.111.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-111-67.eu-west-1.compute.amazonaws.com

disney.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:aa00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.37 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.79.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-79-82.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.142.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-142-208.eu-west-1.compute.amazonaws.com

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:d200:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

2cpx4yoeuv2fi7lsp0nshbealt2ak1667981183.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

sw88.go.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

203693bd86f8de4c201a3b2461d806b6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.94.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-94-91.eu-west-1.compute.amazonaws.com

global.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	espn.com dcf.espn.com — Cisco Umbrella Rank: 2965 cdn.espn.com — Cisco Umbrella Rank: 3333	232 KB
8	googlesyndication.com 203693bd86f8de4c201a3b2461d806b6.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	42 KB
7	imrworldwide.com cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2094 secure-dcr.imrworldwide.com — Cisco Umbrella Rank: 2118 2cpx4yoeuv2fi7lsp0nshbealt2ak1667981183.nuid.imrworldwide.com global.imrworldwide.com — Cisco Umbrella Rank: 7834	68 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 635	126 KB
6	fivethirtyeight.com fivethirtyeight.com — Cisco Umbrella Rank: 41274	125 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 207	2 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264	131 KB
3	go.com assets.espn.go.com — Cisco Umbrella Rank: 63045 sw88.go.com — Cisco Umbrella Rank: 22017	2 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	2 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 404	620 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 750	14 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5594	792 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1349	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1610	24 KB
1	demdex.net disney.demdex.net — Cisco Umbrella Rank: 9507	835 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	27 KB
57	16

	Domain	Requested by
12	dcf.espn.com	fivethirtyeight.com dcf.espn.com
6	cdn.cookielaw.org	dcf.espn.com
6	fivethirtyeight.com	fivethirtyeight.com
4	pagead2.googlesyndication.com	dcf.espn.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	dcf.espn.com
3	sb.scorecardresearch.com	1 redirects fivethirtyeight.com
3	cdn-gl.imrworldwide.com	dcf.espn.com
3	securepubads.g.doubleclick.net	dcf.espn.com
2	sw88.go.com	dcf.espn.com
2	secure-dcr.imrworldwide.com	fivethirtyeight.com
1	global.imrworldwide.com
1	www.google.com	dcf.espn.com
1	bam.nr-data.net	dcf.espn.com
1	js-agent.newrelic.com	dcf.espn.com
1	203693bd86f8de4c201a3b2461d806b6.safeframe.googlesyndication.com	dcf.espn.com
1	adservice.google.com	dcf.espn.com
1	adservice.google.de	dcf.espn.com
1	2cpx4yoeuv2fi7lsp0nshbealt2ak1667981183.nuid.imrworldwide.com	fivethirtyeight.com
1	ping.chartbeat.net	fivethirtyeight.com
1	static.chartbeat.com	dcf.espn.com
1	disney.demdex.net	dcf.espn.com
1	www.googletagservices.com	dcf.espn.com
1	assets.espn.go.com	dcf.espn.com
1	cdn.espn.com	dcf.espn.com
57	24

This site contains links to these domains. Also see Links.

Domain
privacy.thewaltdisneycompany.com
www.iabprivacy.com
www.onetrust.com

Subject Issuer	Validity	Valid
fivethirtyeight.com R3	`2022-09-23` - `2022-12-22`	3 months	crt.sh
dcf.espn.com Entrust Certification Authority - L1K	`2022-05-19` - `2023-06-18`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
assets.espncdn.com R3	`2022-09-14` - `2022-12-13`	3 months	crt.sh
a.espncdn.com Entrust Certification Authority - L1K	`2022-08-30` - `2023-09-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.nuid.imrworldwide.com Amazon	`2022-05-12` - `2023-06-10`	a year	crt.sh
sw88.go.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/
Frame ID: D8FE3B39E61CC7EBA5089FEAC3CE2909
Requests: 48 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 1ED8ADD11D7BD3343F04C66692F43CB5
Requests: 3 HTTP requests in this frame

Frame: https://203693bd86f8de4c201a3b2461d806b6.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 4E99DCE9423807B961A07817625DADB9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 46706C852F071292D10543E00978731E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA7858A457239D2CE9B02EEFBD0EA09B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DTCI | Iframe Ad | InContent2022 Election: Live Analysis and Results | FiveThirtyEightBack ButtonSearch IconFilter Icon

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

57
Requests

98 %
HTTPS

54 %
IPv6

16
Domains

24
Subdomains

24
IPs

4
Countries

797 kB
Transfer

2534 kB
Size

17
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://privacy.thewaltdisneycompany.com/en/current-privacy-policy/your-california-privacy-rights/
Title: Your California Privacy Rights

Search URL Search Domain Scan URL

URL: https://www.iabprivacy.com/optout.html
Title: link

Search URL Search Domain Scan URL

URL: https://privacy.thewaltdisneycompany.com/en/dnsmi/
Title: Do Not Sell My Personal Information Rights

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://sb.scorecardresearch.com/cs/3000032/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/ 20 KB
7 KB 75ms
21ms Document
text/html 192.0.66.240
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.240 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

12166847e4e48419105f819fabb39186195cc4c0abc0215aefe04c25df98944f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 905
cache-control: max-age=1800
content-encoding: gzip
content-length: 7204
content-type: text/html; charset=UTF-8
date: Wed, 09 Nov 2022 08:06:22 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://fivethirtyeight.com/wp-json/>; rel="https://api.w.org/" <https://fivethirtyeight.com/wp-json/wp/v2/fte_liveblog/347800>; rel="alternate"; type="application/json" <https://53eig.ht/3WRYYYG>; rel=shortlink
server: nginx
strict-transport-security: max-age=63072000;includeSubdomains;preload
vary: Accept-Encoding
x-cache: hit
x-frame-options: SAMEORIGIN
x-rq: ams7 0 4 9980

GET
H2 200 Bootstrap.js Show response
dcf.espn.com/TWDC-DTCI/prod/ 444 KB
90 KB 93ms
30ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Requested by: Host: fivethirtyeight.com
URL: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c8323ab7c99cab01c47ec37f798a8b7ca18b8067d40efa0f2fd74613e0c6a428

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
x-amz-version-id: IcP3hLGfWIFlZicExevkA.60G12X1YW1
content-encoding: br
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 398683
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 04 Nov 2022 17:20:13 GMT
server: nginx
etag: W/"0153ed96e47215650c033b52570a8bc0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: VRnP3Dmxtphwa6tVU9DM1DSNp1drbk1o2k4CC5U91Gg7G_x--sXP2A==

GET
H2 200 AtlasGrotesk-Bold-Web.woff2
fivethirtyeight.com/wp-content/themes/espn-fivethirtyeight/dist/fonts/ 46 KB
46 KB 22ms
21ms Font
font/woff2 192.0.66.240
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fivethirtyeight.com/wp-content/themes/espn-fivethirtyeight/dist/fonts/AtlasGrotesk-Bold-Web.woff2

Requested by

Host: fivethirtyeight.com
URL: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.240 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8af09e8c9c3b34c1b55ab10e800f88c2de79389ab79c2605f7d8cdc5f6b5bac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload

Request headers

Referer: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/
Origin: https://fivethirtyeight.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;includeSubdomains;preload
age: 275
x-cache: hit
content-length: 46793
x-rq: ams7 0 4 9980
last-modified: Tue, 08 Nov 2022 22:00:57 GMT
server: nginx
etag: W/"636ad199-b6a8"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 08:06:23 GMT

GET
H2 200 AtlasGrotesk-Regular-Web.woff2
fivethirtyeight.com/wp-content/themes/espn-fivethirtyeight/dist/fonts/ 42 KB
42 KB 46ms
45ms Font
font/woff2 192.0.66.240
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fivethirtyeight.com/wp-content/themes/espn-fivethirtyeight/dist/fonts/AtlasGrotesk-Regular-Web.woff2

Requested by

Host: fivethirtyeight.com
URL: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.240 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

756b57b9506e55450d6acae335bbfbcde42bd368ad6f4739c7e808152ef6fb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload

Request headers

Referer: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/
Origin: https://fivethirtyeight.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;includeSubdomains;preload
age: 246
x-cache: hit
content-length: 43247
x-rq: ams7 0 4 9980
last-modified: Tue, 08 Nov 2022 22:00:57 GMT
server: nginx
etag: W/"636ad199-a8e0"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 08:06:23 GMT

GET
H2 200 decimamonopro-webfont.woff2
fivethirtyeight.com/wp-content/themes/espn-fivethirtyeight/dist/fonts/ 21 KB
21 KB 45ms
44ms Font
font/woff2 192.0.66.240
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fivethirtyeight.com/wp-content/themes/espn-fivethirtyeight/dist/fonts/decimamonopro-webfont.woff2

Requested by

Host: fivethirtyeight.com
URL: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.240 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1a51c9ea618c09dc7c55b20a84fd51710636ae0cda6274853436d31d605060c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload

Request headers

Referer: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/
Origin: https://fivethirtyeight.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;includeSubdomains;preload
age: 144
x-cache: hit
content-length: 21272
x-rq: ams7 0 4 9980
last-modified: Tue, 08 Nov 2022 22:00:57 GMT
server: nginx
etag: W/"636ad199-52fc"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 08:06:23 GMT

GET
H2 200 ads.min.js Show response
fivethirtyeight.com/wp-content/plugins/dtci-ads/assets/js/ 26 KB
8 KB 45ms
44ms Script
application/javascript 192.0.66.240
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fivethirtyeight.com/wp-content/plugins/dtci-ads/assets/js/ads.min.js?ver=1.0.24

Requested by

Host: fivethirtyeight.com
URL: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.240 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4a106f3c07c55cdf93c3d861df2f7253be84e2b9abdc4542fff78a6b0fd2f9f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
x-rq: ams7 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=63072000;includeSubdomains;preload
last-modified: Mon, 31 Oct 2022 07:49:12 GMT
server: nginx
age: 35820
etag: W/"635f7df8-68ab"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7666
expires: Thu, 09 Nov 2023 08:06:23 GMT

GET
H2 200 a9.min.js Show response
fivethirtyeight.com/wp-content/plugins/dtci-ads/assets/js/ 2 KB
1 KB 46ms
45ms Script
application/javascript 192.0.66.240
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fivethirtyeight.com/wp-content/plugins/dtci-ads/assets/js/a9.min.js?ver=1.0.24

Requested by

Host: fivethirtyeight.com
URL: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.240 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6354ca132f80466b973adabc2b699a40c98be2a15b39dfb9d7df24e4300e54fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
x-rq: ams7 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=63072000;includeSubdomains;preload
last-modified: Mon, 31 Oct 2022 07:49:12 GMT
server: nginx
age: 35820
etag: W/"635f7df8-941"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 972
expires: Thu, 09 Nov 2023 08:06:23 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 140ms
50ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: HNx4bdEmRgn5g09KulPi7w==
age: 29174
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Mon, 07 Nov 2022 20:04:18 GMT
server: cloudflare
etag: 0x8DAC0FB40BD33FE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ee9d1454-f01e-008f-11e5-f296ba000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 76750c7b7f4512a0-MRS

GET
H2 200 otCCPAiab.js Show response
cdn.espn.com/onetrust/ 20 KB
6 KB 215ms
77ms Script
application/x-javascript 2.21.20.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.espn.com/onetrust/otCCPAiab.js
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-196.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7c86228c67a0de9e8ac17b653af0594bc5ef257109946e842db6dbca73fc1f40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: gzip
last-modified: Wed, 19 Oct 2022 16:29:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: W/"f6b0f4fdd5b866ced947784db66dbffa"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=297
x-amz-cf-id: ZZcohlyLesPU6UOWPfIkGpTYy7zamplk_CZzcye_vbkZG-vukUjo5Q==
content-length: 5455

GET
H2 200 dcf-relay.js Show response
assets.espn.go.com/players/web-player-bundle/next/embed/ 3 KB
1 KB 158ms
22ms Script
application/javascript 2a02:26f0:3500:16::215:1498
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.espn.go.com/players/web-player-bundle/next/embed/dcf-relay.js
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1498 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbe1b048080e1fc4c6856199561145b705aa5908bcc2ce6fadc9c3dabcff6793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 15:45:40 GMT
server: AmazonS3
etag: "a97f63ba4317fd6d41606e9feefd54ef"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2420
accept-ranges: bytes
x-datastream-cache-status: 1
content-length: 1253

GET
H2 204 r.rnc
dcf.espn.com/privacy/v1/b/ 0
106 B 16ms
15ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcf.espn.com/privacy/v1/b/r.rnc?n=0&c=2750&i=5cu3xc&p=prod&s=324&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjAUAPAeY2xpZW50SWQiOjI3NTAsInB1Ymxpc2hQYXRoIjoicHJvZCIsImluc3RhbmNlJwDyTiI1Y3UzeGMiLCJwYWNrZXQiOjAsIm1vZGUiOiJlbmZvcmNlIiwiY29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLAAYCIsInR5cFEA8A9iaWxsaW5nIiwic3RhcnQiOjE2Njc5ODExODMxOTFaAKBkIjotMSwic291eQAiOiIrAEF0dXMiDABgcmVhc29uZQDUXSwiZGF0YVBhdHRlchIAwmxpc3QiOltdLCJpZF0AwDk4MTE4MzE5MX1dfQ
Requested by: Host: fivethirtyeight.com
URL: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 09 Nov 2022 08:06:22 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 69ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

906f15ce09027ae7ee1ea20221dd57975adcb7beecbec773577fab7fbd4a4c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27318
x-xss-protection: 0
server: sffe
etag: "1388 / 235 of 1000 / last-modified: 1667948909"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Nov 2022 08:06:23 GMT

GET
H2 200 serverComponent.php Show response
dcf.espn.com/TWDC-DTCI/prod/ 955 B
723 B 36ms
35ms Script
text/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dcf.espn.com/TWDC-DTCI/prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=/TWDC-DTCI/prod/code/&publishedOn=Fri%20Nov%2004%2017:20:08%20GMT%202022&ClientID=2750&PageID=https%3A%2F%2Ffivethirtyeight.com%2Flive-blog%2F2022-midterm-election%2Fiframe_ad%2FInContent%2F%3Fcds%3Dn%26country%3Dxx%26region%3Dxx%26shouldFire%3Dy%26nAsyncNgeo%3Dn%26portal%3Dnone%26siteRegion%3D%26realHost%3Dfivethirtyeight.com%26kpTlium%3Dn&custDomain=dcf.espn.com
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 959d7fb50d7cc84b2ef7a55ecef3aa913d763ff92937967355bded2768f5cb8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-P7
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
x-amz-cf-id: mQx12BePg9ExYRohBnr9Yx-0KlUEQNrJ7hjRA4QTimcK7Cy6M6vH3Q==
expires: Wed, 09 Nov 2022 08:06:22 GMT

GET
H2 200 pubads_impl_2022110801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 77ms
16ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070812

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 07:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131898
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:38:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Nov 2023 07:55:17 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 142 B
720 B 83ms
24ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fivethirtyeight.com

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5fb187cdfd48ee193cf5d457b86c3c11514955b335c1efc06fa0a7088b02f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85
x-xss-protection: 0
expires: Wed, 09 Nov 2022 08:06:23 GMT

GET
H2 200 726f7b5c-bcd4-467e-97a2-d1fafd6a6b16.json Show response
cdn.cookielaw.org/consent/726f7b5c-bcd4-467e-97a2-d1fafd6a6b16/ 3 KB
2 KB 162ms
63ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/726f7b5c-bcd4-467e-97a2-d1fafd6a6b16/726f7b5c-bcd4-467e-97a2-d1fafd6a6b16.json

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4418fbdf67f215d1bb9862d9d4903604bb3b2a97e3acc456f9009aa4a9f67402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: wcmISVKjadZxxVr6QKN5Gw==
age: 30923
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1279
x-ms-lease-status: unlocked
last-modified: Thu, 01 Jul 2021 13:27:15 GMT
server: cloudflare
etag: 0x8D93C93F11F8600
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 65a0c9c5-c01e-0069-4066-c9874a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 76750c7c8d1a6271-OTP
expires: Thu, 10 Nov 2022 08:06:23 GMT

GET
H2 200 8d18ebe2ae149deda51cd43c04b53501.js Show response
dcf.espn.com/TWDC-DTCI/prod/code/ 9 KB
2 KB 25ms
22ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dcf.espn.com/TWDC-DTCI/prod/code/8d18ebe2ae149deda51cd43c04b53501.js?conditionId0=4903428
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 23a76f0801abd181699e6369abb320c1b041070f8acd8c2c72cc60307c750226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
x-amz-version-id: uIzLcvHOn2PPM2DiNWzkbXQXyZJIov0U
content-encoding: br
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 2392231
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 12 Oct 2022 15:35:38 GMT
server: nginx
etag: W/"25545f4fcf16de359041ec8ad34882b2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: AWY_umMjINXji8vuJi_-71Q4fhVHumM8SkjBs2MogHtvXjjWxVX0Fw==

GET
H2 200 13338772c896ca57363f55467619bf21.js Show response
dcf.espn.com/TWDC-DTCI/prod/code/ 1 KB
1 KB 29ms
25ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dcf.espn.com/TWDC-DTCI/prod/code/13338772c896ca57363f55467619bf21.js
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fe1d784fd7f830bef67ea5df45c57a36a9fedf7219757f86e61d4438baedd300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
x-amz-version-id: ZcagOyDGnwg1qQsgsuSdac_ViVALlMrm
content-encoding: gzip
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 958479
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 29 Sep 2021 19:21:10 GMT
server: nginx
etag: W/"0f79b6fe485d017942a0ef30c25bf1fd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: NpkSknSGoDqUPJ_orKQEIRNPdhbRp7lkGyRf08cloZhCgT8YloV1vg==

GET
H2 200 d64305a51b68fbb7395e4dda9d26cea6.js Show response
dcf.espn.com/TWDC-DTCI/prod/code/ 4 KB
2 KB 33ms
30ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dcf.espn.com/TWDC-DTCI/prod/code/d64305a51b68fbb7395e4dda9d26cea6.js?conditionId0=4907302
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13003f6094c4eb1bc913acd46925b00ed0a530551285d67c40744958c04c3ff2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
x-amz-version-id: JIue1dGz9I3NDOOHz1Why.y6pIOW1LhR
content-encoding: br
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 3597533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 28 Sep 2022 16:47:10 GMT
server: nginx
etag: W/"42d408354d9148afe46b7ae3ad9e28c8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: gLLae_UY2rG_nyI5iXyd1huLBfoTMPczVIgXThDGC__qJ_PEm9zmOA==

GET
H2 200 c302bb0856d021c7d5693b3f5a8d6bef.js Show response
dcf.espn.com/TWDC-DTCI/prod/code/ 167 KB
52 KB 44ms
42ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dcf.espn.com/TWDC-DTCI/prod/code/c302bb0856d021c7d5693b3f5a8d6bef.js?conditionId0=4903428
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ffdbb9a32861923d0f42490c7166bec2c7afdb5673acdf55a59e294fdc7d76b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
x-amz-version-id: 70HCEiv1m9e5OlPOu8_EnJPBvcgtPMOg
content-encoding: br
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 431081
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 17 Oct 2022 22:01:18 GMT
server: nginx
etag: W/"63d691ea4c591d24776ebcb764b981a2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: qWdzTuOv67JywULfOorEcUKLKduwwwXoHGWwEKUKFjF69xRRYqqhkg==

GET
H2 200 ed9cc89e72efe4115d590b2b9169c222.js Show response
dcf.espn.com/TWDC-DTCI/prod/code/ 1 KB
1 KB 35ms
33ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dcf.espn.com/TWDC-DTCI/prod/code/ed9cc89e72efe4115d590b2b9169c222.js?conditionId0=4871166
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 09aa197b780bfe7b955974d6d0445d27e123088102766ce969315233d7379aad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
x-amz-version-id: F06adO24Ipb3cn4rtbbbXuJ4o4E2EOXQ
content-encoding: br
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 632723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 31 Oct 2022 23:38:43 GMT
server: nginx
etag: W/"f844dc74d8fc792a359204fe34a5acf3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: eCaLGn_yK0fe1DsYugULBr-tuzFqgsrHPCvZZljFRtPG1RiXzKmrGw==

GET
H2 200 377c0add18dfd2afc4a117b068931453.js Show response
dcf.espn.com/TWDC-DTCI/prod/code/ 271 KB
69 KB 34ms
32ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dcf.espn.com/TWDC-DTCI/prod/code/377c0add18dfd2afc4a117b068931453.js?conditionId0=4908200
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1bd0adfed99aa880d22e14c4a6fdfd98f6eb82838bbd39a935322f6bf304fd3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
x-amz-version-id: ZyzGylqqTGr_mM.oxEF_vIgvmZpssjR0
content-encoding: br
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 1937087
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 17 Oct 2022 22:01:18 GMT
server: nginx
etag: W/"312b752e79f63dae7ef70e418c4622e5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: LyUsui0_zPuSnyytlN1KRC_ogghVmBGRXPvYK0cpfEp3Bz7BATX7QA==

GET
H2 200 5c0ec23f08fd76443a02ba34f049b87b.js Show response
dcf.espn.com/TWDC-DTCI/prod/code/ 20 KB
5 KB 39ms
37ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dcf.espn.com/TWDC-DTCI/prod/code/5c0ec23f08fd76443a02ba34f049b87b.js?conditionId0=4905157
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dd5efcb292165150468b674c4631c4a6cf8e0b7c56e480ef4ade6f20e30723c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
x-amz-version-id: 31eRLY1r76vD4Ouc7spxjIXMJs9oE9t2
content-encoding: br
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 1778720
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 19 Oct 2022 18:00:52 GMT
server: nginx
etag: W/"990f1077b1b5722a50e0f20e5a296ce4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: nmIRulrd_FGyE_O-tG3YY5xkDeSn-YGCmVYGcrdQv6rwZkcayqbtpA==

GET
H2 200 b8eb46d2bc4a563822a29fe60a99fe89.js Show response
dcf.espn.com/TWDC-DTCI/prod/code/ 4 KB
2 KB 39ms
38ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dcf.espn.com/TWDC-DTCI/prod/code/b8eb46d2bc4a563822a29fe60a99fe89.js?conditionId0=4907302
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ec0009201101057a27da59cd6954f6bc2c7fe2a0845322d04ed78df0ec32c5a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
x-amz-version-id: fabH6RNzB7J_QJ86oD6qrFvX7Ead56jk
content-encoding: br
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 3597533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 28 Sep 2022 16:47:10 GMT
server: nginx
etag: W/"d37b0dc5457b2f8cc10d71269ec75c02"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: U1PQi-6YRT6RZKgm5MEm-nNimneVz9VYAuHJNseiu8tLzxotMdCGZg==

GET
H2 200 PF2155097-E1B7-4900-A8F3-22BADF34DBC6.js Show response
cdn-gl.imrworldwide.com/conf/ 28 KB
7 KB 102ms
19ms Script
application/javascript 2600:9000:2182:5a00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PF2155097-E1B7-4900-A8F3-22BADF34DBC6.js
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5a00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35ff4dcd5278fb40da3e5c31effc2ae9eb9fe7a8f658fdd28c883756b37d17c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: cjHqt6LDrWRJkr8t02uCOvp7ULOe1x1m
content-encoding: gzip
via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
date: Wed, 09 Nov 2022 07:54:17 GMT
last-modified: Tue, 08 Nov 2022 23:19:14 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 747
x-amz-server-side-encryption: AES256
etag: W/"21ff13e6b4e9af5698213073fd37cbbd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,s-maxage=86400
x-amz-cf-id: rdHBcv9nKoLNFi8oF5BmVUMOZDNzj4eXMHGsOkrUiNeYmz0LPkvHEA==

GET
H/1.1 200
OK id Show response
disney.demdex.net/ 185 B
835 B 303ms
61ms XHR
application/json 34.242.111.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://disney.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=C7A21CFE532E6E920A490D45%40AdobeOrg&d_nsid=0&d_coppa=true&ts=1667981183407

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.111.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-111-67.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ae30aa49666a7b6d96e31c8cbe0770264c21a7347ce940e011e650678486e559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fivethirtyeight.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v045-0c67d0b74.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: CIoEy9+TRyI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://fivethirtyeight.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 186
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 70 KB
24 KB 103ms
22ms Script
application/x-javascript 2600:9000:2182:aa00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:aa00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 06:45:57 GMT
content-encoding: gzip
via: 1.1 0406d08716a9781a5c19ff86db2debd2.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:51:11 GMT
server: nginx
x-amz-cf-pop: DUS51-C1
age: 4826
etag: W/"62d7517f-1181e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: VnwKR6jM7vWtuDIVa_k8c6mfaNO19IvbWuAIHH_lPUdriyKIVO2DOQ==
expires: Wed, 09 Nov 2022 08:45:57 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/3000032/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

17ms
16ms

Script
application/javascript

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: fivethirtyeight.com
URL: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/
Protocol: H2
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 07:57:57 GMT
content-encoding: gzip
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 507
x-amz-server-side-encryption: AES256
etag: W/"5b0f9f0704a703b8da651007721fac57"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 3W2sVJTWfTTRlhTMLm-n7lLS2qoBsnrj8uqgdqg6BjtgE8TzEC1gQw==

Redirect headers

location: /internal-cs/default/beacon.js
date: Wed, 09 Nov 2022 08:06:23 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: R9xm8IztXaz0vDrWAWKqifR7EOLy3yq4SLZYpzkf_kIxbVRN4ZEIog==
x-cache: Miss from cloudfront

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.18.0/ 377 KB
84 KB 52ms
52ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: cIchS4lr7UaDx9LQCq2apA==
age: 29104
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 85787
x-ms-lease-status: unlocked
last-modified: Mon, 24 May 2021 01:24:55 GMT
server: cloudflare
etag: 0x8D91E52BCFB1A90
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8410bbf9-f01e-0121-31dd-0bf382000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 76750c7cea7012a0-MRS

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 195 KB
55 KB 22ms
22ms Script
application/javascript 2600:9000:2182:5a00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5a00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: Tw1ZrV6S6M8HrQmSnEoR4BpykB7j_69v
content-encoding: gzip
via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
date: Wed, 09 Nov 2022 07:52:58 GMT
x-amz-cf-pop: DUS51-C1
age: 806
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 28 Sep 2022 14:09:01 GMT
server: AmazonS3
etag: W/"81a9e2a298d0019660cb2966f0c24748"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: oQXjtCXlVqWg03JCKRqG_ICwcJ6VcIo9rVVkcKCbCRvtWNKsAwpmgw==

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 19ms
18ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3000032&cs_it=b2&cv=3.8.0.210223&ns__t=1667981183520&ns_c=UTF-8&c7=https%3A%2F%2Ffivethirtyeight.com%2Flive-blog%2F2022-midterm-election%2Fiframe_ad%2FInContent%2F&c8=DTCI%20%7C%20Iframe%20Ad%20%7C%20InContent&c9=
Requested by: Host: fivethirtyeight.com
URL: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 09JO2hwxLLfUwyXeIkLJl5sbU3CJA_3izw-qyNtDT754HdzshMoEdg==
x-cache: Miss from cloudfront

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 328ms
105ms Image
image/gif 34.197.79.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=fivethirtyeight.com&p=%2Flive-blog%2F2022-midterm-election%2Fiframe_ad%2FInContent%2F&u=BOV7kgPW_gdDBLfp7&d=fivethirtyeight.com&g=12240&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=640&t=CDzj_pDzSrFKq9X6vB_95LgBRkOui&V=136&i=DTCI%20%7C%20Iframe%20Ad%20%7C%20InContent&tz=0&sn=1&sv=DGAv0aBGlsol9pCdRBM6OdBDiF2I4&sd=1&im=06630cff&_
Requested by: Host: fivethirtyeight.com
URL: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.79.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-79-82.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 09 Nov 2022 08:06:23 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 1ED8 12 KB
4 KB 19ms
18ms Document
text/html 2600:9000:2182:5a00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5a00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://fivethirtyeight.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1851
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 09 Nov 2022 07:35:33 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Wed, 28 Sep 2022 14:09:00 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
x-amz-cf-id: An-_9YyiJkjAOBpE5rhlKfvH8-0WP2uVTx4YFKYclPA1pGNxLaJ2Bg==
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: kefD87rpNa3sUBHNjAEOkjjRzic54A4V
x-cache: Hit from cloudfront

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/726f7b5c-bcd4-467e-97a2-d1fafd6a6b16/bcbf68ca-723f-44a2-a940-3f05bae89597/ 77 KB
18 KB 62ms
62ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/726f7b5c-bcd4-467e-97a2-d1fafd6a6b16/bcbf68ca-723f-44a2-a940-3f05bae89597/en.json

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfbc8b9fefe799c77f92024b58cdc0e7562b89fe7da5ea1bfc26150b4eb23dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: e34Ox0Tnn0/cYYNZRSLwgA==
age: 30922
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 17928
x-ms-lease-status: unlocked
last-modified: Thu, 01 Jul 2021 13:27:27 GMT
server: cloudflare
etag: 0x8D93C93F81EF536
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 871ea18a-501e-0045-640a-1e0577000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 76750c7dcf146271-OTP
expires: Thu, 10 Nov 2022 08:06:23 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 1ED8 44 B
720 B 266ms
65ms Image
image/gif 52.49.142.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PF2155097-E1B7-4900-A8F3-22BADF34DBC6&sessionId=2cpx4yoeuv2fi7lsp0nshbealt2ak1667981183&c16=sdkv,bj.6.0.0&uoo=&fp_id=gsyxem2mcmtk2e2fe1ekychrfmlbt1667981183&fp_cr_tm=1667981183593&fp_acc_tm=1667981183593&fp_emm_tm=1667981183593&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by: Host: fivethirtyeight.com
URL: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-208.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 08:06:23 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
2cpx4yoeuv2fi7lsp0nshbealt2ak1667981183.nuid.imrworldwide.com/ Frame 1ED8 35 B
350 B 156ms
18ms Image
image/gif 2600:9000:2315:d200:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2cpx4yoeuv2fi7lsp0nshbealt2ak1667981183.nuid.imrworldwide.com/
Requested by: Host: fivethirtyeight.com
URL: https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:d200:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 08:18:07 GMT
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 85697
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: Kc50EEmltIx5VZY0h-1y76HoU2igVVht15HP3PCaQ1ZG35jNQIumKw==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.18.0/assets/ 12 KB
3 KB 71ms
67ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.18.0/assets/otFlat.json

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: MrQfM8mTXwqoZ1+V6sXNuw==
age: 30921
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2938
x-ms-lease-status: unlocked
last-modified: Mon, 24 May 2021 01:24:48 GMT
server: cloudflare
etag: 0x8D91E52B88C8775
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5158c732-801e-00a9-186d-c40d0e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 76750c7e4fcb6271-OTP

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.18.0/assets/v2/ 47 KB
12 KB 67ms
63ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.18.0/assets/v2/otPcCenter.json

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eec660e2b3b122746049afba74759e1d3012e9757e4d93063212a770eb150b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JTlGibHifnk7UYNZMi6GKg==
age: 25601
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11495
x-ms-lease-status: unlocked
last-modified: Mon, 24 May 2021 01:24:49 GMT
server: cloudflare
etag: 0x8D91E52B978E95A
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b899cbaf-601e-00ce-6c6c-c4bea9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 76750c7e4fcd6271-OTP

GET
H2 200 id Show response
sw88.go.com/ 48 B
456 B 123ms
28ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sw88.go.com/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=C7A21CFE532E6E920A490D45%40AdobeOrg&mid=77133528015081231223511327548273000203&d_coppa=true&ts=1667981183716

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

900fca894dff3d9effb2c6e75a14566f31e1c757687d72e8e2e3d690c0f72263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fivethirtyeight.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://fivethirtyeight.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 74ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fivethirtyeight.com

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 70ms
27ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fivethirtyeight.com

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 834 B
975 B 97ms
85ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2936511005840482&correlator=2358875321934963&hxva=1&scor=740539570137033&eid=31070660%2C31070747%2C31070790%2C31070812%2C31069563&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=21783347309%2Cabc-news%2Cfivethirtyeight.com%2Cweb%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=1&adks=1681081495&sfv=1-0-39&prev_scp=pos%3Dincontent&eri=1&cust_params=pgtyp%3Dblog%26sp%3Dfivethirtyeight%26objid%3D347800%26lang%3Den%26devType%3Ddesktop%26tag%3D2022-election%252C2022-governors-elections%252C2022-house-elections%252C2022-midterms%252C2022-senate-elections%252Cattorney-general%252Cballot-initiatives%252Cdonald-trump%252Celection-results%252Cexit-polls%252Cjoe-biden%252Cnate-silver%252Cpolling%252Cpolls%252Csecretary-of-state%252Cswing-states%252Cvoter-turnout%26hip%3D54e1a15094e8911d53f6cdc879ea4fffbcb1c3191c6fab35ff22ef65cee35961%26prof%3Dxl%26devOS%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F107.0.5304.87%2520Safari%252F537.36&sc=1&cookie_enabled=1&abxe=1&dt=1667981183747&lmt=1667981183&dlt=1667981183006&idt=450&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffivethirtyeight.com%2Flive-blog%2F2022-midterm-election%2Fiframe_ad%2FInContent%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=1602189671.1667981184&ga_sid=1667981184&ga_hid=791785688&ga_fc=false

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d84b2c1206535bd6533153b1b23a56056e86132a0a0d6e33c6853bc4e0addd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 463
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fivethirtyeight.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
203693bd86f8de4c201a3b2461d806b6.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 4E99 6 KB
3 KB 107ms
24ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://203693bd86f8de4c201a3b2461d806b6.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fivethirtyeight.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 08:06:23 GMT
expires: Thu, 09 Nov 2023 08:06:23 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 64ms
15ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
via: 1.1 varnish
date: Wed, 09 Nov 2022 08:06:23 GMT
x-amz-request-id: K52DT7KZ35P52RPM
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: M2GwBFgjwAJIQUuejyBBefLBJAcr5x2BqeklFzyaTmPeLl1NpM01NVuK/O8ugHhw6wx3swcFnyk=
x-served-by: cache-hhn4045-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1667981184.959975,VS0,VE0
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11447

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 75ms
34ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110801&st=env

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78d13958c37f887f54bdd9a4af48dd74b48ec03847f07f7c5c315ed767845fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11152
x-xss-protection: 0

GET
H/1.1 200
OK f6169b8cc4 Show response
bam.nr-data.net/1/ 49 B
620 B 215ms
160ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/f6169b8cc4?a=100041457&v=1216.487a282&to=bwcDZBYEW0ZVVhEMXVZNIFMQDFpbG1wDF1NVBz5RAA%3D%3D&rst=1045&ck=1&ref=https://fivethirtyeight.com/live-blog/2022-midterm-election/iframe_ad/InContent/&ap=191&be=105&fe=972&dc=264&perf=%7B%22timing%22:%7B%22of%22:1667981182927,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:10,%22c%22:10,%22s%22:31,%22ce%22:56,%22rq%22:56,%22rp%22:77,%22rpe%22:78,%22dl%22:79,%22di%22:264,%22ds%22:264,%22de%22:270,%22dc%22:972,%22l%22:972,%22le%22:1010%7D,%22navigation%22:%7B%7D%7D&at=Q0AUEl4eSBkWVEdfSUUf&jsonp=NREUM.setToken
Requested by: Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 08:06:24 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 76750c804a2a907c-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 831ms
791ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 08:06:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4670 13 KB
5 KB 49ms
15ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fivethirtyeight.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 08:06:17 GMT
expires: Thu, 09 Nov 2023 08:06:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DA78 783 B
1 KB 68ms
28ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: dcf.espn.com
URL: https://dcf.espn.com/TWDC-DTCI/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e2aff5e8ae2daadb1ad1ba2bcf951038437eb4814f98c101dddac5bd1ba910a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lK6GzqaVuhlZzEhph_nD8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fivethirtyeight.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-lK6GzqaVuhlZzEhph_nD8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 08:06:24 GMT
expires: Wed, 09 Nov 2022 08:06:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4670 36 KB
16 KB 50ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 19:30:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 19:30:53 GMT

GET
H2 200 s21527750397253
sw88.go.com/b/ss/wdgnewfivethirtyeight/1/JS-2.20.0/ 43 B
224 B 30ms
29ms Image
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sw88.go.com/b/ss/wdgnewfivethirtyeight/1/JS-2.20.0/s21527750397253?AQB=1&ndh=1&pf=1&t=9%2F10%2F2022%208%3A6%3A24%203%200&mid=77133528015081231223511327548273000203&aamlh=6&ce=UTF-8&pageName=live-blog&g=https%3A%2F%2Ffivethirtyeight.com%2Flive-blog%2F2022-midterm-election%2Fiframe_ad%2FInContent%2F&c.&login_status=logged%20out&page_name=live-blog&page_url=https%3A%2F%2Ffivethirtyeight.com%2Flive-blog%2F2022-midterm-election%2Fiframe_ad%2FInContent%2F&site=fivethirtyeight&premium=NO&consent_string=1&consent_mode=unknown&.c&server=fivethirtyeight&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=C7A21CFE532E6E920A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 08:06:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 08:06:24 GMT
server: jag
etag: 3581962318172979200-4619840735144834943
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 08 Nov 2022 08:06:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DA78 0
0 53ms
53ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110801&jk=2936511005840482&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4670 0
10 B 23ms
15ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6p3qlQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
596 B 69ms
68ms Image
image/gif 52.49.142.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=us-600140&ch=us-600140_c10_live-blog_S&asn=live-blog&fp_id=gsyxem2mcmtk2e2fe1ekychrfmlbt1667981183&fp_cr_tm=1667981183593&fp_acc_tm=1667981183593&fp_emm_tm=1667981183593&ve_id=&sessionId=2cpx4yoeuv2fi7lsp0nshbealt2ak1667981183&prv=1&c6=vc,c10&ca=NA&c13=asid,PF2155097-E1B7-4900-A8F3-22BADF34DBC6&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,adi5qa4tms0oisk2bmhzgq5dac93d1667981183&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16679811835886551&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=live-blog&c3=st,c&c64=starttm,1667981185&adid=live-blog&c58=isLive,false&c59=sesid,&c61=createtm,1667981184&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Ffivethirtyeight.com%2Flive-blog%2F2022-midterm-election%2Fiframe_ad%2FInContent%2F&c66=mediaurl,&sdd=&c62=sendTime,1667981184&rnd=98782
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-208.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 08:06:25 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 gn
global.imrworldwide.com/cgi-bin/ 35 B
543 B 265ms
63ms Image
image/gif 34.250.94.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://global.imrworldwide.com/cgi-bin/gn?prd=metadata&c9=devid,&c13=asid,PF2155097-E1B7-4900-A8F3-22BADF34DBC6&sessionId=2cpx4yoeuv2fi7lsp0nshbealt2ak1667981183&c30=bldv,6.0.0.623&pgUrl=https%3A%2F%2Ffivethirtyeight.com%2Flive-blog%2F2022-midterm-election%2Fiframe_ad%2FInContent%2F&pgTitle=DTCI%20%7C%20Iframe%20Ad%20%7C%20InContent&uoo=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.94.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-94-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 08:06:25 GMT
strict-transport-security: max-age=31536000
max-age: 0
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-length: 35
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
53ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110801&jk=2936511005840482&bg=!-vml-b3NAAZPh4lnb4c7ACkAdvg8WtpaDwVx4ofOmgs-cKn6CjGHmw0JIadnpfwKErn-_eXGu5lTLQIAAACAUgAAAANoAQcKAC-eDzdO08SHwlWC5940xRFyHcpv8wHbaIjEBCoMJ3_VDGVjB9m_0u2UsEPeLf6kSpkCrTryhXHZLor7vPcXTonE1SIDmeC4gTVdWg_RE_LBuzHnIXsx0uVv2AZNIXyPx4DGm0SUyYMfMtkIkN9lfgL413NsqapqOz7ruMJx-T0r2Cun3c8BF1xhhwjWPypdmZTk4zSqAQEcnmNPSDSFu61WWFb5MgB2kBaxpM0Ysqp7Ka41H7WhmtKFmKtyYE_WGOdp8GacdktVf2I8zY4Dhhd8tvxjk2I7THCsh1IggGoGG-PE9vewdhEMkIhfp5qYHrnOvY6HM6BNEBbXJqvP3qoKKz3hAHlf4p_8OsMqmXMlEOsI1cr5m_PT4d0a7nlL_BUH8FG_BpQhNthvTWqpUDrK95mM2_xJXfYU2xiQiOdDIpC8BLw4n0xMBOgp5U7cRrEAZYAUSMrx1_lChwva-afbOSXXM82vYTXoRE7C_lREALffG8Tu_6i54Hi5kHHeHKqcZtPu27JerjYOV-9abPBmO9NHUiLxEOCDIab6EpJAkU4mrE_pLNOpSVoZTZvKJW6XAbvn3dFQaPs-bVHjmAmfjXcHjsBSsTzQ35H50glOnnqK-gnfNxV1V3JpHmbmuLH5qKHxUcrNPNc3Dsd9UOLeLmncyK4faqP1XG5DyR9p5rfJRj_EYdyuK-YqN_QbUCUosZxPHohjDnnq4b9V6UZtauDqBzFeFtSosurALvMsU46zpCr_tnzpr_vvEHmmEvKEoYdRswYSbJ5A4E1r1V-1CC_Cku8M7IBzwkRM1PvkSNO5M0A79U2DGe9ETnfbTfEQHiM_Zs2cbfWe4WD6LeQkrdtpqLstXWxIQF7sPOicyWT_IxH4RaVAC0IgOpH_3u1TgKBNtFwJsCbJgmz-WtBBXXHzOd_RGLkXHNJPYHvole9M2sRmzxHif7xT2MQAaSiamoiNN-VKIXwJiLS2xlo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 204 r.rnc
dcf.espn.com/privacy/v1/b/ 0
106 B 18ms
18ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcf.espn.com/privacy/v1/b/r.rnc?n=1&c=2750&i=5cu3xc&p=prod&s=4308&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjAUAPAeY2xpZW50SWQiOjI3NTAsInB1Ymxpc2hQYXRoIjoicHJvZCIsImluc3RhbmNlJwDyTiI1Y3UzeGMiLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlIiwiY29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLAA8hhodHRwczovL2Fzc2V0cy5lc3BuLmdvLmNvbS9wbGF5ZXJzL3dlYi0MAPAWLWJ1bmRsZS9uZXh0L2VtYmVkL2RjZi1yZWxheS5qcyIsInR5cJ0A0HNjcmlwdCIsInN0YXK3AMA2Njc5ODExODMxNzelAEVkIjoxFACAMzM4LCJzb3XPABA6AQGAZXJ0QmVmb3LeAMBzdGF0dXMiOiJsb2EgAWByZWFzb27LANRdLCJkYXRhUGF0dGVyEgCxbGlzdCI6W10sImlkAN83MDAzODMzMjY3NH0s_QBvHzj9AAwxbXV0mgGiT2JzZXJ2ZXJDTEUBDwMBMx81AwEH8jRkaXNuZXkuZGVtZGV4Lm5ldC9pZD9kX3Zpc2lkX3Zlcj01LjAuMSZkX2ZpZWxkZ3JvdXA9TUMmZF9ydGJkPWpzb24mKAAhMiYIAEBpZnk9LwD2NG9yZ2lkPUM3QTIxQ0ZFNTMyRTZFOTIwQTQ5MEQ0NSU0MEFkb2JlT3JnJmRfbnNpZD0wJmRfY29wcGE9dHJ1ZSZ0cz0pAjY0MDdkAjJ4aHIcAQphAi40MGECARQABWECslhIUl9NQU5BR0VSQQACXQFvYWxsb3dlYwIgvzY3MzIzNTYzNjMxYAHSDsQCKDQwwQMPYAFHHzJgAQfxBGNkbi1nbC5pbXJ3b3JsZHdpZGXFBPMpY29uZi9QRjIxNTUwOTctRTFCNy00OTAwLUE4RjMtMjJCQURGMzREQkM2LmpzI25hbWU9bmxzbkmGBdYmbnM9Tk9MQlVORExFfAIP4AQHPTM5NeMDPzUwNOAERp82NzM3NTg2MTHgBAkPHQF1PzQyMB0BABc1HQEPAAVBBSMBLzk5QAIH8gVzYi5zY29yZWNhcmRyZXNlYXJjaEEC_wFzLzMwMDAwMzIvYmVhY29u6QYUPjQyM-wALzIx7ABNrzk4OTQ5MzUxNzPsAAgAZAaxYy5jaGFydGJlYXToADVqcy8RAG9fdmlkZW_pABYeMukAJzcw6QA_aW5z0gc4vzY3NTAzMzg5OTA24wBXD8wBAAnjAA-4AkME6QAfN-kABw_bAwXyBm5vdm1zL2pzLzIvbmxzU0RLNjAwLr8JPy5tacUCFS81MPkAAC85NtwBSI8zNDEzMzI1N6sICA_zAE0eNM8CCfMAD-wBQwT5AA_VAggP-QALgGh0bWwvbHMuCAAGqgZTaWZyYW1ICwopCT01ODnpACg2M7gDoGFwcGVuZENoaWwWCQ-JCyyvNjc5NjEyNTIwOMYHIALOAgDaAA_iABoAtwEhZW4IDASADAriAA_LAUME6QAPbwYJNHc4OGgND2kLD09BJm1jSQsX8BRtaWQ9NzcxMzM1MjgwMTUwODEyMzEyMjM1MTEzMjc1NDgyN9IGPzIwM2sLCDY3MTZFAg9rCwQ9NzE2QgIBFAAPawtIjzI1NzY1OTQx3wYJD1wB_ybAMjU3NjU5NDEzfV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fivethirtyeight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:06:25 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 09 Nov 2022 08:06:24 GMT

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fivethirtyeight.com/	1969-12-31 23:59:59	Name: s_ensCDS Value: 0
fivethirtyeight.com/	1969-12-31 23:59:59	Name: s_ensRegion Value: unknown
fivethirtyeight.com/	1969-12-31 23:59:59	Name: _dcf Value: 1
.fivethirtyeight.com/	1970-01-20 16:48:29	Name: _cb Value: BOV7kgPW_gdDBLfp7
.fivethirtyeight.com/	1970-01-20 16:48:29	Name: _chartbeat2 Value: .1667981183551.1667981183551.1.DGAv0aBGlsol9pCdRBM6OdBDiF2I4.1
.fivethirtyeight.com/	1970-01-20 07:19:42	Name: _cb_svref Value: null
.fivethirtyeight.com/	1970-01-20 11:38:53	Name: nol_fpid Value: gsyxem2mcmtk2e2fe1ekychrfmlbt1667981183\|1667981183593\|1667981183593\|1667981183593
fivethirtyeight.com/	1970-01-20 16:05:17	Name: usprivacy Value: 1YNY
.fivethirtyeight.com/	1969-12-31 23:59:59	Name: AMCVS_C7A21CFE532E6E920A490D45%40AdobeOrg Value: 1
.fivethirtyeight.com/	1970-01-20 16:55:41	Name: AMCV_C7A21CFE532E6E920A490D45%40AdobeOrg Value: -1951643950%7CMCIDTS%7C19306%7CMCMID%7C77133528015081231223511327548273000203%7CMCAAMLH-1668585983%7C6%7CMCAAMB-1668585983%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1667988383s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.0.1
.doubleclick.net/	1970-01-20 07:19:42	Name: test_cookie Value: CheckForPermission
.fivethirtyeight.com/	1970-01-20 16:41:17	Name: __gads Value: ID=e9802e20c0304f37-2242579671ce007b:T=1667981183:S=ALNI_MYhRZujXScNe4cCQir6Xg39Wg0rSw
.fivethirtyeight.com/	1970-01-20 16:41:17	Name: __gpi Value: UID=00000b7ebaa8f1ea:T=1667981183:RT=1667981183:S=ALNI_MbCF3YaPrWQs2Qu7HNW8cFZO-4MBw
.imrworldwide.com/	1970-01-20 16:41:17	Name: IMRID Value: 6711dbc0-6005-11ed-ae27-312edef00bfa
.fivethirtyeight.com/	1970-01-20 16:05:17	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Nov+09+2022+08%3A06%3A23+GMT%2B0000+(GMT)&version=6.18.0&hosts=&consentId=da732444-8dc0-4579-8fc9-f343d457d157&interactionCount=0&landingPath=https%3A%2F%2Ffivethirtyeight.com%2Flive-blog%2F2022-midterm-election%2Fiframe_ad%2FInContent%2F&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CSPD_BG%3A1%2CC0004%3A1
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 77300379256f567a
.fivethirtyeight.com/	1969-12-31 23:59:59	Name: s_cc Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

203693bd86f8de4c201a3b2461d806b6.safeframe.googlesyndication.com
2cpx4yoeuv2fi7lsp0nshbealt2ak1667981183.nuid.imrworldwide.com
adservice.google.com
adservice.google.de
assets.espn.go.com
bam.nr-data.net
cdn-gl.imrworldwide.com
cdn.cookielaw.org
cdn.espn.com
dcf.espn.com
disney.demdex.net
fivethirtyeight.com
global.imrworldwide.com
js-agent.newrelic.com
pagead2.googlesyndication.com
ping.chartbeat.net
sb.scorecardresearch.com
secure-dcr.imrworldwide.com
securepubads.g.doubleclick.net
static.chartbeat.com
sw88.go.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
13.32.121.37
13.36.218.177
151.101.130.137
162.247.241.14
192.0.66.240
2.21.20.196
2600:9000:2182:5a00:2:42d9:3100:93a1
2600:9000:2182:aa00:18:1fcd:351:7bc1
2600:9000:2315:d200:1d:667e:2a40:93a1
2606:4700::6810:9540
2a00:1450:4001:808::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:26f0:3500:16::215:1498
3.124.173.63
34.197.79.82
34.242.111.67
34.250.94.91
52.49.142.208
09aa197b780bfe7b955974d6d0445d27e123088102766ce969315233d7379aad
12166847e4e48419105f819fabb39186195cc4c0abc0215aefe04c25df98944f
13003f6094c4eb1bc913acd46925b00ed0a530551285d67c40744958c04c3ff2
1a51c9ea618c09dc7c55b20a84fd51710636ae0cda6274853436d31d605060c7
1bd0adfed99aa880d22e14c4a6fdfd98f6eb82838bbd39a935322f6bf304fd3b
23a76f0801abd181699e6369abb320c1b041070f8acd8c2c72cc60307c750226
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2d84b2c1206535bd6533153b1b23a56056e86132a0a0d6e33c6853bc4e0addd4
35ff4dcd5278fb40da3e5c31effc2ae9eb9fe7a8f658fdd28c883756b37d17c8
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
4418fbdf67f215d1bb9862d9d4903604bb3b2a97e3acc456f9009aa4a9f67402
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a106f3c07c55cdf93c3d861df2f7253be84e2b9abdc4542fff78a6b0fd2f9f3
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6354ca132f80466b973adabc2b699a40c98be2a15b39dfb9d7df24e4300e54fc
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e2aff5e8ae2daadb1ad1ba2bcf951038437eb4814f98c101dddac5bd1ba910a
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
756b57b9506e55450d6acae335bbfbcde42bd368ad6f4739c7e808152ef6fb5c
78d13958c37f887f54bdd9a4af48dd74b48ec03847f07f7c5c315ed767845fb6
7c86228c67a0de9e8ac17b653af0594bc5ef257109946e842db6dbca73fc1f40
8af09e8c9c3b34c1b55ab10e800f88c2de79389ab79c2605f7d8cdc5f6b5bac9
900fca894dff3d9effb2c6e75a14566f31e1c757687d72e8e2e3d690c0f72263
906f15ce09027ae7ee1ea20221dd57975adcb7beecbec773577fab7fbd4a4c32
959d7fb50d7cc84b2ef7a55ecef3aa913d763ff92937967355bded2768f5cb8d
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ae30aa49666a7b6d96e31c8cbe0770264c21a7347ce940e011e650678486e559
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c5fb187cdfd48ee193cf5d457b86c3c11514955b335c1efc06fa0a7088b02f9b
c8323ab7c99cab01c47ec37f798a8b7ca18b8067d40efa0f2fd74613e0c6a428
cbe1b048080e1fc4c6856199561145b705aa5908bcc2ce6fadc9c3dabcff6793
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbc8b9fefe799c77f92024b58cdc0e7562b89fe7da5ea1bfc26150b4eb23dee
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dd5efcb292165150468b674c4631c4a6cf8e0b7c56e480ef4ade6f20e30723c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
ec0009201101057a27da59cd6954f6bc2c7fe2a0845322d04ed78df0ec32c5a2
eec660e2b3b122746049afba74759e1d3012e9757e4d93063212a770eb150b31
fe1d784fd7f830bef67ea5df45c57a36a9fedf7219757f86e61d4438baedd300
ffdbb9a32861923d0f42490c7166bec2c7afdb5673acdf55a59e294fdc7d76b5

fivethirtyeight.com Open in urlscan Pro 192.0.66.240 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

54 %IPv6

16 Domains

24 Subdomains

24 IPs

4 Countries

797 kBTransfer

2534 kBSize

17 Cookies

4 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

fivethirtyeight.com Open in urlscan Pro
192.0.66.240 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

54 %
IPv6

16
Domains

24
Subdomains

24
IPs

4
Countries

797 kB
Transfer

2534 kB
Size

17
Cookies

57 HTTP transactions
0 data transactions