cm.usatoday.com Open in urlscan Pro
151.101.2.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cl.exct.net/?qs=a785ec11179647916b0e02703497f77618c5e42692e069f8884c74867a684e492257f7afd1e9f4bae14da4c96261...
Effective URL:
https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm...
Submission: On February 15 via api (February 15th 2022, 4:07:28 pm UTC) from CA — Scanned from CA

Summary HTTP 103 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 39 IPs in 1 countries across 42 domains to perform 103 HTTP transactions. The main IP is 151.101.2.62, located in United States and belongs to FASTLY, US. The main domain is cm.usatoday.com. The Cisco Umbrella rank of the primary domain is 28168.
TLS certificate: Issued by R3 on February 8th 2022. Valid for: 3 months.

This is the only time cm.usatoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:1400:d:5... 2600:1400:d:5a2::416d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
20	151.101.2.62 151.101.2.62	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.225.230.7 13.225.230.7	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.66.62 151.101.66.62	54113 (FASTLY) (FASTLY)
2	34.107.143.101 34.107.143.101	15169 (GOOGLE) (GOOGLE)
1	13.225.58.39 13.225.58.39	16509 (AMAZON-02) (AMAZON-02)
1 4	13.225.230.19 13.225.230.19	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1	34.198.46.170 34.198.46.170	14618 (AMAZON-AES) (AMAZON-AES)
1	52.86.94.111 52.86.94.111	14618 (AMAZON-AES) (AMAZON-AES)
6	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	13.225.229.246 13.225.229.246	16509 (AMAZON-02) (AMAZON-02)
1	199.232.36.157 199.232.36.157	54113 (FASTLY) (FASTLY)
1	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
1	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
1	35.227.211.136 35.227.211.136	15169 (GOOGLE) (GOOGLE)
2	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1 5	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
13	52.4.155.217 52.4.155.217	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	34.102.161.46 34.102.161.46	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:402... 2607:f8b0:4023:1404::9a	15169 (GOOGLE) (GOOGLE)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
6 6	50.19.100.94 50.19.100.94	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	173.223.56.123 173.223.56.123	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
1 2	3.230.62.22 3.230.62.22	14618 (AMAZON-AES) (AMAZON-AES)
3 4	68.67.181.202 68.67.181.202	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
1 1	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	13.225.230.56 13.225.230.56	16509 (AMAZON-02) (AMAZON-02)
1 2	209.54.180.144 209.54.180.144	16509 (AMAZON-02) (AMAZON-02)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
2 2	23.54.68.240 23.54.68.240	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.206.33.80 34.206.33.80	14618 (AMAZON-AES) (AMAZON-AES)
1 1	75.126.248.142 75.126.248.142	36351 (SOFTLAYER) (SOFTLAYER)
103	39

1 2600:1400:d:5a2::416d (New York, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

cl.exct.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.101.2.62 (United States)

ASN54113 (FASTLY, US)

cm.usatoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticassets.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
user.usatoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::200a (Queens, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.230.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-7.jfk51.r.cloudfront.net

try.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.62 (United States)

ASN54113 (FASTLY, US)

staticassets.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.143.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.143.107.34.bc.googleusercontent.com

dcinfos-cache.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.58.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-58-39.ewr53.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.230.19 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-19.jfk51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::200e (Queens, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::200e (Queens, United States)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.46.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-46-170.compute-1.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.94.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-94-111.compute-1.amazonaws.com

10870841.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.229.246 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-229-246.jfk51.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.36.157 (New York, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.211.136 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 136.211.227.35.bc.googleusercontent.com

gannett.sjv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.226.184 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.4.155.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-155-217.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.161.46 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 46.161.102.34.bc.googleusercontent.com

ariane.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1404::9a (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 50.19.100.94 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-100-94.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.56.123 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-123.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.230.62.22 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-62-22.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.181.202 (Secaucus, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2004 (Queens, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.230.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-56.jfk51.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.180.144 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.10 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.54.68.240 (Piscataway, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-240.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.33.80 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-33-80.compute-1.amazonaws.com

px.surveywall-api.survata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.126.248.142 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 8e.f8.7e4b.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	krxd.net 6 redirects cdn.krxd.net — Cisco Umbrella Rank: 1228 beacon.krxd.net — Cisco Umbrella Rank: 371 consumer.krxd.net — Cisco Umbrella Rank: 1569 usermatch.krxd.net — Cisco Umbrella Rank: 981	195 KB
12	usatoday.com cm.usatoday.com — Cisco Umbrella Rank: 28168 user.usatoday.com — Cisco Umbrella Rank: 16921	228 KB
8	gannettdigital.com staticassets.gannettdigital.com — Cisco Umbrella Rank: 59088	524 KB
6	abtasty.com try.abtasty.com — Cisco Umbrella Rank: 9550 dcinfos-cache.abtasty.com — Cisco Umbrella Rank: 10766 ariane.abtasty.com — Cisco Umbrella Rank: 10238	62 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 443	123 KB
5	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 943	1 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	673 B
4	doubleclick.net 2 redirects pubads.g.doubleclick.net — Cisco Umbrella Rank: 506 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	2 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 129	3 KB
3	google.com news.google.com — Cisco Umbrella Rank: 5027 www.google.com — Cisco Umbrella Rank: 2	52 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	202 KB
3	gannett-cdn.com www.gannett-cdn.com — Cisco Umbrella Rank: 5995	54 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463	2 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 266	2 KB
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 845	1 KB
2	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 891 loadus.exelator.com — Cisco Umbrella Rank: 1160	648 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 357	886 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 468	576 B
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1072	14 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2498 p1.parsely.com — Cisco Umbrella Rank: 1996	26 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 709	808 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 691	622 B
1	survata.com 1 redirects px.surveywall-api.survata.com — Cisco Umbrella Rank: 2561	798 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 855	982 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 811	763 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 593	655 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 388	656 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 387	661 B
1	google.ca www.google.ca — Cisco Umbrella Rank: 8810	501 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 447	716 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 283	447 B
1	t.co t.co — Cisco Umbrella Rank: 456	336 B
1	sjv.io gannett.sjv.io — Cisco Umbrella Rank: 12848	501 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 539	6 KB
1	igodigital.com 10870841.collect.igodigital.com — Cisco Umbrella Rank: 14201	2 KB
1	xg4ken.com resources.xg4ken.com — Cisco Umbrella Rank: 4436	4 KB
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 2559	16 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	1 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 250	31 KB
1	exct.net 1 redirects cl.exct.net — Cisco Umbrella Rank: 37537	447 B
103	42

	Domain	Requested by
13	beacon.krxd.net	cdn.krxd.net
11	cm.usatoday.com	cm.usatoday.com
8	staticassets.gannettdigital.com	cm.usatoday.com
6	usermatch.krxd.net	6 redirects
6	cdn.krxd.net	www.gannett-cdn.com cdn.krxd.net
6	cdn.cookielaw.org	cm.usatoday.com cdn.cookielaw.org
5	tr.snapchat.com	1 redirects sc-static.net
4	ib.adnxs.com	3 redirects
4	www.facebook.com
4	sb.scorecardresearch.com	1 redirects www.gannett-cdn.com
3	www.google-analytics.com	www.gannett-cdn.com www.google-analytics.com
3	connect.facebook.net	www.gannett-cdn.com connect.facebook.net
3	www.gannett-cdn.com	cm.usatoday.com www.gannett-cdn.com
3	try.abtasty.com	cm.usatoday.com try.abtasty.com
2	ssum-sec.casalemedia.com	2 redirects
2	s.amazon-adsystem.com	1 redirects
2	ps.eyeota.net	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	pixel.tapad.com	2 redirects
2	consumer.krxd.net	cdn.krxd.net
2	analytics.twitter.com	static.ads-twitter.com
2	sc-static.net	www.gannett-cdn.com tr.snapchat.com
2	news.google.com	www.gannett-cdn.com news.google.com
2	dcinfos-cache.abtasty.com	try.abtasty.com
2	geolocation.onetrust.com	cdn.cookielaw.org
1	um.simpli.fi	1 redirects
1	loadus.exelator.com
1	px.surveywall-api.survata.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	sync.go.sonobi.com	1 redirects
1	token.rubiconproject.com
1	aa.agkn.com
1	sync.mathtag.com	1 redirects
1	www.google.ca
1	www.google.com
1	loadm.exelator.com
1	stags.bluekai.com	1 redirects
1	idsync.rlcdn.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ariane.abtasty.com	try.abtasty.com
1	t.co
1	gannett.sjv.io	d.impactradius-event.com
1	p1.parsely.com
1	pubads.g.doubleclick.net
1	static.ads-twitter.com	www.gannett-cdn.com
1	10870841.collect.igodigital.com	www.gannett-cdn.com
1	resources.xg4ken.com	www.gannett-cdn.com
1	d.impactradius-event.com	www.gannett-cdn.com
1	cdn.parsely.com	www.gannett-cdn.com
1	user.usatoday.com	cm.usatoday.com
1	cdnjs.cloudflare.com	cm.usatoday.com
1	ajax.googleapis.com	cm.usatoday.com
1	cl.exct.net	1 redirects
103	53

This site contains links to these domains. Also see Links.

Domain
www.usatoday.com
login.usatoday.com
account.usatoday.com
user.usatoday.com
subscribe.usatoday.com
static.usatoday.com
profile.usatoday.com
chat.usatoday.com
help.usatoday.com

Subject Issuer	Validity	Valid
usatoday.com R3	`2022-02-08` - `2022-05-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
try.abtasty.com Amazon	`2021-07-27` - `2022-08-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
dcinfos-cache.abtasty.com R3	`2022-01-28` - `2022-04-28`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-24` - `2022-02-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-10` - `2023-01-06`	a year	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2021-09-17` - `2022-10-19`	a year	crt.sh
*.collect.igodigital.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.sjv.io Sectigo RSA Domain Validation Secure Server CA	`2021-03-22` - `2022-04-21`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-24` - `2022-03-23`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-03-24` - `2022-03-23`	a year	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-13` - `2023-01-13`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
ariane.abtasty.com R3	`2022-01-26` - `2022-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
Frame ID: 529B10E35CE283FD1AA1A8D168C68EB4
Requests: 75 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 6982C513A31534AF0CBE5FA24850B89F
Requests: 24 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=83ed99d9-8377-45aa-ba76-e017d4d8e602
Frame ID: 1EADC9D797FF84EC05F908F81F303645
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 0B90F651DD4E9749BF3908351433ED15
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1644934985779&pnid=140&pcid=00f1f7a4-c786-4add-812a-ba6fb145f62d
Frame ID: B0E36C16BCBE3F24C5645B2F116F957A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Subscription Offers, Specials, and Discounts

Page URL History Show full URLs

https://cl.exct.net/?qs=a785ec11179647916b0e02703497f77618c5e42692e069f8884c74867a684e492257f7af... HTTP 302
https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

103
Requests

85 %
HTTPS

24 %
IPv6

42
Domains

53
Subdomains

39
IPs

1
Countries

1571 kB
Transfer

4405 kB
Size

54
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: http://www.usatoday.com/

Search URL Search Domain Scan URL

URL: https://login.usatoday.com/USAT-GUP/authenticate?success-url=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225
Title: Sign In

Search URL Search Domain Scan URL

URL: https://account.usatoday.com/
Title: Hi,

Search URL Search Domain Scan URL

URL: https://user.usatoday.com/USAT-GUP/user/logout/?return-url=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225
Title: Sign Out

Search URL Search Domain Scan URL

URL: https://subscribe.usatoday.com/checkoutflow?offer=W-C3&pid=7652&type=digital&gps-source=EXEMLP2UFSLU1&utm_source=exacttarget&utm_medium=email&utm_campaign=EXEMLP2UFSLU1-72903225

Search URL Search Domain Scan URL

URL: https://subscribe.usatoday.com/checkoutflow?offer=W-C3&pid=7651&type=digital&gps-source=EXEMLP2UFSLU1&utm_source=exacttarget&utm_medium=email&utm_campaign=EXEMLP2UFSLU1-72903225

Search URL Search Domain Scan URL

URL: https://subscribe.usatoday.com/checkoutflow?offer=W-C3&pid=3803552&type=print&gps-source=EXEMLP2UFSLU1&utm_source=exacttarget&utm_medium=email&utm_campaign=EXEMLP2UFSLU1-72903225

Search URL Search Domain Scan URL

URL: https://static.usatoday.com/mobile-apps/
Title: View our apps

Search URL Search Domain Scan URL

URL: https://user.usatoday.com/user/enewspaper/
Title: View eNewspaper

Search URL Search Domain Scan URL

URL: https://profile.usatoday.com/newsletters/manage/
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://login.usatoday.com/USAT-GUP-SAM-ACCTACT/authenticate/?authenticated-url=https%3A%2F%2Faccount.usatoday.com%2Flink%3Fnewauth%3DTrue%26onSuccessRedirectURL%3Dhttp%3A%2F%2Fwww.usatoday.com%2F
Title: ALREADY A SUBSCRIBER, BUT DON'T HAVE A LOGIN? Activate your digital access

Search URL Search Domain Scan URL

URL: https://chat.usatoday.com/
Title: NEED HELP? CHAT NOW

Search URL Search Domain Scan URL

URL: https://help.usatoday.com/
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cl.exct.net/?qs=a785ec11179647916b0e02703497f77618c5e42692e069f8884c74867a684e492257f7afd1e9f4bae14da4c96261447c00bbcee18f259b1e4c199ef7e58b37d8 HTTP 302
https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://sb.scorecardresearch.com/b?c1=2&c2=6035223&name=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&ns__t=1644941243113&ns_c=UTF-8&cv=3.5&c8=Subscription%20Offers%2C%20Specials%2C%20and%20Discounts&c7=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035223&name=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&ns__t=1644941243113&ns_c=UTF-8&cv=3.5&c8=Subscription%20Offers%2C%20Specials%2C%20and%20Discounts&c7=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&c9=

Request Chain 74

https://tr.snapchat.com/cm/s?pnid=140&cb=1644941243522 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1644934985779%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1644934985779%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1644934985779&pnid=140&pcid=00f1f7a4-c786-4add-812a-ba6fb145f62d

Request Chain 76

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3FnMVgxQ1A HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEEyL0ysdB3OnMaDLtyCzRZU&google_cver=1

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3FnMVgxQ1A HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJ8OVgQPkodAOQNBXaUq6xM&google_cver=1

Request Chain 79

https://stags.bluekai.com/site/26357?id=Oqg1X1CP&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOqg1X1CP%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
https://beacon.krxd.net/usermatch.gif?_kuid=Oqg1X1CP&partner=bluekai&bk_uuid=$_BK_UUID

Request Chain 82

https://ps.eyeota.net/match?bid=i0r4o4v&uid=Oqg1X1CP HTTP 302
https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=Oqg1X1CP

Request Chain 83

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID HTTP 302
https://beacon.krxd.net/usermatch.gif?adnxs_uid=8739849536602494545

Request Chain 84

https://ib.adnxs.com/mapuid?member_id=1780&user=Oqg1X1CP HTTP 307
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOqg1X1CP

Request Chain 87

https://usermatch.krxd.net/um/v2?partner=mediamath HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=Oqg1X1CP&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=8c62620b-cfbc-4000-8c2e-3045f1eb34e9

Request Chain 88

https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Oqg1X1CP

Request Chain 89

https://usermatch.krxd.net/um/v2?partner=amazon_na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=Oqg1X1CP&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=Oqg1X1CP&gdpr=0&dcc=t

Request Chain 91

https://sync.go.sonobi.com/usc.gif?https://beacon.krxd.net/usermatch.gif?partner=sonobi&partner_uid=[UID] HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=sonobi&partner_uid=31bebef0-eee4-4344-bef7-e6e1f1aa5d6d

Request Chain 93

https://usermatch.krxd.net/um/v2?partner=verizon HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=Oqg1X1CP HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-w4ZaffZE2puhq3VZYkbYahS7eKBv5v2d.A--~A

Request Chain 94

https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YgvPu8TRF7aag.yVoFlhNQAA%26557

Request Chain 95

https://px.surveywall-api.survata.com/k HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=survata&partner_uid=f62f4bb5-ec28-d8f7-c318-ec539cf880d8

Request Chain 97

https://usermatch.krxd.net/um/v2?partner=simplifi&gdpr=0 HTTP 302
https://um.simpli.fi/krux?kuid=Oqg1X1CP&gdpr=0 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=simplifi&partner_uid=C824844A0F5A4A9DBDA64438B1DDBE86

103 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request channeloffer Show response
cm.usatoday.com/
Redirect Chain

https://cl.exct.net/?qs=a785ec11179647916b0e02703497f77618c5e42692e069f8884c74867a684e492257f7afd1e9f4bae14da4c96261447c00bbcee18f259b1e4c199ef7e58b37d8
https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225

49 KB
12 KB

35ms
12ms

Document
text/html

151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4fbc242c0947e826aa88192372d935ef19826b6c0224464ac8ebcabdf8ac072b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=7200, stale-while-revalidate=7200
accept-ranges: bytes
date: Tue, 15 Feb 2022 16:07:22 GMT
age: 2196
x-abvariant: W-C3
x-cache: HIT
x-timer: S1644941242.376035,VS0,VE1
vary: Origin, Accept-Encoding,gnt_eid,X-AbVariant
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-length: 12017

Redirect headers

Content-Type: text/html; charset=utf-8
Location: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
Content-Length: 316
Expires: Tue, 15 Feb 2022 16:07:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 15 Feb 2022 16:07:22 GMT
Connection: keep-alive

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 71ms
20ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: cm.usatoday.com
URL: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 05:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Feb 2023 05:30:27 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 46ms
17ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 15 Feb 2022 16:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zadN1tnUFXNBOXe6vsJdDg==
age: 11035
vary: Accept-Encoding
content-length: 6456
x-ms-lease-status: unlocked
last-modified: Mon, 14 Feb 2022 20:23:09 GMT
server: cloudflare
etag: 0x8D9EFF7D142D80D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7c085628-101e-0102-0cf9-219c49000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ddfc9ed485c713e-YUL

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 50ms
21ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c020f54c248a55614e1dbe7002ac03e4a6ed263a6e9d460621b4894add76efcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 15 Feb 2022 16:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: kdqkvU4KECv4erbHaj7Yfg==
age: 10724
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 21 Dec 2021 17:26:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f2b9e0f7-501e-006c-1ca4-f67335000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6ddfc9ed485e713e-YUL

GET
H2 200 moment-with-locales.min.js Show response
cm.usatoday.com/node_modules/moment/min/ 345 KB
73 KB 13ms
12ms Script
text/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.usatoday.com/node_modules/moment/min/moment-with-locales.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1dea4239710130a1f91999a3d345b2a0c83ef418de660e94d834ff585a14e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
age: 43674
date: Tue, 15 Feb 2022 16:07:22 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: public, max-age=7200, stale-while-revalidate=7200
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1644941242.416644,VS0,VE1
content-length: 74595

GET
H2 200 moment-timezone-with-data.min.js Show response
cm.usatoday.com/node_modules/moment-timezone/builds/ 180 KB
27 KB 31ms
30ms Script
text/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.usatoday.com/node_modules/moment-timezone/builds/moment-timezone-with-data.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

31b9bea01ffef2e8f311eafdbbcdd944a12194fa216d8f54489e15a7188d47dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 05 Apr 2017 04:18:56 GMT
age: 43053
date: Tue, 15 Feb 2022 16:07:22 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: public, max-age=7200, stale-while-revalidate=7200
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1644941242.416842,VS0,VE2
content-length: 27453

GET
H2 200 fetch.umd.js Show response
cm.usatoday.com/node_modules/whatwg-fetch/dist/ 14 KB
4 KB 34ms
33ms Script
text/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.usatoday.com/node_modules/whatwg-fetch/dist/fetch.umd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9a0c4301b6e804a7a808eb69694ed08567605811ae9bef1d3f19c88e20bdec92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
age: 29384
date: Tue, 15 Feb 2022 16:07:22 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: public, max-age=7200, stale-while-revalidate=7200
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1644941242.416979,VS0,VE2
content-length: 3954

GET
H2 200 polyfill.min.js Show response
cm.usatoday.com/node_modules/promise-polyfill/dist/ 3 KB
1 KB 33ms
32ms Script
text/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.usatoday.com/node_modules/promise-polyfill/dist/polyfill.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8ee7479fa6c7392aa1840f78b8295acfed0f07a372d0d987eed2563a49938e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Sun, 12 Aug 2018 19:28:53 GMT
age: 34628
date: Tue, 15 Feb 2022 16:07:22 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: public, max-age=7200, stale-while-revalidate=7200
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1644941242.417372,VS0,VE1
content-length: 1168

GET
H2 200 polyfill.js Show response
cm.usatoday.com/node_modules/custom-event-polyfill/ 1 KB
799 B 35ms
34ms Script
text/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.usatoday.com/node_modules/custom-event-polyfill/polyfill.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a0b225188931108f495d6a291af4bbbadc9255d972690bbc60c2e6913699f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Fri, 27 Jul 2018 08:18:39 GMT
age: 21909
date: Tue, 15 Feb 2022 16:07:22 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=3600
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1644941242.417888,VS0,VE1
content-length: 652

GET
H2 200 url-search-params.js Show response
cm.usatoday.com/node_modules/url-search-params/build/ 7 KB
2 KB 34ms
33ms Script
text/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.usatoday.com/node_modules/url-search-params/build/url-search-params.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bc0e68d47465158820ae7d321bee9b286967967f5f5b18b84bd72fce8e8594ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
age: 21909
date: Tue, 15 Feb 2022 16:07:22 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=3600
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1644941242.417900,VS0,VE1
content-length: 2035

GET
H2 200 8b8431c55803cbf1363e80a44304c7dc.js Show response
try.abtasty.com/ 151 KB
43 KB 66ms
19ms Script
application/javascript 13.225.230.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/8b8431c55803cbf1363e80a44304c7dc.js
Requested by: Host: cm.usatoday.com
URL: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.230.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-7.jfk51.r.cloudfront.net
Software: CloudFront /
Resource Hash: c52d2c68897b2b9de0d741a9b09ed5b4f23c5cf3493910f2270ce7c183bc82d2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:28:02 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 14:25:00 GMT
server: CloudFront
age: 6133
etag: W/"4a5c78b862128b6b8a32cddac6555d3c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
cache-control: s-maxage=86400,max-age=30
x-amz-cf-pop: JFK51-C1
x-amz-cf-id: Eakabgm4PADUkKweLOENfhZtpg5qoFTyUchMPIpQs3TTe72h2pbHWA==

GET
H2 200 logo-default.svg
www.gannett-cdn.com/gannett-web/properties/usatoday/logos-and-branding/ 2 KB
2 KB 17ms
15ms Image
image/svg+xml 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/gannett-web/properties/usatoday/logos-and-branding/logo-default.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4993695f92f4e4c324f9540baa0478cb2fec43cbd86992974d33c2c4289066ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=NfvTuA==, md5=rixp6c7I+EFcD/KrijDFlQ==
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "ae2c69e9cec8f8415c0ff2ab8a30c595"
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 880776
x-amz-meta-goog-reserved-file-mtime: 1521817516
x-guploader-uploadid: ADPycdtgjFg8Q0fpXlNXFoxE5TYsvLOcY255a33oHYMUUpiAm_nbNA0c213TA6g3Kp4svq7G-cr2Ase7C7lBsDPhOcP2fIsj5A
x-cache: HIT, HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 1052
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5180-BWI, cache-iad-kiad7000140-IAD, cache-yul12833-YUL
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.261_19-cbe7e294a73aa71e8998d4313a5bf758
last-modified: Mon, 18 Feb 2019 22:02:27 GMT
server: UploadServer
x-timer: S1644941243.567337,VS0,VE1
date: Tue, 15 Feb 2022 16:07:22 GMT
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Tue, 07 Dec 2021 08:02:06 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2, 1

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
1 KB 50ms
18ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cm.usatoday.com/
Origin: https://cm.usatoday.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2493682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 591
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bOFZgR6Kertub2UaJ3b7K8PAK1rU7alWq0w4%2B2e%2FVt1j0ct8kc6pxe3QGQCJI%2FAxEv6TN4WtdEsdlP%2BfXohxGvr6oFJylkps4eRFZ%2FbiQowi5VbZJJJI7xZ%2FwW5q0CRObJ08YN8w6A6JGgZvHVG4j5o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ddfc9edaa26ecea-YUL
expires: Sun, 05 Feb 2023 16:07:22 GMT

GET
H2 200 offer-default.png
staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/ 7 KB
8 KB 16ms
14ms Image
image/png 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/offer-default.png
Requested by: Host: cm.usatoday.com
URL: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 79759fba4324b44884086263b681262191ccd9dc6634022db6f0c4b23e90c6ad

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:22 GMT
via: 1.1 varnish
age: 81373
x-amz-meta-goog-reserved-file-mtime: 1631212412
x-guploader-uploadid: ADPycdtkaSqm27aWrjNxIaPvfcPtrC2tlBjs0uFEJdIhvX1SCBi9d6rN-XYY31Gg8nNPdSWdayncRLjy1Z8uX3lGQoQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 7618
x-served-by: cache-yul12833-YUL
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 09 Sep 2021 18:33:59 GMT
server: UploadServer
x-timer: S1644941243.568151,VS0,VE0
etag: "c701e540ac8ce92a3742996fc2c284ea"
x-goog-hash: crc32c=80/vLQ==, md5=xwHlQKyM6So3QplvwsKE6g==
content-type: image/png
access-control-allow-origin: *
expires: Mon, 14 Feb 2022 17:31:09 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 89

GET
H2 200 benefits-1.png
staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/ 127 KB
128 KB 24ms
22ms Image
image/png 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/benefits-1.png
Requested by: Host: cm.usatoday.com
URL: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a6233fd94cfc29fa571fea33e7dc16418dd89e369d618866449faf76a5943746

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:22 GMT
via: 1.1 varnish
age: 81373
x-amz-meta-goog-reserved-file-mtime: 1631212413
x-guploader-uploadid: ADPycdvEQA4eyUg_3QW3YP0c5yosuU6AZhDUs62Fgg4m8qy1UE2XX5hvFO_kp1WSqf3z_CFdqtZYkGQkC896YfD5tyM
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 130419
x-served-by: cache-yul12833-YUL
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 09 Sep 2021 18:34:00 GMT
server: UploadServer
x-timer: S1644941243.568568,VS0,VE1
etag: "54bab8ff84ad0c7120eda80c143acea3"
x-goog-hash: crc32c=DXtxkA==, md5=VLq4/4StDHEg7agMFDrOow==
content-type: image/png
access-control-allow-origin: *
expires: Mon, 14 Feb 2022 17:31:09 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 benefits-2.png
staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/ 122 KB
123 KB 16ms
14ms Image
image/png 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/benefits-2.png
Requested by: Host: cm.usatoday.com
URL: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: df0b018622c8c31a9b7490cdc160369751f33a557d1346a67308bb04df5ee463

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:22 GMT
via: 1.1 varnish
age: 81373
x-amz-meta-goog-reserved-file-mtime: 1631212413
x-guploader-uploadid: ADPycdvcUX_aw2Hkb34vbkJlx7UCH1HNQQeP94HtiNnJ5MPaOeDslLzlEGerdTr4Ju6Dyewc7XyKnO7GZOA4R9aGgtE
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 125335
x-served-by: cache-yul12833-YUL
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 09 Sep 2021 18:34:00 GMT
server: UploadServer
x-timer: S1644941243.568206,VS0,VE0
etag: "8fb9488c7e44c03d21cb7393d831105f"
x-goog-hash: crc32c=Hx76XA==, md5=j7lIjH5EwD0hy3OT2DEQXw==
content-type: image/png
access-control-allow-origin: *
expires: Mon, 14 Feb 2022 17:31:09 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 benefits-3.png
staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/ 111 KB
112 KB 23ms
21ms Image
image/png 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/benefits-3.png
Requested by: Host: cm.usatoday.com
URL: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 784ae837d6e9e378b9ea968c162d63f5e89930ef939a5dca6b8e5701efcb6002

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:22 GMT
via: 1.1 varnish
age: 81373
x-amz-meta-goog-reserved-file-mtime: 1631212413
x-guploader-uploadid: ADPycds-nRDfjbvUxYzxo9b3VUjlqAGGK4EbrQmY8rIHdjhix3GcT8wCiI2v5-CDaJKAot0s1Mqx4Dpk3c2JGyo4HOM
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 113719
x-served-by: cache-yul12833-YUL
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 09 Sep 2021 18:34:00 GMT
server: UploadServer
x-timer: S1644941243.568551,VS0,VE0
etag: "29d3d0d7054803c6cf8d16cb04f03fcb"
x-goog-hash: crc32c=488c4g==, md5=KdPQ1wVIA8bPjRbLBPA/yw==
content-type: image/png
access-control-allow-origin: *
expires: Mon, 14 Feb 2022 17:31:10 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 benefits-4.png
staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/ 117 KB
117 KB 23ms
22ms Image
image/png 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/benefits-4.png
Requested by: Host: cm.usatoday.com
URL: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0f9487771b00549f6a2350d2649053e7f25f457fca025b65ebf9165353f6f2d6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:22 GMT
via: 1.1 varnish
age: 81372
x-amz-meta-goog-reserved-file-mtime: 1631212413
x-guploader-uploadid: ADPycduLyg-jeSxyrwcuyverUvEgA2rByLyEoTZf4SvC_5gDeX41ex5nrQ7V6udHAw7SnfV1zFW_3-ruOT5IWWpZ1tg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 119671
x-served-by: cache-yul12833-YUL
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 09 Sep 2021 18:34:01 GMT
server: UploadServer
x-timer: S1644941243.568532,VS0,VE0
etag: "56305e4c922cf783a10e6292f265fed2"
x-goog-hash: crc32c=fyvsgQ==, md5=VjBeTJIs94OhDmKS8mX+0g==
content-type: image/png
access-control-allow-origin: *
expires: Mon, 14 Feb 2022 17:31:09 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 9

GET
H2 200 main.js Show response
www.gannett-cdn.com/dcjs/prod/ 145 KB
45 KB 12ms
10ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/dcjs/prod/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6cf0f3beaa00e1aa949ad82c63c4f67d6b6043bfc06e97536564cb04595d6801

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=ndDZpg==, md5=F8FFHIk2kCkNtICsW7t0kQ==
date: Tue, 15 Feb 2022 16:07:22 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 3330
x-amz-meta-goog-reserved-file-mtime: 1644599473
x-guploader-uploadid: ADPycduxxv07n9gpkpUb1O2vWjUUayqPB3AZQPxX31ykKGbajFXyA9xZlM9hYGNQcU_zVFr4gb2t0y9rv85PiyRYqJg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 45755
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kcgs7200044-IAD, cache-yul12833-YUL
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.261_19-cbe7e294a73aa71e8998d4313a5bf758
last-modified: Fri, 11 Feb 2022 17:11:36 GMT
server: UploadServer
x-timer: S1644941243.511192,VS0,VE0
etag: "17c1451c893690290db480ac5bbb7491"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 15 Feb 2022 14:11:52 GMT
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 136

GET
H2 200 5eaec3d6-175d-498f-a6a7-ec66eb9b9673.json Show response
cdn.cookielaw.org/consent/5eaec3d6-175d-498f-a6a7-ec66eb9b9673/ 4 KB
2 KB 42ms
20ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5eaec3d6-175d-498f-a6a7-ec66eb9b9673/5eaec3d6-175d-498f-a6a7-ec66eb9b9673.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dad9cf09aef7927304c34d58fdf391b8e0ddcab2cbef4c8a6c8870c2aa128cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 15 Feb 2022 16:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: iaVwtYRhEM58NEGdzeeckA==
age: 7177
vary: Accept-Encoding
content-length: 1607
x-ms-lease-status: unlocked
last-modified: Fri, 04 Feb 2022 14:14:57 GMT
server: cloudflare
etag: 0x8D9E7E8B9404D8D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e71e0d94-b01e-00aa-14d1-190e09000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ddfc9edf886ca67-YUL
expires: Tue, 15 Feb 2022 20:07:22 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 166 B
374 B 54ms
24ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a280e864b87587efb0dad5227e1e3c55a72cc15ad6f1aa76766bb6128118ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:22 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6ddfc9ee3dedecfa-YUL

GET
H2 200 moment-with-locales.min.js
cm.usatoday.com/node_modules/moment/min/ 345 KB
73 KB 18ms
16ms Other
text/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.usatoday.com/node_modules/moment/min/moment-with-locales.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1dea4239710130a1f91999a3d345b2a0c83ef418de660e94d834ff585a14e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
age: 43674
date: Tue, 15 Feb 2022 16:07:22 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: public, max-age=7200, stale-while-revalidate=7200
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1644941243.585931,VS0,VE1
content-length: 74595

GET
H2 200 moment-timezone-with-data.min.js
cm.usatoday.com/node_modules/moment-timezone/builds/ 180 KB
27 KB 21ms
20ms Other
text/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.usatoday.com/node_modules/moment-timezone/builds/moment-timezone-with-data.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

31b9bea01ffef2e8f311eafdbbcdd944a12194fa216d8f54489e15a7188d47dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 05 Apr 2017 04:18:56 GMT
age: 43053
date: Tue, 15 Feb 2022 16:07:22 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: public, max-age=7200, stale-while-revalidate=7200
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1644941243.586212,VS0,VE0
content-length: 27453

GET
H2 200 fetch.umd.js
cm.usatoday.com/node_modules/whatwg-fetch/dist/ 14 KB
4 KB 23ms
23ms Other
text/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.usatoday.com/node_modules/whatwg-fetch/dist/fetch.umd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9a0c4301b6e804a7a808eb69694ed08567605811ae9bef1d3f19c88e20bdec92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
age: 29384
date: Tue, 15 Feb 2022 16:07:22 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: public, max-age=7200, stale-while-revalidate=7200
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1644941243.586688,VS0,VE0
content-length: 3954

GET
H2 200 polyfill.min.js
cm.usatoday.com/node_modules/promise-polyfill/dist/ 3 KB
1 KB 21ms
21ms Other
text/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.usatoday.com/node_modules/promise-polyfill/dist/polyfill.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8ee7479fa6c7392aa1840f78b8295acfed0f07a372d0d987eed2563a49938e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Sun, 12 Aug 2018 19:28:53 GMT
age: 34628
date: Tue, 15 Feb 2022 16:07:22 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: public, max-age=7200, stale-while-revalidate=7200
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1644941243.586313,VS0,VE0
content-length: 1168

GET
H2 200 UnifySans_W_Rg.woff2
staticassets.gannettdigital.com/gci-static-assets/assets/global/digital-renovation/fonts/ 16 KB
16 KB 37ms
14ms Font
application/octet-stream 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/digital-renovation/fonts/UnifySans_W_Rg.woff2
Requested by: Host: cm.usatoday.com
URL: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9

Request headers

Referer: https://cm.usatoday.com/
Origin: https://cm.usatoday.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:22 GMT
via: 1.1 varnish
age: 81525
x-amz-meta-goog-reserved-file-mtime: 1631212412
x-guploader-uploadid: ADPycdsgHyGNqdfp3Ywu2dBDDoV59u3WtmL76GiOQEXvPE4OpqVra7C3BSUzDz7wtbupUc_Vzn3HbHGn_2SyDXvghnkFYQ8h5w
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 16620
x-served-by: cache-yul12820-YUL
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 09 Sep 2021 18:33:48 GMT
server: UploadServer
x-timer: S1644941243.640334,VS0,VE0
etag: "3813aba0274244941c060a0cba29c5a2"
x-goog-hash: crc32c=0TAa6g==, md5=OBOroCdCRJQcBgoMuinFog==
content-type: application/octet-stream
access-control-allow-origin: *
expires: Mon, 14 Feb 2022 17:28:38 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 UnifySans_W_SBd.woff2
staticassets.gannettdigital.com/gci-static-assets/assets/global/digital-renovation/fonts/ 17 KB
18 KB 36ms
13ms Font
application/octet-stream 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/digital-renovation/fonts/UnifySans_W_SBd.woff2
Requested by: Host: cm.usatoday.com
URL: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a

Request headers

Referer: https://cm.usatoday.com/
Origin: https://cm.usatoday.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:22 GMT
via: 1.1 varnish
age: 81525
x-amz-meta-goog-reserved-file-mtime: 1631212412
x-guploader-uploadid: ADPycdsonZuXO_fvos4pPh_IeGy-tYvme5suJqTW9Ckv-S_TUUGyFcyWgXBEyeD3QMPdssjfIcePvztcSEdwv8B_sYup_ySN_A
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 17876
x-served-by: cache-yul12820-YUL
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 09 Sep 2021 18:33:48 GMT
server: UploadServer
x-timer: S1644941243.640457,VS0,VE0
etag: "eec61fc37ea7dff16e6503e33ab66949"
x-goog-hash: crc32c=p0JC6w==, md5=7sYfw36n3/FuZQPjOrZpSQ==
content-type: application/octet-stream
access-control-allow-origin: *
expires: Mon, 14 Feb 2022 17:28:37 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 157 B
434 B 51ms
29ms XHR
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74b1612d1cb16d432cfd6542a7efe8f9297f1197025e044b9e0d9fa8e54befab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://cm.usatoday.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:22 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6ddfc9eeab577145-YUL
access-control-allow-headers: Content-Type

GET
H2 200 USAT-TEALIUM-CMSP.json Show response
www.gannett-cdn.com/dcc/prod/ 41 KB
7 KB 11ms
11ms XHR
application/json 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/dcc/prod/USAT-TEALIUM-CMSP.json

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9d2013b9dee70b1e237c2da3d0e502da502a0f126914734b6464362bc1ae0d1d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=aISnNQ==, md5=c/8PYrliTeEAZqKPOE7U4g==
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "73ff0f62b9624de10066a28f384ed4e2"
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 3091
x-amz-meta-goog-reserved-file-mtime: 1644594441
x-guploader-uploadid: ADPycds9Hy-PVjwfvK7vq4sUwZUuGotejTbJxJPsyvaboW3-GOLbUY6Q8ZB2Ahfs8Jh6WPaF7EfdgQkAFDybOfulVfQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 6495
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kcgs7200109-IAD, cache-yul12820-YUL
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.261_19-cbe7e294a73aa71e8998d4313a5bf758
last-modified: Fri, 11 Feb 2022 16:01:48 GMT
server: UploadServer
x-timer: S1644941243.666236,VS0,VE0
date: Tue, 15 Feb 2022 16:07:22 GMT
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json
access-control-allow-origin: *
expires: Fri, 11 Feb 2022 16:03:16 GMT
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 61

GET
H2 200 / Show response
user.usatoday.com/USAT-GUP/user/ 971 B
2 KB 338ms
337ms Fetch
application/json 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://user.usatoday.com/USAT-GUP/user/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a96e26711777ea218cbcc77a70836de22121ea3922343f1ece80798ee7987522

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://login.usatoday.com/
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://login.usatoday.com/

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://login.usatoday.com/
via: 1.1 varnish
x-content-type-options: nosniff
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache: MISS
x-cache-hits: 0
content-length: 971
x-served-by: cache-yul12833-YUL
referrer-policy: same-origin
server: nginx
x-frame-options: ALLOW-FROM https://login.usatoday.com/
date: Tue, 15 Feb 2022 16:07:22 GMT
vary: Origin
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json
access-control-allow-origin: https://cm.usatoday.com
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
access-control-allow-credentials: true
accept-ranges: bytes
expires: Tue, 15 Feb 2022 16:07:22 GMT

GET
H2 200 white-chat-icon.png
staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/ 2 KB
2 KB 17ms
16ms Image
image/png 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/white-chat-icon.png
Requested by: Host: cm.usatoday.com
URL: https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a62238516566121bc6728cf24407e1705d43f61044ee02c5ffef99edb2a11e1e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:22 GMT
via: 1.1 varnish
age: 80425
x-amz-meta-goog-reserved-file-mtime: 1631212413
x-guploader-uploadid: ADPycdvxoJCvo_R4d0NtnlCIBz_EOt3ydHKhJ_p0dCbyjGLPi5_layL_AL5meRfvYF9NPTiQOEOoXFuvaLWGAiXpjtc
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 1849
x-served-by: cache-yul12833-YUL
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 09 Sep 2021 18:34:02 GMT
server: UploadServer
x-timer: S1644941243.697919,VS0,VE1
etag: "7f876d837b7424505e1e334ba6d1fe76"
x-goog-hash: crc32c=2gFSiA==, md5=f4dtg3t0JFBeHjNLptH+dg==
content-type: image/png
access-control-allow-origin: *
expires: Mon, 14 Feb 2022 17:46:57 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 analytics.9b88f3e28f8a23ecec21.js
try.abtasty.com/shared/ 0
9 KB 24ms
23ms Other
application/javascript 13.225.230.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/shared/analytics.9b88f3e28f8a23ecec21.js
Requested by: Host: try.abtasty.com
URL: https://try.abtasty.com/8b8431c55803cbf1363e80a44304c7dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.230.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-7.jfk51.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:51:38 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 14:50:12 GMT
server: CloudFront
age: 436545
etag: W/"ba0697439ce5ccde5cc78d99eacd630c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
cache-control: s-maxage=31536000,max-age=31536000
x-amz-cf-pop: JFK51-C1
x-amz-cf-id: 8Z4R-whsfBwz8EPlb1d2XGnil2R0it7vG4DNtS-5PaRPI9jA4DCLcA==

GET
H2 200 analytics.9b88f3e28f8a23ecec21.js Show response
try.abtasty.com/shared/ 33 KB
9 KB 18ms
18ms Script
application/javascript 13.225.230.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/shared/analytics.9b88f3e28f8a23ecec21.js
Requested by: Host: try.abtasty.com
URL: https://try.abtasty.com/8b8431c55803cbf1363e80a44304c7dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.230.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-7.jfk51.r.cloudfront.net
Software: CloudFront /
Resource Hash: 428d6044d1381e56c3e73ba1f8820e3286b96ab151a9fc1e614c6a1c34bc56b3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:51:38 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 14:50:12 GMT
server: CloudFront
age: 436545
etag: W/"ba0697439ce5ccde5cc78d99eacd630c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
cache-control: s-maxage=31536000,max-age=31536000
x-amz-cf-pop: JFK51-C1
x-amz-cf-id: S0DmvH3rTBGBmprH9u7x7DthYPDLFJ1TadE6OFjFH_IiuwTtnVISAg==

POST
H2 200 geoip Show response
dcinfos-cache.abtasty.com/v1/ 414 B
360 B 73ms
48ms Fetch
application/json 34.107.143.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dcinfos-cache.abtasty.com/v1/geoip

Requested by

Host: try.abtasty.com
URL: https://try.abtasty.com/8b8431c55803cbf1363e80a44304c7dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.143.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.143.107.34.bc.googleusercontent.com

Software

- /

Resource Hash

9178e6e0988fe06c13f2ecb0ef60c720635cf7d722388f7bb641dfcfb61b745d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cm.usatoday.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 15 Feb 2022 16:07:22 GMT
content-encoding: gzip
x-envoy-decorator-operation: -
age: 0
x-cache: miss uncacheable
x-restart: 0
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
access-control-allow-origin: *
server: -
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
via: 1.1 google
vary: Accept-Encoding
cache-control: private, max-age=600
accept-ranges: bytes

POST
H2 200 ua-parser Show response
dcinfos-cache.abtasty.com/v1/ 119 B
393 B 70ms
45ms Fetch
application/json 34.107.143.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dcinfos-cache.abtasty.com/v1/ua-parser

Requested by

Host: try.abtasty.com
URL: https://try.abtasty.com/8b8431c55803cbf1363e80a44304c7dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.143.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.143.107.34.bc.googleusercontent.com

Software

- /

Resource Hash

11e8806a9004505843075b79b36292b85f1d8c5c03316bf0a2e6fc02e58c38d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cm.usatoday.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 19:05:05 GMT
content-encoding: gzip
x-envoy-decorator-operation: -
age: 75737
x-cache: hit cached
x-restart: 0
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
access-control-allow-origin: *
server: -
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
via: 1.1 google
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.28.0/ 324 KB
77 KB 17ms
17ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.28.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

204a3299ddc67db6fd1836653ece6696c46f1b2d7fb7abcb4fe9132abe2b6612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 15 Feb 2022 16:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uLX5MH+Q3LyO9KMWLS7oIw==
age: 9910
vary: Accept-Encoding
content-length: 78871
x-ms-lease-status: unlocked
last-modified: Thu, 10 Feb 2022 10:47:32 GMT
server: cloudflare
etag: 0x8D9EC82BE23B55F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f2a7b00d-901e-003e-4071-1e6ec7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ddfc9ef2aab713e-YUL

GET
H2 200 p.js Show response
cdn.parsely.com/keys/usatoday.com/ 71 KB
25 KB 65ms
20ms Script
application/javascript 13.225.58.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/usatoday.com/p.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.58.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-58-39.ewr53.r.cloudfront.net
Software: nginx /
Resource Hash: 9d6ba6e6cbb253a4892d8d92c679cae1575a58ecebc0898657e46a779647e0a6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Feb 2022 22:33:15 GMT
content-encoding: gzip
last-modified: Wed, 12 May 2021 14:30:41 GMT
server: nginx
age: 63247
etag: W/"609be691-11d9d"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: yPXWeJgWFFU9JL7LPY590QzDw6JrOw0TNjtIT7cnQtLp5Ce5lriviw==
expires: Tue, 15 Feb 2022 22:33:15 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/5eaec3d6-175d-498f-a6a7-ec66eb9b9673/4fa301a2-8f58-4f01-a5a1-2b90b3215819/ 168 KB
27 KB 27ms
27ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5eaec3d6-175d-498f-a6a7-ec66eb9b9673/4fa301a2-8f58-4f01-a5a1-2b90b3215819/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.28.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79ecb97d0f7bceacce18a955d045c9f8b6b994038c5ac5b40dae272d8d98cc2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 15 Feb 2022 16:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: PPP8Y+zeS6ymXX1q1FQq6Q==
age: 7176
vary: Accept-Encoding
content-length: 27170
x-ms-lease-status: unlocked
last-modified: Fri, 04 Feb 2022 14:16:01 GMT
server: cloudflare
etag: 0x8D9E7E8DF3DB016
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 662530d5-801e-006e-14d1-1971cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ddfc9ef8a6fca67-YUL
expires: Tue, 15 Feb 2022 20:07:22 GMT

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.28.0/assets/ 20 KB
4 KB 21ms
21ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.28.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.28.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 15 Feb 2022 16:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 5513
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 10 Feb 2022 10:47:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 115a474e-301e-007c-168c-1e45d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6ddfc9effac2ca67-YUL

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 70ms
19ms Script
application/javascript 13.225.230.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.230.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-19.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 01:15:25 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 53522
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9936e6170e9ea67a9517d77d7f053dba.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
x-amz-cf-id: 2zSpsdkCMkbO9cNfcpJbBVMJuFNzbdtci5EBaESQkdcq1HBwNnt4Gw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 70ms
22ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: dafSR8jqcE8Drs9UPaS9BShGwXTNWNK8tTj7J3uSAo3nr80wE5di7k7BkCnq27uKypFUGKokWIQrbWywYU0bZw==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 15 Feb 2022 16:07:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 90ms
18ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6187
date: Tue, 15 Feb 2022 14:24:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 15 Feb 2022 16:24:16 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 143 KB
45 KB 91ms
20ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db8afdb483035e4336145db36463bdbf70bbfd8ed572e886a69a510d73d674ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 15:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45355
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 18:14:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 16:21:00 GMT

GET
H2 200 A2920824-78d2-4593-b257-ae490811f1a01.js Show response
d.impactradius-event.com/ 53 KB
16 KB 55ms
11ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A2920824-78d2-4593-b257-ae490811f1a01.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7a647a3fc1d78ff4542178884f5fcdcb93a3ecb998f57165e6da925329dbc867

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:02:40 GMT
content-encoding: gzip
age: 283
x-guploader-uploadid: ADPycdsxCqglzfma9q-QmjW20O5XtWL_qRWvBihX8wjkeTRhswqM-FgSWLGfzkb6SEKy1OKTbfh6_p91YsM2iTfOuT-saRVy1Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 15399
last-modified: Tue, 25 Jan 2022 20:28:00 GMT
server: UploadServer
etag: "7cb32ae42616f9335d4d4eb56e75d87b"
vary: Accept-Encoding
x-goog-hash: crc32c=IK0IRg==, md5=fLMq5CYW+TNdTU61bnXYew==
x-goog-generation: 1643142480185499
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 15399
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Tue, 15 Feb 2022 16:07:40 GMT

GET
H/1.1 200
OK ktag.js Show response
resources.xg4ken.com/js/v2/ 9 KB
4 KB 118ms
28ms Script
text/plain 34.198.46.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT%E2%80%90N2B92%E2%80%903EB

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.198.46.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-46-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8ce71286009524bf5abcb4493d1768e626310caa844c2f8807c766d0dc7878bd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 16:07:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Feb 2022 12:32:54 GMT
Server: nginx
ETag: "61fbcb76-dd7"
Content-Type: text/plain
Cache-Control: max-age=86400, public
Connection: keep-alive
Content-Length: 3543
X-XSS-Protection: 1; mode=block
Expires: Wed, 16 Feb 2022 16:07:23 GMT

GET
H2 200 collect.js Show response
10870841.collect.igodigital.com/ 9 KB
2 KB 99ms
39ms Script
application/javascript 52.86.94.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://10870841.collect.igodigital.com/collect.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.94.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-94-111.compute-1.amazonaws.com
Software: /
Resource Hash: 4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 18:44:20 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 suual7uwr.js Show response
cdn.krxd.net/controltag/ 38 KB
11 KB 46ms
10ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/suual7uwr.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c4581e1bbe7a6ead422937416202d588a71111b4889ec40fdf2ce09a73e86636

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Tue, 15 Feb 2022 16:07:23 GMT
via: 1.1 varnish, 1.1 varnish
age: 893
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 11059
x-served-by: config-service-a005-ash-prod.krxd.net, cache-iad-kcgs7200066-IAD, cache-yul12833-YUL
x-response-time: 1
x-do-esi: esi
x-timer: S1644941243.068433,VS0,VE0
etag: "4a904e523a52a6535434db00812b790c5b675da0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 2, 622

GET
H2 200 scevent.min.js Show response
sc-static.net/ 18 KB
7 KB 90ms
45ms Script
application/javascript 13.225.229.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.229.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-229-246.jfk51.r.cloudfront.net
Software: CloudFront /
Resource Hash: 86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: JFK51-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6867
via: 1.1 7a9ee72a0b48ca2cabd7b6a48922db46.cloudfront.net (CloudFront)
x-amz-cf-id: 3n2fyadXFXoMwZpQc50m1HK4uks4eo5KsC6_Fc2yWizdFmuK5D_M0w==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 60ms
17ms Script
application/javascript 199.232.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:34:56 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000056-IAD, cache-lga21944-LGA

GET
H2 200 activity;xsp=4391520;ord=USAT
pubads.g.doubleclick.net/ 42 B
635 B 135ms
85ms Image
image/gif 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4391520;ord=USAT?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 16:07:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 102ms
23ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1644941243019&plid=65947384&idsite=usatoday.com&url=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22userStatus%22%3A%22unauthenticated%22%2C%22userType%22%3A%22anonymous%22%2C%22sevenDayReturn%22%3Afalse%2C%22_conversion_type%22%3A%22custom%22%2C%22_conversion_label%22%3A%22Offer+Views%22%7D&tagManager=gciAnalytics%3Aprod%3A0.195.1%3AUSAT-TEALIUM-CMSP&sid=1&surl=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&sref=&sts=1644941242896&slts=0&title=Subscription+Offers%2C+Specials%2C+and+Discounts&date=Tue+Feb+15+2022+16%3A07%3A23+GMT%2B0000+(GMT)&action=conversion&u=pid%3D28a3466cfe9da9f194f17833a794c4b3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 16:07:23 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 15-Feb-2022 16:07:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 12ms
11ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/suual7uwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Tue, 15 Feb 2022 16:07:23 GMT
content-encoding: gzip
age: 17034553
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1648189
content-length: 84509
x-served-by: cache-yul12833-YUL
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1644941243.091034,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

POST
H2 200 14143 Show response
gannett.sjv.io/xur/ 46 B
501 B 58ms
30ms XHR
application/json 35.227.211.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gannett.sjv.io/xur/14143
Requested by: Host: d.impactradius-event.com
URL: https://d.impactradius-event.com/A2920824-78d2-4593-b257-ae490811f1a01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.211.136 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 136.211.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 9f185ef2e009bc8b02530a4bbbfbbd0426e45e5eb16824cf1ad8ba19ba41c656

Request headers

Referer: https://cm.usatoday.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 16:07:23 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin: https://cm.usatoday.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 15 Feb 2022 16:07:23 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035223&name=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Dem...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035223&name=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3De...

0
224 B

25ms
25ms

Image
text/plain

13.225.230.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035223&name=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&ns__t=1644941243113&ns_c=UTF-8&cv=3.5&c8=Subscription%20Offers%2C%20Specials%2C%20and%20Discounts&c7=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&c9=
Protocol: H2
Server: 13.225.230.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-19.jfk51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
via: 1.1 9936e6170e9ea67a9517d77d7f053dba.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: ddqgzJC-BWAWIc4nkvWntsAX7dvDAkR00dbEHj0EWYITjOe63tY1tA==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 15 Feb 2022 16:07:23 GMT
via: 1.1 9936e6170e9ea67a9517d77d7f053dba.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035223&name=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&ns__t=1644941243113&ns_c=UTF-8&cv=3.5&c8=Subscription%20Offers%2C%20Specials%2C%20and%20Discounts&c7=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&c9=
content-length: 607
x-amz-cf-id: CCwIQQkb8QC6aaq6RzGT4Fj779khGbQ4HqLgS4Iz3KYCtFQcRmZTcA==

GET
H2 200 1613278598987210 Show response
connect.facebook.net/signals/config/ 308 KB
88 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1613278598987210?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35198b9e249e64807e199afa0c5e2d12f658a62ca1af917485f7596fa28729da

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89506
x-xss-protection: 0
pragma: public
x-fb-debug: 3STd3IxlV/XgH4zu0a2FVGKJ0ppNNTn62wL0WfkWuFCneCRhSKl7+1cye1ix4zK5nCVYIvIv+7ietfnZ2GvdKw==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Tue, 15 Feb 2022 16:07:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
458 B 135ms
46ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o6it1&events=%5B%5B%22pageview%22%2C%7B%22currency%22%3A%22USD%22%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=a7be77de-61eb-444a-b561-5856994da080&tw_document_href=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 8
date: Tue, 15 Feb 2022 16:07:22 GMT
content-encoding: gzip
server: tsa_b
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: edcd1ad916b9350f9788bffad3baf1f927a670ee56fb09702e59f9596ee4c2ed
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
336 B 150ms
52ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o6it1&events=%5B%5B%22pageview%22%2C%7B%22currency%22%3A%22USD%22%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=a7be77de-61eb-444a-b561-5856994da080&tw_document_href=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 7
date: Tue, 15 Feb 2022 16:07:22 GMT
server: tsa_b
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 523cb918ba4fa61abb3e6d08c579b593f92eaacef8e11205c6e71e4c39ff2b57
content-length: 43

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 50ms
20ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 15:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 15 Feb 2022 16:12:09 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 6982 805 B
827 B 11ms
10ms Document
text/html 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 15 Feb 2022 16:07:23 GMT
via: 1.1 varnish
age: 21791763
x-served-by: cache-yul12833-YUL
x-cache: HIT
x-cache-hits: 570675
x-timer: S1644941243.204565,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 46 B
313 B 70ms
41ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=83ed99d9-8377-45aa-ba76-e017d4d8e602

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

0ff597340e3520ca2d7e3d89bb2f130667e05f7355b554d20f0005ac136344d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46

GET
H3 200 i Show response
tr.snapchat.com/cm/ Frame 1EAD 672 B
688 B 66ms
53ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=83ed99d9-8377-45aa-ba76-e017d4d8e602

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/

Response headers

server: nginx/1.17.3
date: Tue, 15 Feb 2022 16:07:23 GMT
content-type: text/html
content-length: 672
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 optout_check Show response
beacon.krxd.net/ 61 B
221 B 76ms
26ms Script
text/javascript 52.4.155.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.gannett.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-155-217.compute-1.amazonaws.com
Software: /
Resource Hash: 9e25b49c9c99e629a847d4b3407562674d25579662e228494cc89f9f31789665

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=84 t=1644941243
x-served-by: beacon-n030-ash-prod.krxd.net
content-type: text/javascript

GET
H2 200 e88225a2-3b7b-45e3-9cc2-a3130b91f0db Show response
consumer.krxd.net/consent/get/ 237 B
430 B 40ms
10ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/e88225a2-3b7b-45e3-9cc2-a3130b91f0db?idt=device&dt=kxcookie&callback=Krux.ns.gannett.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 208d4d3247c0b03ec9ef551ced347e1daf0ce627c391567940e2894212a24df7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
via: 1.1 varnish
age: 96
x-served-by: consumer-a013-ash-prod.krxd.net, cache-yul12825-YUL
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1644941243.364864,VS0,VE0
content-length: 192
x-cache-hits: 0, 2

POST
H2 200 / Show response
ariane.abtasty.com/ 43 B
420 B 72ms
44ms Fetch
image/gif 34.102.161.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ariane.abtasty.com/

Requested by

Host: try.abtasty.com
URL: https://try.abtasty.com/shared/analytics.9b88f3e28f8a23ecec21.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.161.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.161.102.34.bc.googleusercontent.com

Software

- /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cm.usatoday.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-decorator-operation: -
server: -
access-control-allow-headers: Content-Type,Origin,Accept,Set-Cookie,X-ABTasty-CrossDomain
date: Tue, 15 Feb 2022 16:07:23 GMT
access-control-allow-methods: GET,HEAD,POST
content-type: image/gif
access-control-allow-origin: https://cm.usatoday.com
cache-control: must-revalidate, no-cache, private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
via: 1.1 google

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 50ms
19ms Stylesheet
text/css 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 15:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 16:17:47 GMT

GET
H3 200 444277530343501 Show response
connect.facebook.net/signals/config/ 308 KB
87 KB 28ms
25ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/444277530343501?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d5450658a60866c8f550963b4ddf0b25cd2093ca2b6b5b508ae1902c2f3352b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89474
x-xss-protection: 0
pragma: public
x-fb-debug: O8uDeyK8iNRniZWVa5nVlxEYUKA0W9TEo+kiY16O6J6gQPIJHPYNDzmNe1lKkYEXirk7UuPRos0polsnaSoS6Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 15 Feb 2022 16:07:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 67ms
19ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1613278598987210&ev=ViewContent&dl=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&rl=&if=false&ts=1644941243397&cd[currency]=USD&cd[content_type]=product&cd[fbp]=&cd[external_id]=5bfc942c-8e79-11ec-ba41-3a61ae0e6772&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644941243394.1005493922&it=1644941243128&coo=false&eid=product-view-e157d28b-da32-47bf-aaa1-ed3d61a9051f&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 15 Feb 2022 16:07:23 GMT

POST
H3 200 p Show response
tr.snapchat.com/ Frame 0B90 0
14 B 51ms
50ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://cm.usatoday.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/

Response headers

server: nginx/1.17.3
date: Tue, 15 Feb 2022 16:07:23 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 36ms
35ms XHR
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=811453185&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&ul=en-us&de=UTF-8&dt=Subscription%20Offers%2C%20Specials%2C%20and%20Discounts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=subscribe&ea=subscription%20impression&el=from%3A%20%2Fchanneloffer&_u=aHBAAEIJEAAAAC~&jid=774160639&gjid=1862388981&cid=1129934809.1644941243&tid=UA-166840762-3&_gid=1943501429.1644941243&_r=1&_slc=1&cd166=1&cd5=4%3A00%20pm&cd6=0&cd25=Subscription%20Offers%2C%20Specials%2C%20and%20Discounts&cd58=&cd62=null&cd64=null&cd63=null&cd1=product-view&cd72=8&cd159=36&cd2=gciAnalytics%3Aprod%3A0.195.1%3AUSAT-TEALIUM-CMSP&cd3=0.195.1&cd76=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&cd45=desktop&cd49=cmsp&cd91=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&cd77=USAT-E&cd47=EXEMLP2UFSLU1&cd95=McLean%2C%20VA&cd68=VA&cd67=usatoday&cd43=&cd28=USAT&cd99=Gannett&cd162=A&cd79=USAT-TEALIUM-CMSP&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&cd4=5bfc942c-8e79-11ec-ba41-3a61ae0e6772&cd41=NA&cd11=na%7Canonymous%7Cna%7Cna%7Cna&cd165=na%7Canonymous%7Cna%7Cna%7Cna&cd169=000&cd170=000&cd40=1&cd160=null&cd42=null&cd8=unauthenticated&cd90=0&cd33=anonymous&cd7=1129934809.1644941243.87127104&cd44=1129934809.1644941243&pa=detail&il1pi1br=USA%20TODAY&il1pi1cd166=1&il1pi1cd5=4%3A00%20pm&il1pi1cd6=0&il1pi1cd25=Subscription%20Offers%2C%20Specials%2C%20and%20Discounts&il1pi1cd58=&il1pi1cd62=null&il1pi1cd64=null&il1pi1cd63=null&il1pi1cd1=product-view&il1pi1cd72=8&il1pi1cd159=36&il1pi1cd2=gciAnalytics%3Aprod%3A0.195.1%3AUSAT-TEALIUM-CMSP&il1pi1cd3=0.195.1&il1pi1cd76=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&il1pi1cd45=desktop&il1pi1cd49=cmsp&il1pi1cd91=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&il1pi1cd77=USAT-E&il1pi1cd47=EXEMLP2UFSLU1&il1pi1cd95=McLean%2C%20VA&il1pi1cd68=VA&il1pi1cd67=usatoday&il1pi1cd43=&il1pi1cd28=USAT&il1pi1cd99=Gannett&il1pi1cd162=A&il1pi1cd79=USAT-TEALIUM-CMSP&il1pi1cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&il1pi1cd4=5bfc942c-8e79-11ec-ba41-3a61ae0e6772&il1pi1cd41=NA&il1pi1cd11=na%7Canonymous%7Cna%7Cna%7Cna&il1pi1cd165=na%7Canonymous%7Cna%7Cna%7Cna&il1pi1cd169=000&il1pi1cd170=000&il1pi1cd40=1&il1pi1cd160=null&il1pi1cd42=null&il1pi1cd8=unauthenticated&il1pi1cd90=0&il1pi1cd33=anonymous&il1pi1cd7=1129934809.1644941243.87127104&il1pi1cd44=1129934809.1644941243&z=1118548933

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cm.usatoday.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 16:07:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cm.usatoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 suual7uwr.js Show response
cdn.krxd.net/controltag/ Frame 6982 38 KB
11 KB 12ms
10ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/suual7uwr.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c4581e1bbe7a6ead422937416202d588a71111b4889ec40fdf2ce09a73e86636

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Tue, 15 Feb 2022 16:07:23 GMT
via: 1.1 varnish, 1.1 varnish
age: 894
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 11059
x-served-by: config-service-a005-ash-prod.krxd.net, cache-iad-kcgs7200066-IAD, cache-yul12833-YUL
x-response-time: 1
x-do-esi: esi
x-timer: S1644941243.466772,VS0,VE0
etag: "4a904e523a52a6535434db00812b790c5b675da0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 2, 623

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 123ms
51ms XHR
text/plain 2607:f8b0:4023:1404::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-166840762-3&cid=1129934809.1644941243&jid=774160639&gjid=1862388981&_gid=1943501429.1644941243&_u=aHBAAEIIEAAAAC~&z=282608804

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cm.usatoday.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 15 Feb 2022 16:07:23 GMT
content-type: text/plain
access-control-allow-origin: https://cm.usatoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 319 B
463 B 13ms
13ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=e88225a2-3b7b-45e3-9cc2-a3130b91f0db&technographics=1&callback=Krux.ns.gannett.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ae373df001aea150fb77536379792bdd166c9d3f38c699aae364fa6f8ef9ce3f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Tue, 15 Feb 2022 16:07:23 GMT
content-encoding: gzip
age: 28
x-served-by: userdata-a017-ash-prod.krxd.net, cache-yul12833-YUL
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=3600
x-age: 0
accept-ranges: bytes
x-timer: S1644941244.500245,VS0,VE1
content-length: 249
x-cache-hits: 0, 1

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 1EAD 18 KB
7 KB 18ms
18ms Script
application/javascript 13.225.229.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=83ed99d9-8377-45aa-ba76-e017d4d8e602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.229.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-229-246.jfk51.r.cloudfront.net
Software: CloudFront /
Resource Hash: 86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 20:02:06 GMT
content-encoding: gzip
server: CloudFront
age: 72317
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: JFK51-C1
access-control-allow-headers: Content-Type
content-length: 6867
via: 1.1 7a9ee72a0b48ca2cabd7b6a48922db46.cloudfront.net (CloudFront)
x-amz-cf-id: XtkE3t2UALl5jIt12sH41iZjym2_laxFqVxHf467-ZzBrEB8hKaIOw==

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 39ms
19ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=444277530343501&ev=Universal_ViewContent&dl=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&rl=&if=false&ts=1644941243504&cd[currency]=USD&cd[content_type]=product&cd[fbp]=&cd[external_id]=5bfc942c-8e79-11ec-ba41-3a61ae0e6772&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644941243394.1005493922&it=1644941243128&coo=false&eid=product-view-e157d28b-da32-47bf-aaa1-ed3d61a9051f&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 15 Feb 2022 16:07:23 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 6982 259 KB
83 KB 11ms
11ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/suual7uwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Tue, 15 Feb 2022 16:07:23 GMT
content-encoding: gzip
age: 17034553
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1648191
content-length: 84509
x-served-by: cache-yul12833-YUL
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1644941244.513986,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame B0E3
Redirect Chain

https://tr.snapchat.com/cm/s?pnid=140&cb=1644941243522
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1644934985779%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1644934985779%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1644934985779&pnid=140&pcid=00f1f7a4-c786-4add-812a-ba6fb145f62d

0
15 B

55ms
54ms

Document
text/html

35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1644934985779&pnid=140&pcid=00f1f7a4-c786-4add-812a-ba6fb145f62d

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://tr.snapchat.com/

Response headers

server: nginx/1.17.3
date: Tue, 15 Feb 2022 16:07:23 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

date: Tue, 15 Feb 2022 16:07:23 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://tr.snapchat.com/cm/p?rand=1644934985779&pnid=140&pcid=00f1f7a4-c786-4add-812a-ba6fb145f62d
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 e88225a2-3b7b-45e3-9cc2-a3130b91f0db Show response
consumer.krxd.net/consent/get/ Frame 6982 222 B
302 B 29ms
28ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/e88225a2-3b7b-45e3-9cc2-a3130b91f0db?idt=device&dt=kxcookie&callback=Krux.ns.gannett.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 346b7de0f319b90fb929eb750bf47df6bb1aa7809769b497d46de3a1ff474f6a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a018-ash-prod.krxd.net, cache-yul12825-YUL
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1644941244.571734,VS0,VE19
content-length: 184
x-cache-hits: 0, 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6982
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3FnMVgxQ1A
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEEyL0ysdB3OnMaDLtyCzRZU&google_cver=1

0
337 B

23ms
23ms

Image
text/plain

52.4.155.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEEyL0ysdB3OnMaDLtyCzRZU&google_cver=1
Protocol: H2
Server: 52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-155-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1644941243
x-served-by: beacon-n032-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 16:07:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEEyL0ysdB3OnMaDLtyCzRZU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6982
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3FnMVgxQ1A
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJ8OVgQPkodAOQNBXaUq6xM&google_cver=1

0
337 B

24ms
23ms

Image
text/plain

52.4.155.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJ8OVgQPkodAOQNBXaUq6xM&google_cver=1
Protocol: H2
Server: 52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-155-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=39 t=1644941243
x-served-by: beacon-n030-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 16:07:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJ8OVgQPkodAOQNBXaUq6xM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame 6982 42 B
447 B 67ms
41ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=Oqg1X1CP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 16:07:23 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6982
Redirect Chain

https://stags.bluekai.com/site/26357?id=Oqg1X1CP&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOqg1X1CP%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
https://beacon.krxd.net/usermatch.gif?_kuid=Oqg1X1CP&partner=bluekai&bk_uuid=$_BK_UUID

0
337 B

23ms
23ms

Image
text/plain

52.4.155.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?_kuid=Oqg1X1CP&partner=bluekai&bk_uuid=$_BK_UUID
Protocol: H2
Server: 52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-155-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=21 t=1644941243
x-served-by: beacon-n029-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?_kuid=Oqg1X1CP&partner=bluekai&bk_uuid=$_BK_UUID
Date: Tue, 15 Feb 2022 16:07:23 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 204 load
loadm.exelator.com/ Frame 6982 0
324 B 82ms
27ms Image
text/plain 52.0.156.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load?_kdpid=e4942ff0-4070-4896-a7ef-e6a5a30ce9f9&buid=Oqg1X1CP&p=204&g=270&j=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-156-250.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 p
sb.scorecardresearch.com/ Frame 6982 64 B
442 B 58ms
55ms Image
image/gif 13.225.230.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=Oqg1X1CP&rn=1644941244
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.230.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-19.jfk51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
via: 1.1 9936e6170e9ea67a9517d77d7f053dba.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 1hN_qIVyN1DOyppCNklXbdPmRd3o0j_MgUHAG5woLXHHvhqHt1ZyLA==

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 6982
Redirect Chain

https://ps.eyeota.net/match?bid=i0r4o4v&uid=Oqg1X1CP
https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=Oqg1X1CP

70 B
440 B

26ms
24ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=Oqg1X1CP
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 16:07:23 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?bid=i0r4o4v&uid=Oqg1X1CP
Date: Tue, 15 Feb 2022 16:07:23 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6982
Redirect Chain

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID
https://beacon.krxd.net/usermatch.gif?adnxs_uid=8739849536602494545

0
337 B

23ms
23ms

Image
text/plain

52.4.155.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?adnxs_uid=8739849536602494545
Protocol: H2
Server: 52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-155-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1644941243
x-served-by: beacon-n028-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 16:07:23 GMT
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 555.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 805ce4c7-4e6f-451d-925e-46dd708e0e69
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://beacon.krxd.net/usermatch.gif?adnxs_uid=8739849536602494545
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 6982
Redirect Chain

https://ib.adnxs.com/mapuid?member_id=1780&user=Oqg1X1CP
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOqg1X1CP

43 B
834 B

31ms
30ms

Image
image/gif

68.67.181.202
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOqg1X1CP

Protocol

HTTP/1.1

Server

68.67.181.202 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 16:07:23 GMT
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 555.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 2ecacae2-1820-46d5-b319-cad66936f895
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 16:07:23 GMT
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 555.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 4d0d4d3f-fa62-4441-b98f-de6e77378dc6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOqg1X1CP
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 96ms
43ms Image
image/gif 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-166840762-3&cid=1129934809.1644941243&jid=774160639&_u=aHBAAEIIEAAAAC~&z=159596781

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 16:07:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 96ms
44ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-166840762-3&cid=1129934809.1644941243&jid=774160639&_u=aHBAAEIIEAAAAC~&z=159596781

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 16:07:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6982
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=mediamath
https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=Oqg1X1CP&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D
https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=8c62620b-cfbc-4000-8c2e-3045f1eb34e9

0
337 B

24ms
23ms

Image
text/plain

52.4.155.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=8c62620b-cfbc-4000-8c2e-3045f1eb34e9
Protocol: H2
Server: 52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-155-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=18 t=1644941243
x-served-by: beacon-n023-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Tue, 15 Feb 2022 16:07:23 GMT
Server: MT3 4133 baa842e master ord-pixel-x8 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=8c62620b-cfbc-4000-8c2e-3045f1eb34e9
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 15 Feb 2022 16:07:22 GMT

GET
H2

200

g.js
aa.agkn.com/adscores/ Frame 6982
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=neustar
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Oqg1X1CP

43 B
656 B

138ms
97ms

Image
image/gif

13.225.230.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Oqg1X1CP
Protocol: H2
Server: 13.225.230.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-230-56.jfk51.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 16:07:23 GMT
via: 1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: JFK51-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: LLvZ6iAXHNWLNDpmTRgiR2k2NDOSBf_Kmx97mUNUe64kNbuuN0rSIw==
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Oqg1X1CP
date: Tue, 15 Feb 2022 16:07:23 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a015-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 6982
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=amazon_na&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=Oqg1X1CP&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=Oqg1X1CP&gdpr=0&dcc=t

43 B
932 B

46ms
46ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=Oqg1X1CP&gdpr=0&dcc=t

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 16:07:23 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TG4AAATQDTM6QTR8Y3S6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 16:07:23 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6Q8B52GB1VRWDEK2RT3X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=Oqg1X1CP&gdpr=0&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 6982 0
655 B 108ms
24ms Image
text/plain 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6982
Redirect Chain

https://sync.go.sonobi.com/usc.gif?https://beacon.krxd.net/usermatch.gif?partner=sonobi&partner_uid=[UID]
https://beacon.krxd.net/usermatch.gif?partner=sonobi&partner_uid=31bebef0-eee4-4344-bef7-e6e1f1aa5d6d

0
337 B

23ms
23ms

Image
text/plain

52.4.155.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=sonobi&partner_uid=31bebef0-eee4-4344-bef7-e6e1f1aa5d6d
Protocol: H2
Server: 52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-155-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=22 t=1644941243
x-served-by: beacon-n026-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 16:07:23 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-79
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://beacon.krxd.net/usermatch.gif?partner=sonobi&partner_uid=31bebef0-eee4-4344-bef7-e6e1f1aa5d6d
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 6982 43 B
118 B 54ms
53ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=Oqg1X1CP&p_id=10623

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 7
date: Tue, 15 Feb 2022 16:07:23 GMT
server: tsa_b
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: edcd1ad916b9350f9788bffad3baf1f927a670ee56fb09702e59f9596ee4c2ed
content-length: 43

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6982
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=verizon
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=Oqg1X1CP
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-w4ZaffZE2puhq3VZYkbYahS7eKBv5v2d.A--~A

0
337 B

25ms
24ms

Image
text/plain

52.4.155.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-w4ZaffZE2puhq3VZYkbYahS7eKBv5v2d.A--~A
Protocol: H2
Server: 52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-155-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=26 t=1644941243
x-served-by: beacon-n002-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Tue, 15 Feb 2022 16:07:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-w4ZaffZE2puhq3VZYkbYahS7eKBv5v2d.A--~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6982
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YgvPu8TRF7aag.yVoFlhNQAA%26557

0
337 B

24ms
23ms

Image
text/plain

52.4.155.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YgvPu8TRF7aag.yVoFlhNQAA%26557
Protocol: H2
Server: 52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-155-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=23 t=1644941243
x-served-by: beacon-n011-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 16:07:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YgvPu8TRF7aag.yVoFlhNQAA%26557
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 283
Expires: Tue, 15 Feb 2022 16:07:23 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6982
Redirect Chain

https://px.surveywall-api.survata.com/k
https://beacon.krxd.net/usermatch.gif?partner=survata&partner_uid=f62f4bb5-ec28-d8f7-c318-ec539cf880d8

0
337 B

26ms
24ms

Image
text/plain

52.4.155.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=survata&partner_uid=f62f4bb5-ec28-d8f7-c318-ec539cf880d8
Protocol: H2
Server: 52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-155-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1644941243
x-served-by: beacon-n034-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Tue, 15 Feb 2022 16:07:23 GMT
ETag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Server: nginx/1.19.2
X-Powered-By: Express
Content-Type: image/gif; charset=utf-8
Location: https://beacon.krxd.net/usermatch.gif?partner=survata&partner_uid=f62f4bb5-ec28-d8f7-c318-ec539cf880d8
Referer: px.surveywall-api.survata.com, px.surveywall-api.survata.com, px.surveywall-api.survata.com
Connection: keep-alive
Content-Length: 0

GET
H2 204 /
loadus.exelator.com/load/ Frame 6982 0
324 B 27ms
26ms Image
text/plain 52.0.156.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?_kdpid=e4942ff0-4070-4896-a7ef-e6a5a30ce9f9&buid=Oqg1X1CP&p=204&g=270&j=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-156-250.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6982
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=simplifi&gdpr=0
https://um.simpli.fi/krux?kuid=Oqg1X1CP&gdpr=0
https://beacon.krxd.net/usermatch.gif?partner=simplifi&partner_uid=C824844A0F5A4A9DBDA64438B1DDBE86

0
337 B

23ms
23ms

Image
text/plain

52.4.155.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=simplifi&partner_uid=C824844A0F5A4A9DBDA64438B1DDBE86
Protocol: H2
Server: 52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-155-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=25 t=1644941243
x-served-by: beacon-n006-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Tue, 15 Feb 2022 16:07:23 GMT
x-content-type-options: nosniff
server: nginx
location: https://beacon.krxd.net/usermatch.gif?partner=simplifi&partner_uid=C824844A0F5A4A9DBDA64438B1DDBE86
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 14 Feb 2022 16:07:23 GMT

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 24ms
23ms Image
text/plain 52.4.155.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=user_data_timeout&confid=suual7uwr&_kpid=e88225a2-3b7b-45e3-9cc2-a3130b91f0db&_kcp_s=USATODAY.com-Web&_kcp_d=cm.usatoday.com&_knifr=2&_kua_kx_tz=0&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_web_user_anonymous_id=5bfc942c-8e79-11ec-ba41-3a61ae0e6772&_kua_web_user_meter_state=na%7Canonymous%7Cna%7Cna%7Cna&_kua_web_user_status=unauthenticated&_kua_kx_whistle=0&_kpa_kx_context_terms=MBjJ-R3u%3A1&_kpa_url_path_1=channeloffer&_kpa_domain=usatoday.com&_kpa_utm_source=exacttarget&_kpa_utm_medium=email&_kpa_utm_campaign=EXEMLP2UFSLU1-72903225&_kpa_web_content_headline=Subscription%20Offers%2C%20Specials%2C%20and%20Discounts&_kpa_web_page_publishing_group=usatoday&_kpa_web_page_experience_type=desktop&_kpa_web_page_domain=cm.usatoday.com&_kpa_web_page_analytics_implementation=gciAnalytics%3Aprod%3A0.195.1%3AUSAT-TEALIUM-CMSP&_kpa_web_page_experience_version=cmsp&_kpa_web_user_anonymous_id=5bfc942c-8e79-11ec-ba41-3a61ae0e6772&_kpa_web_user_type=anonymous&t_navigation_type=0&t_dns=0&t_tcp=23&t_http_request=-1&t_http_response=1&t_content_ready=483&t_window_load=730&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=false&sview=1&kplt0=44647&kplt1=33512&kplt2=33513&kplt3=34784&jsonp_requests=https%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C151%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2Fe88225a2-3b7b-45e3-9cc2-a3130b91f0db%2C125%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-155-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=82 t=1644941243
x-served-by: beacon-n039-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 19ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1613278598987210&ev=Microdata&dl=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&rl=&if=false&ts=1644941243907&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Subscription%20Offers%2C%20Specials%2C%20and%20Discounts%22%2C%22meta%3Adescription%22%3A%22Huge%20savings%3A%20don%27t%20miss%20these%20special%20subscription%20offers.%20Subscribe%20to%20%20today%20to%20get%20delivery%20of%20the%20print%20edition%2C%20the%20eNewspaper%2C%20or%20an%20ad-free%20digital%20subscription.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Special%20Subscription%20Offers%22%2C%22og%3Adescription%22%3A%22Huge%20Savings%3A%20Subscribe%20today%20to%20enjoy%20sports%2C%20entertainment%2C%20life%2C%20money%2C%20tech%2C%20and%20travel%20news%20along%20with%20videos%2C%20apps%2C%20and%20more.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fatoms.gannettdigital.com%2Fatoms-configs%2Fstatic%2Fcampaigns%2Fonsite_generic.png%3Ft%3D1644939046%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3FbarBuild%3Datoms-pid%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22isPartOf%22%3A%7B%22%40type%22%3A%5B%22ProductFODs%22%5D%2C%22name%22%3A%22usatoday%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644941243394.1005493922&it=1644941243128&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 15 Feb 2022 16:07:23 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 18ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=444277530343501&ev=Microdata&dl=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&rl=&if=false&ts=1644941244006&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Subscription%20Offers%2C%20Specials%2C%20and%20Discounts%22%2C%22meta%3Adescription%22%3A%22Huge%20savings%3A%20don%27t%20miss%20these%20special%20subscription%20offers.%20Subscribe%20to%20%20today%20to%20get%20delivery%20of%20the%20print%20edition%2C%20the%20eNewspaper%2C%20or%20an%20ad-free%20digital%20subscription.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Special%20Subscription%20Offers%22%2C%22og%3Adescription%22%3A%22Huge%20Savings%3A%20Subscribe%20today%20to%20enjoy%20sports%2C%20entertainment%2C%20life%2C%20money%2C%20tech%2C%20and%20travel%20news%20along%20with%20videos%2C%20apps%2C%20and%20more.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fatoms.gannettdigital.com%2Fatoms-configs%2Fstatic%2Fcampaigns%2Fonsite_generic.png%3Ft%3D1644939046%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3FbarBuild%3Datoms-pid%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22isPartOf%22%3A%7B%22%40type%22%3A%5B%22ProductFODs%22%5D%2C%22name%22%3A%22usatoday%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644941243394.1005493922&it=1644941243128&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 15 Feb 2022 16:07:24 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 80 B
239 B 24ms
23ms Script
text/javascript 52.4.155.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.gannett.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-155-217.compute-1.amazonaws.com
Software: /
Resource Hash: 48f0866f885da705492bde53ce15050b400f626cdad0ec136f91f8bf268b7129

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cm.usatoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:24 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=32 t=1644941244
x-served-by: beacon-n007-ash-prod.krxd.net
content-type: text/javascript

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 00:57:07	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.usatoday.com/	1970-01-20 09:41:17	Name: gnt_ub Value: 36
.usatoday.com/	1970-01-20 09:41:17	Name: gnt_sb Value: 8
.usatoday.com/	1970-01-20 00:56:02	Name: gnt_cz Value: h3g 0a1
.usatoday.com/	1970-01-20 00:56:02	Name: gnt_cc Value: montreal
cm.usatoday.com/	1970-01-20 09:41:17	Name: usprivacy Value: 1---
.usatoday.com/	1970-01-20 10:14:24	Name: ABTasty Value: uid=xt70vxgb5r3tm10j&fst=1644941242731&pst=-1&cst=1644941242731&ns=1&pvt=1&pvis=1&th=
.usatoday.com/	1970-01-20 00:55:43	Name: ABTastySession Value: mrasn=&sen=0&lp=https%253A%252F%252Fcm.usatoday.com%252Fchanneloffer%253Foffer%253DW-C3%2526bar%253Dtop%2526barBuild%253Datoms-pid%2526gps-source%253DEXEMLP2UFSLU1%2526utm_medium%253Demail%2526utm_source%253Dexacttarget%2526utm_campaign%253DEXEMLP2UFSLU1-72903225
.usatoday.com/	1970-01-20 00:55:43	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://cm.usatoday.com/channeloffer?offer=W-C3&bar=top&barBuild=atoms-pid&gps-source=EXEMLP2UFSLU1&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP2UFSLU1-72903225%22%2C%22sref%22:%22%22%2C%22sts%22:1644941242896%2C%22slts%22:0}
.usatoday.com/	1970-01-20 00:57:07	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+Feb+15+2022+16%3A07%3A22+GMT%2B0000+(GMT)&version=6.28.0&hosts=&landingPath=https%3A%2F%2Fcm.usatoday.com%2Fchanneloffer%3Foffer%3DW-C3%26bar%3Dtop%26barBuild%3Datoms-pid%26gps-source%3DEXEMLP2UFSLU1%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP2UFSLU1-72903225&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1%2C5%3A1
.usatoday.com/	1970-01-20 09:41:17	Name: gup_lng Value: %7B%22ret-usr%22%3A%20false%2C%20%22ret-sub%22%3A%20false%2C%20%22auth%22%3A%20false%2C%20%22name%22%3A%20%22%22%2C%20%22hma%22%3A%20false%2C%20%22lic%22%3A%20%22none%22%2C%20%22lpf%22%3A%20false%2C%20%22pjwt%22%3A%20null%2C%20%22updated%22%3A%201644941242%2C%20%223PID%22%3A%20null%2C%20%22ips%22%3A%20false%7D
.usatoday.com/	1970-01-20 09:41:17	Name: gup_anonid Value: 5bfc942c-8e79-11ec-ba41-3a61ae0e6772
.usatoday.com/	1970-01-20 09:41:17	Name: gup_clientid Value: 5c23ae4a-8e79-11ec-ba41-3a61ae0e6772
.usatoday.com/	1970-01-20 10:25:05	Name: _parsely_visitor Value: {%22id%22:%22pid=28a3466cfe9da9f194f17833a794c4b3%22%2C%22session_count%22:1%2C%22last_session_ts%22:1644941242896}
.usatoday.com/	1969-12-31 23:59:59	Name: IR_gbd Value: usatoday.com
.usatoday.com/	1969-12-31 23:59:59	Name: IR_14143 Value: 1644941243085%7C0%7C1644941243085%7C%7C
.usatoday.com/	1970-01-20 18:26:53	Name: _ga Value: GA1.2.1129934809.1644941243
.usatoday.com/	1970-01-20 00:57:07	Name: _gid Value: GA1.2.1943501429.1644941243
.sjv.io/	1970-01-20 18:12:29	Name: brwsr Value: 25b3403f-89d6-34a1-9556-a6056faaefed
.twitter.com/	1970-01-20 18:26:53	Name: personalization_id Value: "v1_2W3+rQhSd9O0Es0kTR1LQA=="
.usatoday.com/	1970-01-20 18:12:29	Name: IR_PI Value: 25b3403f-89d6-34a1-9556-a6056faaefed%7C1645027643085
.t.co/	1970-01-20 18:26:53	Name: muc_ads Value: c6a9c1ef-dffa-4bad-90b3-25505976185d
.scorecardresearch.com/	1970-01-20 18:12:29	Name: UID Value: 184d7f889b3b46e445c44c01644941243
.usatoday.com/	1970-01-20 10:25:27	Name: _scid Value: 1de13f27-fb8d-4500-862a-c101d0db858f
.usatoday.com/	1970-01-20 03:05:17	Name: _fbp Value: fb.1.1644941243394.1005493922
.usatoday.com/	1970-01-20 00:55:41	Name: _gat_gciAnalytics Value: 1
.facebook.com/	1970-01-20 03:05:17	Name: fr Value: 0K0lPj06jNw3aFrHv..BiC8-7...1.0.BiC8-7.
.krxd.net/	1970-01-20 05:14:53	Name: _kuid_ Value: Oqg1X1CP
.snapchat.com/	1970-01-20 10:17:17	Name: sc_at Value: v2\|H4sIAAAAAAAAAEXHyxHAIAgFwIqY4fNASDdxlCpSfLx52+3IrOWT1judUM5UZqC06KG9ocM+AT8SQEEUp5f8A8LJoSZAAAAA
.tapad.com/	1970-01-20 02:22:05	Name: TapAd_TS Value: 1644941243631
.tapad.com/	1970-01-20 02:22:05	Name: TapAd_DID Value: 00f1f7a4-c786-4add-812a-ba6fb145f62d
.adnxs.com/	1970-01-20 03:05:17	Name: uuid2 Value: 8739849536602494545
.rlcdn.com/	1970-01-20 09:41:17	Name: rlas3 Value: X2ehsIz/KCAlT232gkDP5mAp1kHHltPhX/Lm1Dl0sY8=
.rlcdn.com/	1970-01-20 02:22:05	Name: pxrc Value: CAA=
.tapad.com/	1970-01-20 02:22:05	Name: TapAd_3WAY_SYNCS Value:
.eyeota.net/	1970-01-20 09:41:17	Name: mako_uid Value: 17efe23753f-4e6e0000010a54af
.eyeota.net/	1970-01-20 00:55:41	Name: SERVERID Value: 21679~DM
.doubleclick.net/	1970-01-20 18:26:53	Name: IDE Value: AHWqTUltfG5O3IoX_mQKgrdgXOoDOQB7-OfLuCJlZFuYCt6PUEA0jWRggHKRPTrMT8k
.usatoday.com/	1970-01-20 10:25:27	Name: _sctr Value: 1\|1644883200000
.yahoo.com/	1970-01-20 09:41:38	Name: A3 Value: d=AQABBLvPC2ICEG7t4tzzeUy2NmMq_60dwc8FEgEBAQEhDWIVYgAAAAAA_SMAAA&S=AQAAAuhynk2gP4z6lPCYe84pjRs
.rubiconproject.com/	1970-01-20 09:41:17	Name: khaos Value: KZOBJMVB-X-3C39
.rubiconproject.com/	1970-01-20 09:41:17	Name: audit Value: 1\|hJ2NJVh68LXvkxa4IDEwuT7C0sEHtzUO1KCNsmtxyCvWaDs14xzbSIqkWa3xTbRUwVgyGKHJk5HyUhTWCqUS/AtWHY0oWVNXfjgahGw1TOp+Ylvr8FiasDFKKYn9IV3zFEGIyct6fgrfywGsYkrIgA==
.go.sonobi.com/	1970-01-20 01:38:53	Name: __uis Value: 31bebef0-eee4-4344-bef7-e6e1f1aa5d6d
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8759\|YgvPu
.surveywall-api.survata.com/	1970-01-20 05:16:19	Name: svResp Value: f62f4bb5-ec28-d8f7-c318-ec539cf880d8
.casalemedia.com/	1970-01-20 09:41:17	Name: CMID Value: YgvPu8TRF7aag.yVoFlhNQAA
.casalemedia.com/	1970-01-20 03:05:17	Name: CMPS Value: 465
.mathtag.com/	1970-01-20 10:21:36	Name: uuid Value: 8c62620b-cfbc-4000-8c2e-3045f1eb34e9
.agkn.com/	1970-01-20 09:41:17	Name: ab Value: 0001%3A%2FpG6xPXWqWvuB0TxufvglL3B6GHnSgk7
.amazon-adsystem.com/	1970-01-20 06:24:00	Name: ad-id Value: A14BTgBzJUkWt6-eGLFGPB0
.amazon-adsystem.com/	1970-01-21 21:49:55	Name: ad-privacy Value: 0
.casalemedia.com/	1970-01-20 03:05:17	Name: CMPRO Value: 557
.casalemedia.com/	1970-01-20 00:57:07	Name: CMST Value: YgvPu2ILz7sA
.simpli.fi/	1970-01-20 09:42:43	Name: suid Value: C824844A0F5A4A9DBDA64438B1DDBE86

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10870841.collect.igodigital.com
aa.agkn.com
ajax.googleapis.com
analytics.twitter.com
ariane.abtasty.com
beacon.krxd.net
cdn.cookielaw.org
cdn.krxd.net
cdn.parsely.com
cdnjs.cloudflare.com
cl.exct.net
cm.g.doubleclick.net
cm.usatoday.com
cms.analytics.yahoo.com
connect.facebook.net
consumer.krxd.net
d.impactradius-event.com
dcinfos-cache.abtasty.com
gannett.sjv.io
geolocation.onetrust.com
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
loadus.exelator.com
news.google.com
p1.parsely.com
pixel.tapad.com
ps.eyeota.net
pubads.g.doubleclick.net
px.surveywall-api.survata.com
resources.xg4ken.com
s.amazon-adsystem.com
sb.scorecardresearch.com
sc-static.net
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
staticassets.gannettdigital.com
stats.g.doubleclick.net
sync.go.sonobi.com
sync.mathtag.com
t.co
token.rubiconproject.com
tr.snapchat.com
try.abtasty.com
um.simpli.fi
user.usatoday.com
usermatch.krxd.net
www.facebook.com
www.gannett-cdn.com
www.google-analytics.com
www.google.ca
www.google.com
104.244.42.131
104.244.42.69
107.178.246.49
13.225.229.246
13.225.230.19
13.225.230.56
13.225.230.7
13.225.58.39
142.251.40.130
142.251.40.226
151.101.2.133
151.101.2.62
151.101.66.133
151.101.66.62
173.223.56.123
199.232.36.157
209.54.180.144
216.200.232.249
23.54.68.240
2600:1400:d:5a2::416d
2606:4700:10::6814:b844
2606:4700::6810:135e
2606:4700::6810:9540
2607:f8b0:4006:80d::200e
2607:f8b0:4006:81c::200e
2607:f8b0:4006:821::200a
2607:f8b0:4006:823::2004
2607:f8b0:4006:824::2003
2607:f8b0:4023:1404::9a
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.230.62.22
34.102.161.46
34.107.143.101
34.198.46.170
34.206.33.80
35.186.226.184
35.186.249.72
35.190.60.146
35.227.211.136
50.19.100.94
52.0.156.250
52.205.167.202
52.4.155.217
52.86.94.111
68.67.181.202
69.166.1.10
75.126.248.142
76.13.32.147
8.43.72.98
02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0a280e864b87587efb0dad5227e1e3c55a72cc15ad6f1aa76766bb6128118ccb
0f9487771b00549f6a2350d2649053e7f25f457fca025b65ebf9165353f6f2d6
0ff597340e3520ca2d7e3d89bb2f130667e05f7355b554d20f0005ac136344d6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e8806a9004505843075b79b36292b85f1d8c5c03316bf0a2e6fc02e58c38d2
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
1a0b225188931108f495d6a291af4bbbadc9255d972690bbc60c2e6913699f2c
204a3299ddc67db6fd1836653ece6696c46f1b2d7fb7abcb4fe9132abe2b6612
208d4d3247c0b03ec9ef551ced347e1daf0ce627c391567940e2894212a24df7
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
31b9bea01ffef2e8f311eafdbbcdd944a12194fa216d8f54489e15a7188d47dc
346b7de0f319b90fb929eb750bf47df6bb1aa7809769b497d46de3a1ff474f6a
35198b9e249e64807e199afa0c5e2d12f658a62ca1af917485f7596fa28729da
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
428d6044d1381e56c3e73ba1f8820e3286b96ab151a9fc1e614c6a1c34bc56b3
4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a
48f0866f885da705492bde53ce15050b400f626cdad0ec136f91f8bf268b7129
4993695f92f4e4c324f9540baa0478cb2fec43cbd86992974d33c2c4289066ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d5450658a60866c8f550963b4ddf0b25cd2093ca2b6b5b508ae1902c2f3352b
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4fbc242c0947e826aa88192372d935ef19826b6c0224464ac8ebcabdf8ac072b
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
6cf0f3beaa00e1aa949ad82c63c4f67d6b6043bfc06e97536564cb04595d6801
74b1612d1cb16d432cfd6542a7efe8f9297f1197025e044b9e0d9fa8e54befab
784ae837d6e9e378b9ea968c162d63f5e89930ef939a5dca6b8e5701efcb6002
79759fba4324b44884086263b681262191ccd9dc6634022db6f0c4b23e90c6ad
79ecb97d0f7bceacce18a955d045c9f8b6b994038c5ac5b40dae272d8d98cc2c
7a647a3fc1d78ff4542178884f5fcdcb93a3ecb998f57165e6da925329dbc867
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4
8ce71286009524bf5abcb4493d1768e626310caa844c2f8807c766d0dc7878bd
9178e6e0988fe06c13f2ecb0ef60c720635cf7d722388f7bb641dfcfb61b745d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a0c4301b6e804a7a808eb69694ed08567605811ae9bef1d3f19c88e20bdec92
9d2013b9dee70b1e237c2da3d0e502da502a0f126914734b6464362bc1ae0d1d
9d6ba6e6cbb253a4892d8d92c679cae1575a58ecebc0898657e46a779647e0a6
9e25b49c9c99e629a847d4b3407562674d25579662e228494cc89f9f31789665
9f185ef2e009bc8b02530a4bbbfbbd0426e45e5eb16824cf1ad8ba19ba41c656
a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a62238516566121bc6728cf24407e1705d43f61044ee02c5ffef99edb2a11e1e
a6233fd94cfc29fa571fea33e7dc16418dd89e369d618866449faf76a5943746
a96e26711777ea218cbcc77a70836de22121ea3922343f1ece80798ee7987522
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae373df001aea150fb77536379792bdd166c9d3f38c699aae364fa6f8ef9ce3f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bc0e68d47465158820ae7d321bee9b286967967f5f5b18b84bd72fce8e8594ac
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
c020f54c248a55614e1dbe7002ac03e4a6ed263a6e9d460621b4894add76efcd
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4581e1bbe7a6ead422937416202d588a71111b4889ec40fdf2ce09a73e86636
c52d2c68897b2b9de0d741a9b09ed5b4f23c5cf3493910f2270ce7c183bc82d2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
dad9cf09aef7927304c34d58fdf391b8e0ddcab2cbef4c8a6c8870c2aa128cbf
db8afdb483035e4336145db36463bdbf70bbfd8ed572e886a69a510d73d674ac
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df0b018622c8c31a9b7490cdc160369751f33a557d1346a67308bb04df5ee463
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ee7479fa6c7392aa1840f78b8295acfed0f07a372d0d987eed2563a49938e8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1dea4239710130a1f91999a3d345b2a0c83ef418de660e94d834ff585a14e52
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

cm.usatoday.com Open in urlscan Pro 151.101.2.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

85 %HTTPS

24 %IPv6

42 Domains

53 Subdomains

39 IPs

1 Countries

1571 kBTransfer

4405 kBSize

54 Cookies

13 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cm.usatoday.com Open in urlscan Pro
151.101.2.62 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

85 %
HTTPS

24 %
IPv6

42
Domains

53
Subdomains

39
IPs

1
Countries

1571 kB
Transfer

4405 kB
Size

54
Cookies

103 HTTP transactions
0 data transactions