theweek.com Open in urlscan Pro
65.9.58.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.silobreaker.com/e2t/tc/VWGyH71-4DFYW5TXG9Z8DJ1MBW52hptB4pTknQN5LPbTk2-HwLV1-WJV7CgTs-W7xx-fM9cdz4VW7tlxDx2mZWZMW...
Effective URL:
https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsm...
Submission: On April 01 via api (April 1st 2021, 11:26:13 am UTC) from DE

Summary HTTP 301 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 66 IPs in 7 countries across 49 domains to perform 301 HTTP transactions. The main IP is 65.9.58.110, located in United States and belongs to AMAZON-02, US. The main domain is theweek.com.
TLS certificate: Issued by Amazon on May 4th 2020. Valid for: a year.

This is the only time theweek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4	65.9.58.110 65.9.58.110	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	13.226.159.31 13.226.159.31	16509 (AMAZON-02) (AMAZON-02)
1	143.204.90.109 143.204.90.109	16509 (AMAZON-02) (AMAZON-02)
1	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
13	52.24.19.130 52.24.19.130	16509 (AMAZON-02) (AMAZON-02)
1	104.19.150.54 104.19.150.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:9df3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.202.102 143.204.202.102	16509 (AMAZON-02) (AMAZON-02)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
1	185.59.220.199 185.59.220.199	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	13.225.84.112 13.225.84.112	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:298::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	65.9.95.127 65.9.95.127	16509 (AMAZON-02) (AMAZON-02)
1 4	2600:9000:218... 2600:9000:2182:1400:e:ec66:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
8	108.128.220.162 108.128.220.162	16509 (AMAZON-02) (AMAZON-02)
2 8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f00... 2a03:2880:f006:21:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	3.208.245.103 3.208.245.103	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1 1	2a03:2880:f20... 2a03:2880:f206:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f20... 2a03:2880:f206:e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
6	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1	2600:9000:211... 2600:9000:211e:6e00:10:ce97:9fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	104.111.238.139 104.111.238.139	16625 (AKAMAI-AS) (AKAMAI-AS)
50	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:0:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:7e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700:20:... 2606:4700:20::681a:587	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2600:9000:218... 2600:9000:2182:7a00:1f:10c0:9300:93a1	16509 (AMAZON-02) (AMAZON-02)
15	2a03:2880:f10... 2a03:2880:f106:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
45	104.18.23.230 104.18.23.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	34.230.209.106 34.230.209.106	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	54.229.43.10 54.229.43.10	16509 (AMAZON-02) (AMAZON-02)
1	34.192.127.138 34.192.127.138	14618 (AMAZON-AES) (AMAZON-AES)
6 12	216.58.214.198 216.58.214.198	15169 (GOOGLE) (GOOGLE)
1	35.197.249.251 35.197.249.251	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
7	3.140.99.218 3.140.99.218	16509 (AMAZON-02) (AMAZON-02)
1 2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
6	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	52.17.101.63 52.17.101.63	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.96.113 65.9.96.113	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
301	66

2 199.60.103.254 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.silobreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.58.110 (United States)

ASN16509 (AMAZON-02, US)

theweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.226.159.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-31.dus51.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.90.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-109.fra50.r.cloudfront.net

ccpa.sp-prod.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.24.19.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-19-130.us-west-2.compute.amazonaws.com

bypass.theweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.150.54 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:932 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dennis-co-uk.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:9df3 (United States)

ASN13335 (CLOUDFLARENET, US)

eum.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-102.fra53.r.cloudfront.net

cdn.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

webcontentassessor.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.199 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-199.datapacket.com

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-112.fra2.r.cloudfront.net

d2ip7iv1l4ergv.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:298::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.95.127 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2182:1400:e:ec66:e40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.128.220.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-220-162.eu-west-1.compute.amazonaws.com

dennis.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f006:21:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.245.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-245-103.compute-1.amazonaws.com

pixel.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f206:c4:face:b00c:0:43fe (United States) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f206:e5:face:b00c:0:4420 (United States) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:6e00:10:ce97:9fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.durationmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.238.139 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:0:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:7e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:587 (United States)

ASN13335 (CLOUDFLARENET, US)

initiate.zeddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
entry.zeddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
datatracking.zeddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2182:7a00:1f:10c0:9300:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.theweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a03:2880:f106:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 104.18.23.230 (United States)

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.2.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.230.209.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.229.43.10 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

eum-blue-saas.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.127.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

be.durationmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 216.58.214.198 (Mountain View, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s23-in-f198.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.197.249.251 (London, United Kingdom)

ASN15169 (GOOGLE, US)

www.dennis.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.140.99.218 (Columbus, United States)

ASN16509 (AMAZON-02, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.101.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.113 (United States)

ASN16509 (AMAZON-02, US)

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	youtube.com www.youtube.com	3 MB
45	dianomi.com www.dianomi.com	193 KB
30	doubleclick.net 8 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net	129 KB
26	theweek.com theweek.com bypass.theweek.com images.theweek.com	145 KB
15	facebook.com www.facebook.com	276 KB
12	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com vid.connatix.com img.connatix.com	235 KB
11	privacy-mgmt.com cdn.privacy-mgmt.com	112 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	86 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com analytics.twitter.com	164 KB
9	blueconic.net cdn.blueconic.net dennis.blueconic.net	233 KB
8	google.com ampcid.google.com www.google.com	64 KB
7	google-analytics.com www.google-analytics.com	55 KB
6	googleapis.com fonts.googleapis.com	5 KB
6	zeddit.com initiate.zeddit.com entry.zeddit.com datatracking.zeddit.com	5 KB
6	facebook.net connect.facebook.net	229 KB
5	ytimg.com i.ytimg.com	137 KB
5	ggpht.com yt3.ggpht.com	13 KB
5	keywee.co 1 redirects cdn.keywee.co pixel.keywee.co	35 KB
5	instana.io eum.instana.io eum-blue-saas.instana.io	10 KB
5	typekit.net use.typekit.net p.typekit.net	65 KB
4	amazon-adsystem.com c.amazon-adsystem.com	35 KB
3	google.de ampcid.google.de www.google.de	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	instagram.com 2 redirects platform.instagram.com www.instagram.com	5 KB
2	durationmedia.net tag.durationmedia.net be.durationmedia.net	25 KB
2	omappapi.com a.omappapi.com api.omappapi.com	57 KB
2	jquery.com code.jquery.com	96 KB
2	silobreaker.com 1 redirects info.silobreaker.com	4 KB
1	criteo.com gum.criteo.com	149 B
1	adsrvr.org match.adsrvr.org	387 B
1	rlcdn.com api.rlcdn.com	244 B
1	criteo.net static.criteo.net	37 KB
1	dennis.co.uk www.dennis.co.uk	87 KB
1	chartbeat.net ping.chartbeat.net	169 B
1	t.co t.co	456 B
1	quantcount.com rules.quantcount.com	359 B
1	chartbeat.com static.chartbeat.com	15 KB
1	id5-sync.com cdn.id5-sync.com	7 KB
1	quantserve.com secure.quantserve.com	9 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	55 KB
1	googletagservices.com www.googletagservices.com	20 KB
1	cloudfront.net d2ip7iv1l4ergv.cloudfront.net	17 KB
1	fastly.net webcontentassessor.global.ssl.fastly.net	30 KB
1	btloader.com btloader.com	5 KB
1	videoplayerhub.com 1 redirects dennis-co-uk.videoplayerhub.com	537 B
1	permutive.com cdn.permutive.com	240 KB
1	indexww.com js-sec.indexww.com	43 KB
1	sp-prod.net ccpa.sp-prod.net	18 KB
301	49

	Domain	Requested by
50	www.youtube.com	theweek.com code.jquery.com www.youtube.com
45	www.dianomi.com	code.jquery.com theweek.com www.dianomi.com
15	www.facebook.com	theweek.com eum.instana.io connect.facebook.net www.facebook.com
13	bypass.theweek.com	theweek.com bypass.theweek.com
12	ad.doubleclick.net	6 redirects www.dianomi.com
11	cdn.privacy-mgmt.com	theweek.com cdn.privacy-mgmt.com ccpa.sp-prod.net
9	images.theweek.com	theweek.com
8	dennis.blueconic.net	cdn.blueconic.net eum.instana.io
7	capi.connatix.com	cd.connatix.com
7	googleads.g.doubleclick.net	2 redirects www.youtube.com
7	www.google.com	theweek.com www.youtube.com
7	www.google-analytics.com	www.googletagmanager.com eum.instana.io www.google-analytics.com theweek.com
6	fonts.googleapis.com	www.dianomi.com
6	platform.twitter.com	info.silobreaker.com platform.twitter.com bypass.theweek.com theweek.com
6	connect.facebook.net	cdn.keywee.co info.silobreaker.com connect.facebook.net
5	www.gstatic.com	www.youtube.com
5	i.ytimg.com	www.youtube.com
5	yt3.ggpht.com	www.youtube.com
5	static.doubleclick.net	www.youtube.com
5	fonts.gstatic.com	www.youtube.com
4	eum-blue-saas.instana.io	eum.instana.io
4	entry.zeddit.com	bypass.theweek.com
4	stats.g.doubleclick.net	eum.instana.io
4	cdn.keywee.co	1 redirects theweek.com cdn.keywee.co
4	c.amazon-adsystem.com	theweek.com c.amazon-adsystem.com eum.instana.io
4	use.typekit.net	theweek.com use.typekit.net
4	theweek.com	info.silobreaker.com theweek.com
3	sb.scorecardresearch.com	1 redirects theweek.com www.googletagmanager.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	www.google.de	theweek.com
2	cds.connatix.com	theweek.com bypass.theweek.com
2	www.instagram.com	1 redirects theweek.com
2	securepubads.g.doubleclick.net	www.googletagservices.com bypass.theweek.com
2	code.jquery.com	theweek.com
2	info.silobreaker.com	1 redirects
1	gum.criteo.com	bypass.theweek.com
1	analytics.twitter.com	bypass.theweek.com
1	api.omappapi.com	eum.instana.io
1	img.connatix.com	theweek.com
1	vid.connatix.com	cd.connatix.com
1	match.adsrvr.org	eum.instana.io
1	api.rlcdn.com	eum.instana.io
1	static.criteo.net	js-sec.indexww.com
1	www.dennis.co.uk	theweek.com
1	be.durationmedia.net	eum.instana.io
1	datatracking.zeddit.com	bypass.theweek.com
1	ping.chartbeat.net	theweek.com
1	t.co	theweek.com
1	cd.connatix.com	1 redirects
1	ampcid.google.de	eum.instana.io
1	initiate.zeddit.com	d2ip7iv1l4ergv.cloudfront.net
1	ampcid.google.com	eum.instana.io
1	rules.quantcount.com	secure.quantserve.com
1	static.chartbeat.com	bypass.theweek.com
1	tag.durationmedia.net	www.googletagmanager.com
1	cdn.id5-sync.com	www.googletagmanager.com
1	secure.quantserve.com	info.silobreaker.com
1	platform.instagram.com	1 redirects
1	static.ads-twitter.com	www.googletagmanager.com
1	pixel.keywee.co	theweek.com
1	www.googletagmanager.com	theweek.com
1	www.googletagservices.com	bypass.theweek.com
1	p.typekit.net	use.typekit.net
1	d2ip7iv1l4ergv.cloudfront.net	theweek.com
1	a.omappapi.com	theweek.com
1	webcontentassessor.global.ssl.fastly.net	theweek.com
1	cdn.blueconic.net	theweek.com
1	eum.instana.io	theweek.com
1	btloader.com	theweek.com
1	dennis-co-uk.videoplayerhub.com	1 redirects
1	cdn.permutive.com	theweek.com
1	js-sec.indexww.com	theweek.com
1	ccpa.sp-prod.net	theweek.com
301	73

This site contains links to these domains. Also see Links.

Domain
subscribe.theweek.com
cms.theweek.com
www.nytimes.com
www.politico.com
www.washingtonpost.com
www.washingtonexaminer.com
www.defense.gov
www.youtube.com
www.sbsun.com
www.latimes.com
www.nj.com
www.theweek.co.uk
service.theweek.com
www.dennis.co.uk
advertising.theweek.com

Subject Issuer	Validity	Valid
info.silobreaker.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
theweek.com Amazon	`2020-05-04` - `2021-06-04`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.privacy-mgmt.com R3	`2021-02-03` - `2021-05-04`	3 months	crt.sh
*.sp-prod.net R3	`2021-03-10` - `2021-06-08`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.theweek.com R3	`2021-02-04` - `2021-05-05`	3 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2021-03-02` - `2022-03-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-06` - `2021-10-06`	a year	crt.sh
*.instana.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-24` - `2021-12-25`	a year	crt.sh
*.blueconic.net Thawte TLS RSA CA G1	`2019-12-04` - `2022-02-01`	2 years	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
a.omappapi.com R3	`2021-03-11` - `2021-06-09`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.keywee.co Amazon	`2020-06-01` - `2021-07-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
pixel.keywee.co Sectigo ECC Domain Validation Secure Server CA	`2021-01-20` - `2022-02-19`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-03-03` - `2021-06-01`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
cdn.id5-sync.com R3	`2021-03-19` - `2021-06-17`	3 months	crt.sh
*.durationmedia.net Amazon	`2020-09-07` - `2021-10-07`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
zeddit.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.dennis.co.uk R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
api.opmnstr.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Frame ID: 7EB329DA5C12D37F69AAC69699E61840
Requests: 129 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jhMHNPH3upE
Frame ID: EC49B9E46ECCDCF7AE067560FFD91392
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/cxvRXWR9438
Frame ID: 6D5816E4C1D8782335AF9902E2D622DF
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Cfnbf98kR-Q
Frame ID: A1CB42FF0695FC267E148509867EAA8B
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/uJcchib4hCw
Frame ID: E45FE84BC6C39454CADDE312F9FA93EF
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/7AY_fsySKSA
Frame ID: 20266CE695931F1AC6EA86B5FBACCD93
Requests: 1 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?message_id=406609&consentUUID=c7de53be-64fc-4641-add7-629057be117f&requestUUID=c34b1514-165e-45ea-be2f-4141bdf4f6f5&preload_message=true
Frame ID: 449BF2F66D5F9614DF8BC891B04AF66F
Requests: 5 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jhMHNPH3upE
Frame ID: DAEB8D8BE6736898CA56E9EFA524D82F
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/cxvRXWR9438
Frame ID: D49A3A225F0697CCA127E6A210A28355
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Cfnbf98kR-Q
Frame ID: 2AA66A73DA03BF00B4E2DF79A726237C
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/uJcchib4hCw
Frame ID: F71B06A25868F78A7558FCE799B1B6B3
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/7AY_fsySKSA
Frame ID: F28BE862765B148D2C3A0BF3C6E9133F
Requests: 17 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Ftheweek.com
Frame ID: A0FDB3574E304AE9C37829D325396071
Requests: 2 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=5945
Frame ID: 6198C53643584956FE2FCBCB6D0C2AE7
Requests: 9 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=5947
Frame ID: 3CDADF338DE5D8B32F09988C8FBE3557
Requests: 9 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=5948
Frame ID: D99041A71144C20B3D1C0F17ECAA75DC
Requests: 9 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=5948
Frame ID: D4823FE60497194F6BAFBA4FB998C8C8
Requests: 9 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=5948
Frame ID: B7DA9A81BE95ECE27C1BA78C798C14A6
Requests: 9 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=5948
Frame ID: D150EBF8EC84C0F16BFD47128A35B408
Requests: 12 HTTP requests in this frame

Frame: https://cds.connatix.com/p/110954/connatix.player.dc.js
Frame ID: 8391C39C13374266CB02AB2E6F1EA1BD
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=462337980564780&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b89ac5b6f0ba8%26domain%3Dtheweek.com%26origin%3Dhttps%253A%252F%252Ftheweek.com%252Ff261438eb44138%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Ftheweek&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
Frame ID: 4943E317F3E4B319DC5B79897DFAF745
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.0edc1ef9f8b82d9b79c6115bda79f63f.en.html
Frame ID: A39D9EE29F31A76E8BBF1FE08A2B936F
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.0edc1ef9f8b82d9b79c6115bda79f63f.en.html
Frame ID: 9E43F9CB42805C3859CBADBC013B2FDB
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 0B9418EE2E29590B832C07529674CB50
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=462337980564780&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfab805bbe475a4%26domain%3Dtheweek.com%26origin%3Dhttps%253A%252F%252Ftheweek.com%252Ff261438eb44138%26relation%3Dparent.parent&container_width=90&href=http%3A%2F%2Ffacebook.com%2Ftheweek&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
Frame ID: 653296B81A73CE0ADEEB7A7D1A74CD6B
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=theweek.com&gdpr=1&gdpr_consent=CPD-L0kPD-L0kAGABCENBTCgAAAAAH_AABpYAAAPKAIMBAUAgCFsAAQIFCIQAAQhiQAAAAFBCIBQJIAMqgAWVwEdoIAACAxAQgAAgBBQgwCAAQCAJKAgBACwQCAAiAQAAgAEAIAAEJBILACwEAAAFAJCBAiACECAgiAAg5DAgIgCCAFABAAAuJDACAMosACBBgBUIAJQggGAgMgEACOAGWANQAdgBSwDeAJiAYEIgFABWAGWANQAdgBAAClgGsAOqAfIBgQkAGAA4Ac4CSwkBIABAAPAArACJAGWANQAfoBAAClgGKANYAbQA3gB8gExAJlAYEAwYKAEAB2AL4AYQCSw0A0AKwAywBqADsAIAAQUApYBrADeAHVAPkAioBgQcAEAA4BJYqASAI4AZYA1AB2AFLAN4AmIBgQDch0AoAHwAVgBqAD9ALEAXMAxQB1AF2gNEHgAwAVAEZASWQgEACOAGoAUMAxQB1AF2gNEAdqRABAAqAIySgEgAIAB4AG0ARIAwgDFAHUAXaA7UmABAIyUgDAFDALmAbQBWwC7QHalQAYAKgAfAJLA.YAAAAAAAAAAA
Frame ID: 3D4C4C0A8F66142B3608B2A69F2AD6A8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.silobreaker.com/e2t/tc/VWGyH71-4DFYW5TXG9Z8DJ1MBW52hptB4pTknQN5LPbTk2-HwLV1-WJV7CgTs-W7xx-fM... Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VWGyH71-4DFYW5TXG9Z8DJ1MBW52hptB4pTknQN5LPbTk2-HwL... HTTP 307
https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-o... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

301
Requests

100 %
HTTPS

52 %
IPv6

49
Domains

73
Subdomains

66
IPs

7
Countries

6423 kB
Transfer

21255 kB
Size

5
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://subscribe.theweek.com/servlet/OrdersGateway?cds_mag_code=TWE&cds_page_id=246023&cds_response_key=I9LRPKSW1
Title: Subscribe & save

Search URL Search Domain Scan URL

URL: https://subscribe.theweek.com/servlet/ConvertibleGateway?cds_mag_code=TWE&cds_page_id=239084&cds_response_key=I9WRPKGW2
Title: Give a gift

Search URL Search Domain Scan URL

URL: https://subscribe.theweek.com/servlet/Show?WESPAGE=pm/Pages/load_order.jsp&WESACTIVESESSION=TRUE&PAGE_ID=19303DIR01&MAGCODE=WK&MSCCMPLX=801WKSAC2
Title: Digital subscription

Search URL Search Domain Scan URL

URL: https://subscribe.theweek.com/servlet/OrdersGateway?cds_mag_code=TWE&cds_page_id=246023&cds_response_key=I9LRPMSW2
Title: Subscribe

Search URL Search Domain Scan URL

URL: http://cms.theweek.com/admin/tw-admin/edit/975092
Title: Edit

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2021/03/31/nyregion/trump-vance-investigation.html?action=click&module=Top%20Stories&pgtype=Homepage
Title: The New York Times reports.

Search URL Search Domain Scan URL

URL: http://cms.theweek.com/admin/tw-admin/edit/975133
Title: Edit

Search URL Search Domain Scan URL

URL: https://www.politico.com/news/2021/03/31/gaetz-trump-playbook-scandal-478740
Title: Kyle Cheney and Matt Dixon report at Politico

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2021/03/30/us/politics/matt-gaetz-sex-trafficking-investigation.html
Title: reported

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/national-security/matt-gaetz-investigation-robert-levinson/2021/03/31/ebe2a9ba-923e-11eb-9668-89be11273c09_story.html
Title: The Washington Post reported

Search URL Search Domain Scan URL

URL: https://www.washingtonexaminer.com/news/documents-detail-alleged-matt-gaetz-25-million-extortion-scheme
Title: to The Washington Examiner

Search URL Search Domain Scan URL

URL: https://www.washingtonexaminer.com/news/documents-full-matt-gaetz-extortion
Title: published them

Search URL Search Domain Scan URL

URL: http://cms.theweek.com/admin/tw-admin/edit/975111
Title: Edit

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/national-security/2021/03/31/pentagon-transgender-troops/
Title: scrapped policies

Search URL Search Domain Scan URL

URL: https://www.defense.gov/Newsroom/Releases/Release/Article/2557220/dod-announces-policy-updates-for-transgender-military-service/
Title: new policy

Search URL Search Domain Scan URL

URL: http://cms.theweek.com/admin/tw-admin/edit/975109
Title: Edit

Search URL Search Domain Scan URL

URL: https://www.politico.com/newsletters/politico-nightly/2021/03/31/bidens-plan-is-pocked-with-potholes-492311
Title: Michael Grunwald writes at Politico

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/business/2021/03/31/deficit-cost-infrastructure-biden/
Title: The Washington Post reports

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=KR-5ENZ0NKM
Title: question the need to pay for the plan at all

Search URL Search Domain Scan URL

URL: http://cms.theweek.com/admin/tw-admin/edit/975101
Title: Edit

Search URL Search Domain Scan URL

URL: https://www.sbsun.com/2021/03/26/this-san-bernardino-girl-scout-shattered-a-us-record-in-cookie-sales/
Title: told the San Bernardino Sun.

Search URL Search Domain Scan URL

URL: http://cms.theweek.com/admin/tw-admin/edit/975099
Title: Edit

Search URL Search Domain Scan URL

URL: https://www.latimes.com/california/story/2021-03-31/orange-mass-shooting-reported
Title: the Los Angeles Times reports.

Search URL Search Domain Scan URL

URL: https://www.latimes.com/archives/la-xpm-1997-dec-19-mn-172-story.html
Title: former employee shot and killed four people

Search URL Search Domain Scan URL

URL: http://cms.theweek.com/admin/tw-admin/edit/975097
Title: Edit

Search URL Search Domain Scan URL

URL: http://cms.theweek.com/admin/tw-admin/edit/975096
Title: Edit

Search URL Search Domain Scan URL

URL: https://www.nj.com/mercer/2021/03/21-year-old-lost-his-job-during-the-pandemic-now-hes-opening-his-own-clothing-store.html
Title: Harris told NJ Advance Media.

Search URL Search Domain Scan URL

URL: https://subscribe.theweek.com/servlet/OrdersGateway?cds_mag_code=TWE&cds_page_id=246023&cds_response_key=I9LRPKSW3
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://subscribe.theweek.com/servlet/ConvertibleGateway?cds_mag_code=TWE&cds_page_id=239084&cds_response_key=I9WRPKGW4
Title: Give a gift

Search URL Search Domain Scan URL

URL: https://subscribe.theweek.com/servlet/ConvertibleGateway?cds_mag_code=TWE&cds_page_id=233362&cds_response_key=I8LEBKEW6
Title: Classroom subscriptions

Search URL Search Domain Scan URL

URL: https://subscribe.theweek.com/servlet/ConvertibleGateway?cds_mag_code=TWE&cds_page_id=239084&cds_response_key=I9WRPMGW4
Title: Give a gift

Search URL Search Domain Scan URL

URL: https://www.theweek.co.uk/
Title: The Week UK

Search URL Search Domain Scan URL

URL: https://service.theweek.com/
Title: Customer service

Search URL Search Domain Scan URL

URL: https://www.dennis.co.uk/accessibility/
Title: Accessibility

Search URL Search Domain Scan URL

URL: http://advertising.theweek.com/
Title: Ad info

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.silobreaker.com/e2t/tc/VWGyH71-4DFYW5TXG9Z8DJ1MBW52hptB4pTknQN5LPbTk2-HwLV1-WJV7CgTs-W7xx-fM9cdz4VW7tlxDx2mZWZMW4zplRs5NL6ZfW3yY7w2711G7YW7yHT6C237z_FV7yQwy5fyXl9W4VTKL_2X9w3cW3jh6PM6dYRDXW6R_j__1SVBQtW4bbsQ_6ChvfTW3h0GgD992GFNW8PFKlr37kKZnW4WjvtM4llJXtW2Jwm_v7jpfs5N7tyJXNM3STXN75x7Vmq1TJ-W4RQPb25Y0Sw2W8D_Dkq392Q8cW8fPwbw8S7MZ_W1wN9hD5mnSpLW2KGlxq4zbyY_W7441QJ1h2P3nW8gGth96TjJ2_W6Jk0MV6cn1lLW6Y638k6XfNsLW1mkpQr24QslSW1DVy1f3g720sW4hGDRs5tm9Qg39LD1 Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VWGyH71-4DFYW5TXG9Z8DJ1MBW52hptB4pTknQN5LPbTk2-HwLV1-WJV7CgTs-W7xx-fM9cdz4VW7tlxDx2mZWZMW4zplRs5NL6ZfW3yY7w2711G7YW7yHT6C237z_FV7yQwy5fyXl9W4VTKL_2X9w3cW3jh6PM6dYRDXW6R_j__1SVBQtW4bbsQ_6ChvfTW3h0GgD992GFNW8PFKlr37kKZnW4WjvtM4llJXtW2Jwm_v7jpfs5N7tyJXNM3STXN75x7Vmq1TJ-W4RQPb25Y0Sw2W8D_Dkq392Q8cW8fPwbw8S7MZ_W1wN9hD5mnSpLW2KGlxq4zbyY_W7441QJ1h2P3nW8gGth96TjJ2_W6Jk0MV6cn1lLW6Y638k6XfNsLW1mkpQr24QslSW1DVy1f3g720sW4hGDRs5tm9Qg39LD1?_ud=a4bb3421-5038-4fa5-8fd3-da7d7251ae1c&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://dennis-co-uk.videoplayerhub.com/videoloader.js HTTP 301
https://btloader.com/tag?h=dennis-co-uk&upapi=true

Request Chain 30

https://cdn.keywee.co/dist/analytics.min.js HTTP 301
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

Request Chain 49

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 54

https://sb.scorecardresearch.com/b?c1=2&c2=13765220&ns__t=1617276354199&ns_c=UTF-8&c8=Report%3A%20Manhattan%20prosecutors%20subpoena%20bank%20records%20of%20Trump%20Organization%20CFO&c7=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=13765220&ns__t=1617276354199&ns_c=UTF-8&c8=Report%3A%20Manhattan%20prosecutors%20subpoena%20bank%20records%20of%20Trump%20Organization%20CFO&c7=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk&c9=&cs_ak_ss=1

Request Chain 107

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/110954/connatix.player.dc.js

Request Chain 168

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299274046;dc_trk_aid=492253651;dc_trk_cid=148077842;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299274046;dc_pre=CJDKk_X33O8CFYlo4AodJ88HXw;dc_trk_aid=492253651;dc_trk_cid=148077842;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 174

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299034821;dc_trk_aid=491930003;dc_trk_cid=148077845;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299034821;dc_pre=CN3Kk_X33O8CFamSdwodt4cFzQ;dc_trk_aid=491930003;dc_trk_cid=148077845;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 180

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299140014;dc_trk_aid=492316713;dc_trk_cid=148077791;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299140014;dc_pre=CMnMk_X33O8CFUDEuwgd3CkPbA;dc_trk_aid=492316713;dc_trk_cid=148077791;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 186

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299274046;dc_trk_aid=492253651;dc_trk_cid=148077842;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299274046;dc_pre=CNrRk_X33O8CFUws4AodxC0EbQ;dc_trk_aid=492253651;dc_trk_cid=148077842;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 194

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299140014;dc_trk_aid=492316713;dc_trk_cid=148077791;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299140014;dc_pre=CJTSk_X33O8CFciFgwcdfQ0F-A;dc_trk_aid=492316713;dc_trk_cid=148077791;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 200

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299034821;dc_trk_aid=491930003;dc_trk_cid=148077845;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299034821;dc_pre=CJTVk_X33O8CFf_huwgdS_IEEg;dc_trk_aid=491930003;dc_trk_cid=148077845;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 203

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 205

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 284

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

301 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWGyH71-4DFYW5TXG9Z8DJ1MBW52hptB4pTknQN5LPbTk2-HwLV1-WJV7CgTs-W7xx-fM9cdz4VW7tlxDx2mZWZMW4zplRs5NL6ZfW3yY7w2711G7YW7yHT6C237z_FV7yQwy5fyXl9W4VTKL_2X9w3cW3jh6PM6dYRDXW6R_j__1SVBQtW4bbsQ_6ChvfTW3h0Gg... Show response
info.silobreaker.com/e2t/tc/ 9 KB
3 KB 132ms
94ms Document
text/html 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.silobreaker.com/e2t/tc/VWGyH71-4DFYW5TXG9Z8DJ1MBW52hptB4pTknQN5LPbTk2-HwLV1-WJV7CgTs-W7xx-fM9cdz4VW7tlxDx2mZWZMW4zplRs5NL6ZfW3yY7w2711G7YW7yHT6C237z_FV7yQwy5fyXl9W4VTKL_2X9w3cW3jh6PM6dYRDXW6R_j__1SVBQtW4bbsQ_6ChvfTW3h0GgD992GFNW8PFKlr37kKZnW4WjvtM4llJXtW2Jwm_v7jpfs5N7tyJXNM3STXN75x7Vmq1TJ-W4RQPb25Y0Sw2W8D_Dkq392Q8cW8fPwbw8S7MZ_W1wN9hD5mnSpLW2KGlxq4zbyY_W7441QJ1h2P3nW8gGth96TjJ2_W6Jk0MV6cn1lLW6Y638k6XfNsLW1mkpQr24QslSW1DVy1f3g720sW4hGDRs5tm9Qg39LD1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31f5d75e677ff91de18702505c7fbae693917d3901df4e4d54c83f1b3c775947

Request headers

:method: GET
:authority: info.silobreaker.com
:scheme: https
:path: /e2t/tc/VWGyH71-4DFYW5TXG9Z8DJ1MBW52hptB4pTknQN5LPbTk2-HwLV1-WJV7CgTs-W7xx-fM9cdz4VW7tlxDx2mZWZMW4zplRs5NL6ZfW3yY7w2711G7YW7yHT6C237z_FV7yQwy5fyXl9W4VTKL_2X9w3cW3jh6PM6dYRDXW6R_j__1SVBQtW4bbsQ_6ChvfTW3h0GgD992GFNW8PFKlr37kKZnW4WjvtM4llJXtW2Jwm_v7jpfs5N7tyJXNM3STXN75x7Vmq1TJ-W4RQPb25Y0Sw2W8D_Dkq392Q8cW8fPwbw8S7MZ_W1wN9hD5mnSpLW2KGlxq4zbyY_W7441QJ1h2P3nW8gGth96TjJ2_W6Jk0MV6cn1lLW6Y638k6XfNsLW1mkpQr24QslSW1DVy1f3g720sW4hGDRs5tm9Qg39LD1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:52 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d1cb88353f518abe775855b7683d1c8181617276352; expires=Sat, 01-May-21 11:25:52 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=4c2788f0468ac740bd823c2635d86c83ba0e4ecd-1617276352; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray: 6391759168394c9e-AMS
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 092ec7cee500004c9eeab6b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k5wIiXfdIGrpRA%2BbIiBkCtcBHAMmPNSN9aw0u%2FdD2KLUJtnK0rOwtJIAY8CMf9QX3iSfvKg3GB9y0P%2BC2sQgJy8aPbWJnG45JvGMc2vo2%2B%2BCj1ttJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo Show response
theweek.com/speedreads/975092/
Redirect Chain

https://info.silobreaker.com/events/public/v1/track/tc/VWGyH71-4DFYW5TXG9Z8DJ1MBW52hptB4pTknQN5LPbTk2-HwLV1-WJV7CgTs-W7xx-fM9cdz4VW7tlxDx2mZWZMW4zplRs5NL6ZfW3yY7w2711G7YW7yHT6C237z_FV7yQwy5fyXl9W4V...
https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFy...

113 KB
25 KB

722ms
665ms

Document
text/html

65.9.58.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWGyH71-4DFYW5TXG9Z8DJ1MBW52hptB4pTknQN5LPbTk2-HwLV1-WJV7CgTs-W7xx-fM9cdz4VW7tlxDx2mZWZMW4zplRs5NL6ZfW3yY7w2711G7YW7yHT6C237z_FV7yQwy5fyXl9W4VTKL_2X9w3cW3jh6PM6dYRDXW6R_j__1SVBQtW4bbsQ_6ChvfTW3h0GgD992GFNW8PFKlr37kKZnW4WjvtM4llJXtW2Jwm_v7jpfs5N7tyJXNM3STXN75x7Vmq1TJ-W4RQPb25Y0Sw2W8D_Dkq392Q8cW8fPwbw8S7MZ_W1wN9hD5mnSpLW2KGlxq4zbyY_W7441QJ1h2P3nW8gGth96TjJ2_W6Jk0MV6cn1lLW6Y638k6XfNsLW1mkpQr24QslSW1DVy1f3g720sW4hGDRs5tm9Qg39LD1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: cf6337910aabb01d11f6a02c8b4148d743539f2ecc399f6bb33b3bfc70cd5bb5

Request headers

:method: GET
:authority: theweek.com
:scheme: https
:path: /speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://info.silobreaker.com/e2t/tc/VWGyH71-4DFYW5TXG9Z8DJ1MBW52hptB4pTknQN5LPbTk2-HwLV1-WJV7CgTs-W7xx-fM9cdz4VW7tlxDx2mZWZMW4zplRs5NL6ZfW3yY7w2711G7YW7yHT6C237z_FV7yQwy5fyXl9W4VTKL_2X9w3cW3jh6PM6dYRDXW6R_j__1SVBQtW4bbsQ_6ChvfTW3h0GgD992GFNW8PFKlr37kKZnW4WjvtM4llJXtW2Jwm_v7jpfs5N7tyJXNM3STXN75x7Vmq1TJ-W4RQPb25Y0Sw2W8D_Dkq392Q8cW8fPwbw8S7MZ_W1wN9hD5mnSpLW2KGlxq4zbyY_W7441QJ1h2P3nW8gGth96TjJ2_W6Jk0MV6cn1lLW6Y638k6XfNsLW1mkpQr24QslSW1DVy1f3g720sW4hGDRs5tm9Qg39LD1

Response headers

content-type: text/html; charset=UTF-8
content-length: 24637
date: Thu, 01 Apr 2021 11:25:53 GMT
set-cookie: AWSALB=mDBugflXuBR4AiulZfweHJsBGiF5FlmahOw8D9pVf9Qq0i65WhAUvaXJ1QhPcDizGnqGr415Q3TooYDI6atNd2P+CGBMjVxvvRo+SzDpNreb7lJFtm77WFoPy8F3; Expires=Thu, 08 Apr 2021 11:25:52 GMT; Path=/ AWSALBCORS=mDBugflXuBR4AiulZfweHJsBGiF5FlmahOw8D9pVf9Qq0i65WhAUvaXJ1QhPcDizGnqGr415Q3TooYDI6atNd2P+CGBMjVxvvRo+SzDpNreb7lJFtm77WFoPy8F3; Expires=Thu, 08 Apr 2021 11:25:52 GMT; Path=/; SameSite=None; Secure blaize_session=e124ab0e-9c88-40de-a3a4-16b8a883a57d; Expires=Thu, 19 Aug 2021 11:25:52 GMT; Path=/; Secure; HttpOnly; blaize_tracking_id=57b24947-762d-4ac0-a8a5-08e3b39f9d8c; Expires=Wed, 2 Aug 3020 11:25:53 GMT; Path=/;
server: nginx/1.12.2
x-cache-tags: speedreads,article-975092,article-975133,article-975111,article-975109,article-975101,article-975099,article-975097,article-975096
expires: Thu, 01 Apr 2021 12:25:52 GMT
x-internal-host: www1.theweek.com
access-control-allow-origin: *
x-cache-hits: 0
accept-ranges: bytes
cache-control: no-cache, no-store, no-transform
content-encoding: gzip
vary: User-Agent
x-cache: Miss from cloudfront
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: GlyFLOeLgUOqO8aFy1yLViPNHQsN3g627AV-ulYaXhTPfYUTwSugkg==
age: 0

Redirect headers

date: Thu, 01 Apr 2021 11:25:52 GMT
location: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
cf-ray: 6391759219a14c9e-AMS
link: <https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 092ec7cf5300004c9ed195a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zLxeuAIb7tfMAvndy1gZCdUAmJE7cUBE8N%2B%2BN2ueVwWSQkxm%2BoGpCyx9XYqFYy4Rt2XEk8UsN6rxucakuE0Pno0%2FWd6%2FSoL0eKjQVD9bJwhaxk9W5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare

GET
H2 200 xia0rvc.css
use.typekit.net/ 5 KB
1 KB 164ms
139ms Stylesheet
text/css 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/xia0rvc.css

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

75afcd6252ef0c8bc32b634f48d86684d3d2fd9603256d726d3a6a632067a033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 01 Apr 2021 11:25:53 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 826

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cdn.privacy-mgmt.com/ 151 KB
44 KB 81ms
32ms Script
application/javascript 13.226.159.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-31.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acea44b7167f5a9cc4ed95bf4cb6cf8d8feefebaf1a1cedb02a8a8caf1b1e715

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 21:07:41 GMT
server: AmazonS3
age: 1076
etag: W/"8073094d2add7dd857b75129d94e1d56"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Thu, 01 Apr 2021 11:07:58 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: JVIO-KtXJ3O0IKlbu8GxB9FgMjPokQwfgd1WxLtrfhLw_eyLWbihvA==

GET
H2 200 ccpa.js Show response
ccpa.sp-prod.net/ 54 KB
18 KB 89ms
33ms Script
application/javascript 143.204.90.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ccpa.sp-prod.net/ccpa.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-109.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f5125217d1ef16b021cc5c94724846ae2e0a9e899190172fb36160c03dbaf5a

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 10:29:10 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 20:05:44 GMT
server: AmazonS3
age: 3403
etag: W/"ecfaefdd1ff6f239a11f80def7f25291"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: iXzYiKr1_OxjpRhKrKw--1bQ_jMP7DXLCEvACRTqAdPAmf_7fQ599Q==

GET
H/1.1 200
OK 185497-164226995996356.js Show response
js-sec.indexww.com/ht/p/ 155 KB
43 KB 887ms
839ms Script
text/javascript 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185497-164226995996356.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 256fa88f13d6d977461dc8330ce70d9f231a93074aaebf6d592283133b8afb87

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Apr 2021 11:25:27 GMT
Server: Apache
ETag: "9057bb-26c96-5bee77d0753b8"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Thu, 01 Apr 2021 12:25:54 GMT

GET
H/1.1 200
OK f0d962f.css
bypass.theweek.com/css/ 81 KB
13 KB 725ms
348ms Stylesheet
text/css 52.24.19.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bypass.theweek.com/css/f0d962f.css
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.19.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-19-130.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a2234bd16a4a55d6617c5ecd0023be8a570585b8d84df98c2a6c6a45d672b579

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:53 GMT
Content-Encoding: gzip
Age: 2201
X-Cache: HIT
X-Cache-Hits: 1080
Connection: keep-alive
Content-Length: 12779
X-Internal-Host: www1.theweek.com
Last-Modified: Mon, 22 Mar 2021 22:42:25 GMT
Server: nginx/1.12.2
ETag: W/"14254-5be27c79fb808"
Vary: User-Agent
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public
Accept-Ranges: bytes
Expires: Thu, 01 Apr 2021 11:49:11 GMT

GET
H2 200 5642074a-7820-46d3-a3d9-f26f3cc6e800-web.js Show response
cdn.permutive.com/ 1 MB
240 KB 90ms
50ms Script
application/javascript 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/5642074a-7820-46d3-a3d9-f26f3cc6e800-web.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ba411a6589f2e1ea3d1b271780623ec046532feeebe3430b16dc78f9d8c29f7

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 5642074a-7820-46d3-a3d9-f26f3cc6e800
age: 2726
x-guploader-uploadid: ABg5-UwCNafPkfbwVe9qp2m94IsxerY2HQFrwddFcFFkeZv9KgSBmMlGjgY08PrNh3YpFJg6MHezPCDOnrZGn18kLHZ8ETgdNg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
cf-request-id: 092ec7d5e00000c79dca9f0000000001
last-modified: Thu, 01 Apr 2021 06:39:03 GMT
server: cloudflare
etag: W/"f664b2a65184c528c82950c5b0ba0b8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=x9Temw==, md5=9mSyplGExSjIKVDFsLoLig==
x-goog-generation: 1617259143125056
cache-control: public, max-age=300
x-goog-stored-content-length: 267621
cf-ray: 6391759c9c7cc79d-AMS
expires: Thu, 01 Apr 2021 11:30:54 GMT

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://dennis-co-uk.videoplayerhub.com/videoloader.js
https://btloader.com/tag?h=dennis-co-uk&upapi=true

9 KB
5 KB

35ms
19ms

Script
application/javascript

2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=dennis-co-uk&upapi=true
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 109e2e3005bd7ded1c6da319eb033be395bc28cbfaa82718c3dd31e5b7a3597e

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1452
content-encoding: br
cf-request-id: 092ec7d5f000001f355a23f000000001
server: cloudflare
etag: W/"b6a1ab7508f1bdc534e176d059ed6a3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BBMYExIuXzFo8I%2Fb27ImNE%2FCYuvSSqtzBHpXedJBQvr01ZcgT42h%2FNejAnc0r%2BNwTd%2BzIoLAOxDoX7C3lEEWIYxsDsMIL4CWD9z7qB7pL%2BAdqYhJHsKaddA%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
cf-ray: 6391759cbfca1f35-FRA

Redirect headers

date: Thu, 01 Apr 2021 11:25:54 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5hoEBbbxJSGcwBLmIsXCBapJx%2FkihnFvXjgtbN0LzolVawwwN%2FTUw9FH3GMPk2cJmM1Y6tEb3FPwB7K%2FZBO5%2BYyfXk%2BEIzikFegDo6epd7a3D%2BkxCuF1muTLwW%2FSeBA0Ha%2FJCJ5Z5v%2FRjaHZ"}],"max_age":604800}
location: https://btloader.com/tag?h=dennis-co-uk&upapi=true
cache-control: max-age=3600
cf-ray: 6391759c7b522c3e-FRA
cf-request-id: 092ec7d5cc00002c3ee5269000000001
expires: Thu, 01 Apr 2021 12:25:53 GMT

GET
H2 200 eum.min.js Show response
eum.instana.io/ 23 KB
9 KB 40ms
14ms Script
application/javascript 2606:4700::6810:9df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.instana.io/eum.min.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c39c9160c7938bf298f1233a4a890ca601bad50a896832c51e77878bd8d7e6b

Request headers

Origin: https://theweek.com
Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Mar 2021 16:16:36 GMT
server: cloudflare
age: 562716
etag: -1802586287--gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray: 6391759c7ee64e56-FRA
cf-request-id: 092ec7d5ca00004e56d7108000000001

GET
H2 200 dennis.js Show response
cdn.blueconic.net/ 130 KB
39 KB 82ms
26ms Script
text/javascript 143.204.202.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.blueconic.net/dennis.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.202.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-202-102.fra53.r.cloudfront.net

Software

- /

Resource Hash

aad7e7a8eb8f10f277a21ed0cfef3cd2b51ff4020f464784c59b7f5bf82088ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 474
x-cache: Hit from cloudfront
content-length: 39742
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Mar 2021 15:00:10 GMT
server: -
etag: "20768-5be71c9dc2900-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cache-control: public, max-age=600, s-maxage=500
x-amz-cf-pop: FRA53-C1
accept-ranges: none
x-robots-tag: noindex, nofollow
x-amz-cf-id: TzposNIhMQPWm0vMtFJ9twnTMC8Kap1Z-BXRqRqg01_gTl1eDFRL2g==

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 30ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin: https://theweek.com
Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:53 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1617276353.dop206.fr8.t,1617276353.cds258.fr8.hn,1617276353.cds002.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 31ms
12ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:53 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1617276353.dop142.fr8.t,1617276353.cds245.fr8.hn,1617276353.cds151.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H/1.1 200
OK 5040ba6.js Show response
bypass.theweek.com/js/ 95 KB
17 KB 726ms
350ms Script
application/javascript 52.24.19.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bypass.theweek.com/js/5040ba6.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.19.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-19-130.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: bd82f7ce5f8044a90cf1ae1da7e2e76b874df229c987d3c594a8258a948d2d47

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:53 GMT
Content-Encoding: gzip
Age: 2529
X-Cache: HIT
X-Cache-Hits: 4442
Connection: keep-alive
Content-Length: 17243
X-Internal-Host: www1.theweek.com
Last-Modified: Mon, 22 Mar 2021 22:42:28 GMT
Server: nginx/1.12.2
ETag: W/"17cbb-5be27c7c6c063"
Vary: User-Agent
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public
Accept-Ranges: bytes
Expires: Thu, 01 Apr 2021 11:43:44 GMT

GET
H/1.1 200
OK e2a1697839742e7b46f0a2d6d247805ed5bc8ddccd9ee1001bd011f5b25b8c67 Show response
webcontentassessor.global.ssl.fastly.net/scripts/ 94 KB
30 KB 76ms
21ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://webcontentassessor.global.ssl.fastly.net/scripts/e2a1697839742e7b46f0a2d6d247805ed5bc8ddccd9ee1001bd011f5b25b8c67

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

72f3481a60f056ba2dd9f54712d84ff709083e13b8e57eedf2e03f1922e368f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:53 GMT
Content-Encoding: gzip
Age: 1045
X-Cache: HIT
Connection: keep-alive
Content-Length: 30376
x-amz-id-2: QboYB1MKX/Nz79xCrSToXYzXi+q/MmhnzqtDepyPPHgrQUKV/p0gkCqJcmndF31BY4tfg+q8OIA=
X-Served-By: cache-hhn4062-HHN
Last-Modified: Thu, 01 Apr 2021 11:05:15 GMT
Server: AmazonS3
X-Timer: S1617276353.284034,VS0,VE0
ETag: "9c417ac988092b323de94f92c5179f12"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300
x-amz-request-id: 2QVNY0FBVFV742DK
Via: 1.1 varnish
Cache-Control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 3

GET
H/1.1 200
OK cd079ab.js Show response
bypass.theweek.com/js/ 84 KB
24 KB 748ms
361ms Script
application/javascript 52.24.19.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bypass.theweek.com/js/cd079ab.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.19.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-19-130.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: f3c20f1080fd06449c2022d774d762c60a94c3c9a956363488228c02055260b9

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:53 GMT
Content-Encoding: gzip
Age: 2509
X-Cache: HIT
X-Cache-Hits: 4380
Connection: keep-alive
Content-Length: 24460
X-Internal-Host: www1.theweek.com
Last-Modified: Mon, 22 Mar 2021 22:42:28 GMT
Server: nginx/1.12.2
ETag: W/"14e3b-5be27c7c6c44b"
Vary: User-Agent
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public
Accept-Ranges: bytes
Expires: Thu, 01 Apr 2021 11:44:04 GMT

GET
H2 200 empty-src.png
theweek.com/bundles/twsite/images/ 987 B
1 KB 28ms
25ms Image
image/png 65.9.58.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theweek.com/bundles/twsite/images/empty-src.png
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 893fe0bf2a4faf85ea9d84fd60666789ad9dbb7080e6910f723e25e8c190e381

Request headers

Referer: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 10:53:25 GMT
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
age: 2388
x-cache: Hit from cloudfront
content-length: 987
x-internal-host: www1.theweek.com
last-modified: Mon, 22 Mar 2021 22:41:26 GMT
server: nginx/1.12.2
vary: User-Agent
content-type: image/png
access-control-allow-origin: *
expires: Thu, 01 Apr 2021 11:53:25 GMT
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: gois8Rh0_6XENJoyAX0BYvn7GlcKb0YPzwLYCDEH8jIRG9Wd5otAiA==
x-cache-hits: 1399

GET
H2 200 speedreads-page-logo-small.png
theweek.com/bundles/twsite/images/ 3 KB
3 KB 28ms
26ms Image
image/png 65.9.58.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theweek.com/bundles/twsite/images/speedreads-page-logo-small.png
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 7bc2dd5ff1dcabaa22e905cdc0ae742975ccd73711707a7fbc8f919e0dfed1a3

Request headers

Referer: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:16:09 GMT
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
age: 2135
x-cache: Hit from cloudfront
content-length: 2726
x-internal-host: www1.theweek.com
last-modified: Mon, 22 Mar 2021 22:41:26 GMT
server: nginx/1.12.2
vary: User-Agent
content-type: image/png
access-control-allow-origin: *
expires: Thu, 01 Apr 2021 12:16:09 GMT
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: ElMESjDpxc6tBZJwEU-ssfrQcsJ0iG588ezUU13JmVW-WDfGfX3kxg==
x-cache-hits: 348

GET
H/1.1 200
OK eb08862.js Show response
bypass.theweek.com/js/ 553 B
792 B 184ms
181ms Script
application/javascript 52.24.19.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bypass.theweek.com/js/eb08862.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.19.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-19-130.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 6b895b19247913407e59afe926d0f7fcfee4a5f62e3c12f3396194583fd3df1c

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:54 GMT
Content-Encoding: gzip
Age: 2510
X-Cache: HIT
X-Cache-Hits: 3690
Connection: keep-alive
Content-Length: 317
X-Internal-Host: www1.theweek.com
Last-Modified: Mon, 22 Mar 2021 22:41:50 GMT
Server: nginx/1.12.2
ETag: W/"229-5be27c58d640d"
Vary: User-Agent
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public
Accept-Ranges: bytes
Expires: Thu, 01 Apr 2021 11:44:03 GMT

GET
H/1.1 200
OK 8755b74.js Show response
bypass.theweek.com/js/ 14 KB
4 KB 184ms
181ms Script
application/javascript 52.24.19.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bypass.theweek.com/js/8755b74.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.19.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-19-130.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: aa7975863a60118324624e0c519edc0569dfabd46d0ba1a526665675301333d3

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:54 GMT
Content-Encoding: gzip
Age: 2235
X-Cache: HIT
X-Cache-Hits: 1061
Connection: keep-alive
Content-Length: 3695
X-Internal-Host: www1.theweek.com
Last-Modified: Mon, 22 Mar 2021 22:42:25 GMT
Server: nginx/1.12.2
ETag: W/"395e-5be27c7a37ce5"
Vary: User-Agent
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public
Accept-Ranges: bytes
Expires: Thu, 01 Apr 2021 11:48:38 GMT

GET
H/1.1 200
OK ddc9e4e.js Show response
bypass.theweek.com/js/ 932 B
895 B 191ms
187ms Script
application/javascript 52.24.19.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bypass.theweek.com/js/ddc9e4e.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.19.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-19-130.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 92238bb4b1044267815facd2468ce7b449503438c2105443f31a8308c50d8d98

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:54 GMT
Content-Encoding: gzip
Age: 2530
X-Cache: HIT
X-Cache-Hits: 4427
Connection: keep-alive
Content-Length: 420
X-Internal-Host: www1.theweek.com
Last-Modified: Mon, 22 Mar 2021 22:42:26 GMT
Server: nginx/1.12.2
ETag: W/"3a4-5be27c7aed731"
Vary: User-Agent
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public
Accept-Ranges: bytes
Expires: Thu, 01 Apr 2021 11:43:44 GMT

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 216 KB
57 KB 3692ms
3631ms Script
application/javascript 185.59.220.199
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-199.datapacket.com
Software: BunnyCDN-DE1-722 /
Resource Hash: 834b8273d56ef4cbd9d1bd45cd14621b52dcd372a6e1bcddfe2e3454d7658525

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:57 GMT
content-encoding: br
cdn-edgestorageid: 723
x-amz-request-id: CN7FEMJ12BG7KF3Q
cdn-cachedat: 2021-04-01 13:25:57
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: mO0HGiRKu87rVnl1Ct96Sgnm6/fQNDu32yo2Qv82D1eQPPKxrwYhpp/makvXjykGhxxiAiJYofs=
access-control-allow-origin: *
expires: Wed Mar 30 2022 18:37:40 GMT+0000 (Coordinated Universal Time)
last-modified: Tue, 30 Mar 2021 18:37:41 GMT
server: BunnyCDN-DE1-722
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: 2592000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: c1c6052e26899161e5cf7dd4dc1b0e71
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 subxGDL.min.js Show response
d2ip7iv1l4ergv.cloudfront.net/embed/widget/ 56 KB
17 KB 102ms
33ms Script
application/x-javascript 13.225.84.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2ip7iv1l4ergv.cloudfront.net/embed/widget/subxGDL.min.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-112.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: debb0cf5b0dad0357738cccba85a1cdc04f251f5e99655cbda0c85323036b80b

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Wed, 31 Mar 2021 08:50:58 GMT
date: Thu, 01 Apr 2021 04:31:38 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 04:30:56 GMT
server: AmazonS3
age: 24857
etag: W/"8ee6f1b9211c512a85395924d16e9caf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: n24sx3MoGqXg2OFrNuLWsx1hVM5EG9hhDPGlvsO7w_kssmIeQHX5cA==

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 21ms
7ms Stylesheet
text/css 2a02:26f0:7100:298::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=xia0rvc&ht=tk&f=139.175.6814.6817.6818.6819&a=642891&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/xia0rvc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:298::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:53 GMT
last-modified: Fri, 06 Nov 2020 01:41:46 GMT
server: nginx
etag: "5fa4a9da-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

OPTIONS
H2 200 native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ Frame 0
0 73ms
28ms Preflight
text/html 13.226.159.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=c34b1514-165e-45ea-be2f-4141bdf4f6f5&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A145%2C%22requestUUID%22%3A%22c34b1514-165e-45ea-be2f-4141bdf4f6f5%22%2C%22propertyHref%22%3A%22https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol: H2
Server: 13.226.159.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-31.dus51.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://theweek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
content-length: 13
date: Thu, 01 Apr 2021 11:25:53 GMT
x-powered-by: Express
access-control-allow-origin: https://theweek.com
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
allow: POST,GET,HEAD
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: QNb2T4SA-y4PAlvtjZ6ZXxsU1IwZ0_OGv-1rMQpZ9SiDFK5CIKmX9Q==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 139ms
46ms Script
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 22:11:27 GMT
content-encoding: gzip
server: Server
age: 47666
etag: 9e0e0829d91a39f75ba9ebfdbaf1f5a9
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: GYObFiYQFsAPpwZjonnhqGiTvSP1inUf
x-amz-cf-id: DR1gDmUOzepOGfhu4DHXGCA0v5yGc030bLXWCQG_EWlkf2OECtZ3rA==

GET
H2 200 native-message Show response
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ 266 KB
16 KB 60ms
59ms XHR
application/json 13.226.159.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=c34b1514-165e-45ea-be2f-4141bdf4f6f5&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A145%2C%22requestUUID%22%3A%22c34b1514-165e-45ea-be2f-4141bdf4f6f5%22%2C%22propertyHref%22%3A%22https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-31.dus51.r.cloudfront.net
Software: / Express
Resource Hash: 02e0b0463eb2612a8ead8e591f5081f45f11d3b675eb5eb4ff6a37a630104b6c

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Apr 2021 11:25:53 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theweek.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: qmjJMqAjcDB2B7IICP6H5z1RP8F0RNLbY72Jgf4xMs9kIsFnV2y7RQ==
via: 1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)

GET
H2 200 get_site_data Show response
cdn.privacy-mgmt.com/mms/ 19 B
403 B 71ms
30ms XHR
text/plain 13.226.159.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/mms/get_site_data?requestUUID=c58ea5ea-1a1e-409a-af20-1827f59cdec7&account_id=145&href=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Requested by: Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-31.dus51.r.cloudfront.net
Software: Jetty(9.4.2.v20170220) /
Resource Hash: 5ebe362f800324963fe80e32795e423caf853336bd6b45ea41c90c556c075bcc

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:53 GMT
via: 1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
x-sp-mms-node: mms-an3.node.fra.consul
server: Jetty(9.4.2.v20170220)
x-amz-cf-pop: DUS51-C1
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://theweek.com
cache-control: max-age=2592000
access-control-allow-credentials: true
x-cache: Miss from cloudfront
x-amz-cf-id: R3pqVrPCPqon-FqGdhNl_172fi8gADTo6tocSK6hJdQmCHjyrLr-HA==

GET
H2 200 message_url Show response
cdn.privacy-mgmt.com/mms/v2/ 0
449 B 38ms
37ms XHR
application/json 13.226.159.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/mms/v2/message_url?requestUUID=c58ea5ea-1a1e-409a-af20-1827f59cdec7&account_id=145&abp=false&href=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk&consentUUID=undefined&loadedData=%5B%7B%22id%22%3A%22CONSENT%3Aendpoint%3Ahttps%3A%2F%2Fcdn.privacy-mgmt.com%3A6777%22%2C%22result%22%3A%22%7B%5C%22hasConsentData%5C%22%3Afalse%2C%5C%22consentedToAny%5C%22%3Afalse%2C%5C%22consentedToAll%5C%22%3Afalse%2C%5C%22rejectedAny%5C%22%3Afalse%7D%22%7D%5D&stage_campaign=false&cookie=%5B%5D&t[type]=CCPA
Requested by: Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-31.dus51.r.cloudfront.net
Software: Jetty(9.4.2.v20170220) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:53 GMT
via: 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
x-sp-mms-node: mms-b2x.node.fra.consul
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
x-sp-mms-env: 1
content-length: 0
pragma: no-cache
server: Jetty(9.4.2.v20170220)
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://theweek.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-amz-cf-id: NhGna9iEhwVyD09YvdyZTPYtx_YlrFCzFke3CgR9R_tJBniqmeARfg==
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 display-dns
cdn.privacy-mgmt.com/ccpa/consent/6777/ Frame 0
0 299ms
299ms Preflight
text/html 13.226.159.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/ccpa/consent/6777/display-dns?requestUUID=c58ea5ea-1a1e-409a-af20-1827f59cdec7
Protocol: H2
Server: 13.226.159.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-31.dus51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://theweek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
content-length: 4
date: Thu, 01 Apr 2021 11:25:53 GMT
access-control-allow-origin: https://theweek.com
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache
allow: POST
x-cache: Miss from cloudfront
via: 1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: yS1f9ZAoUt6QHuULNRZ_YdbY2BrBcMR_Kw3TVSzz34gSjtxberScfA==

POST
H2 200 display-dns Show response
cdn.privacy-mgmt.com/ccpa/consent/6777/ 569 B
999 B 305ms
304ms XHR
application/json 13.226.159.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/ccpa/consent/6777/display-dns?requestUUID=c58ea5ea-1a1e-409a-af20-1827f59cdec7
Requested by: Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-31.dus51.r.cloudfront.net
Software: /
Resource Hash: 4ccf9a204618cc3ba886b0a1f1cc8d4653b9b5f05940dcfeea888c0e8d63e6e7

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
via: 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theweek.com
cache-control: no-cache
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 569
x-amz-cf-id: 5ySGB0HXaNIq1-_R6Qf5Ztdo3PfQfBjtyLlHo6Rs4MAzlxO3zZ-AhQ==

GET
H2

200

analytics-1.5.12.min.js Show response
cdn.keywee.co/dist/
Redirect Chain

https://cdn.keywee.co/dist/analytics.min.js
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

22 KB
8 KB

9ms
9ms

Script
application/javascript

2600:9000:2182:1400:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:1400:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 13:43:04 GMT
content-encoding: gzip
last-modified: Mon, 28 Dec 2020 09:55:56 GMT
server: AmazonS3
age: 78171
etag: W/"13a05c433850fad0455e2ee1a1707eb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
cache-control: max-age=259200,public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: IOZWIPWByC7YwbLSFXzrPqMjYdOQ3DG7Qmy9GiiDwecmExnHMkIsrg==

Redirect headers

date: Thu, 01 Apr 2021 11:25:47 GMT
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
server: AmazonS3
age: 8
x-cache: Hit from cloudfront
location: /dist/analytics-1.5.12.min.js
x-amz-cf-pop: DUS51-C1
content-length: 0
x-amz-cf-id: Mcfoh8H0OPHbKSF60gNQ96hbMqT3W82QgceWkK3OVR8QBiaNcRYbOA==

POST
H2 200 381 Show response
dennis.blueconic.net/DG/DEFAULT/rest/rpc/ 19 KB
4 KB 103ms
33ms XHR
application/json 108.128.220.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dennis.blueconic.net/DG/DEFAULT/rest/rpc/381?referer=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk&bcsessionid=&bctempid=&overruleReferrer=&time=2021-04-01T13%3A25%3A53%2B02%3A00&ts=1617276353964

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/dennis.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.220.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-220-162.eu-west-1.compute.amazonaws.com

Software

- /

Resource Hash

32aa621c6edb2ed1f409105a39384deba8e28bb0b8a0df30e59856d111511229

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://theweek.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 3188
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 58 KB
20 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: bypass.theweek.com
URL: https://bypass.theweek.com/js/5040ba6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a9b532fb08cac21640e90def820adee960efcbbe198f136df925a5ea2e699be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "829 / 327 of 1000 / last-modified: 1617270103"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19793
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:25:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 187 KB
55 KB 50ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNVDSB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87503b0607e740f35c0db718c3f24b633a923217b9acec4f9a77ad485ca9dc4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55377
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Apr 2021 11:25:54 GMT

GET
H/1.1 200
OK sandwich.svg
bypass.theweek.com/bundles/twsite/images/ 1 KB
2 KB 493ms
181ms Image
image/svg+xml 52.24.19.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bypass.theweek.com/bundles/twsite/images/sandwich.svg
Requested by: Host: bypass.theweek.com
URL: https://bypass.theweek.com/css/f0d962f.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.19.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-19-130.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 126811023686b5fccfb6f3b2ad92b05ee0fda717b3f9300c2040dc3849952ad4

Request headers

Referer: https://bypass.theweek.com/css/f0d962f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:54 GMT
Age: 2470
X-Cache: HIT
X-Cache-Hits: 3060
Connection: keep-alive
Content-Length: 1100
X-Internal-Host: www1.theweek.com
Last-Modified: Mon, 22 Mar 2021 22:41:26 GMT
Server: nginx/1.12.2
ETag: "44c-5be27c41f7a9d"
Vary: User-Agent
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Expires: Thu, 01 Apr 2021 12:25:54 GMT

GET
H/1.1 200
OK search.svg
bypass.theweek.com/bundles/twsite/images/ 987 B
1 KB 308ms
187ms Image
image/svg+xml 52.24.19.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bypass.theweek.com/bundles/twsite/images/search.svg
Requested by: Host: bypass.theweek.com
URL: https://bypass.theweek.com/css/f0d962f.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.19.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-19-130.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 74f8c078fef6dd5a8efe492097c3a11e3a31b8ae0e210a477c4a3d70c7b9ac31

Request headers

Referer: https://bypass.theweek.com/css/f0d962f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:54 GMT
Age: 2503
X-Cache: HIT
X-Cache-Hits: 3088
Connection: keep-alive
Content-Length: 987
X-Internal-Host: www1.theweek.com
Last-Modified: Mon, 22 Mar 2021 22:41:26 GMT
Server: nginx/1.12.2
ETag: "3db-5be27c41f7e85"
Vary: User-Agent
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Expires: Thu, 01 Apr 2021 12:25:54 GMT

GET
H/1.1 200
OK logo-tw-white-new.png
bypass.theweek.com/bundles/twsite/images/ 7 KB
8 KB 298ms
184ms Image
image/png 52.24.19.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bypass.theweek.com/bundles/twsite/images/logo-tw-white-new.png
Requested by: Host: bypass.theweek.com
URL: https://bypass.theweek.com/css/f0d962f.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.19.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-19-130.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 566bf8a98ae88b90d34c5c471560ea8d1c95665a9accb8bd28e09e70d3418d2c

Request headers

Referer: https://bypass.theweek.com/css/f0d962f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:54 GMT
Age: 1894
X-Cache: HIT
X-Cache-Hits: 354
Connection: keep-alive
Content-Length: 7480
X-Internal-Host: www1.theweek.com
Last-Modified: Mon, 22 Mar 2021 22:41:26 GMT
Server: nginx/1.12.2
ETag: "1d38-5be27c41f0d3c"
Vary: User-Agent
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Expires: Thu, 01 Apr 2021 12:25:54 GMT

GET
H/1.1 200
OK TwoWeekCoversB96x66.png
bypass.theweek.com/bundles/twsite/images/circ/ 15 KB
16 KB 301ms
186ms Image
image/png 52.24.19.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bypass.theweek.com/bundles/twsite/images/circ/TwoWeekCoversB96x66.png
Requested by: Host: bypass.theweek.com
URL: https://bypass.theweek.com/css/f0d962f.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.19.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-19-130.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 7a328c00667393c400f21f0913d72031313f0cbbe2cf9006dc41412bdae7bde2

Request headers

Referer: https://bypass.theweek.com/css/f0d962f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:54 GMT
Age: 2347
X-Cache: HIT
X-Cache-Hits: 1407
Connection: keep-alive
Content-Length: 15854
X-Internal-Host: www1.theweek.com
Last-Modified: Mon, 22 Mar 2021 22:41:26 GMT
Server: nginx/1.12.2
ETag: "3dee-5be27c41e6d14"
Vary: User-Agent
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Expires: Thu, 01 Apr 2021 12:25:54 GMT

GET
H2 200 l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 20 KB
20 KB 34ms
14ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/xia0rvc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 881e7b20812ce29768f6a17c9ad915d47bda3210d3e9d71211058e678edc200d

Request headers

Origin: https://theweek.com
Referer: https://use.typekit.net/xia0rvc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
server: nginx
etag: "269ca480d9f4b562d1fba420527e4402600739cc"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20008

GET
H2 200 0cc244e79fe8a2b58643aae336b3b484 Show response
dennis.blueconic.net/plugin/plugin/ 167 KB
39 KB 36ms
36ms Script
text/javascript 108.128.220.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dennis.blueconic.net/plugin/plugin/0cc244e79fe8a2b58643aae336b3b484

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/dennis.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.220.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-220-162.eu-west-1.compute.amazonaws.com

Software

- /

Resource Hash

c72bceee168c719353adfd03a33787feabaadaabe3a99d10509fb5d546ca0d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 11:25:54 GMT
server: -
etag: 0cc244e79fe8a2b58643aae336b3b484
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: public, no-cache="Set-Cookie", max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 39143
x-xss-protection: 1; mode=block
expires: Fri, 01 Apr 2022 11:25:54 GMT

GET
H2 200 1021.js Show response
cdn.keywee.co/config/ 211 B
551 B 11ms
11ms Script
application/javascript 2600:9000:2182:1400:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/config/1021.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:1400:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3886f930aa91aaf5b153cae9e472a64dd46841b782939f444da889e93e593001

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 03:19:50 GMT
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
last-modified: Tue, 03 Mar 2020 17:04:36 GMT
server: AmazonS3
age: 29165
etag: "735a123c5b1510ce174a0ae105cdc04a"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
content-length: 211
x-amz-cf-id: goNLXZLWRvjheGbtxqVdhOmyljWdzE2dOhv8KOMEVk6ykJZdXHONpw==

GET
H2 200 pubads_impl_2021032901.js Show response
securepubads.g.doubleclick.net/gpt/ 288 KB
101 KB 80ms
29ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060601

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

0862c2487c0665ea2123f42a17adf474adee38aab90c6a1a4288a0124d05294a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 29 Mar 2021 08:36:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103062
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:25:54 GMT

GET
H2 200 sp-2.9.1.js Show response
cdn.keywee.co/dist/ 75 KB
26 KB 11ms
9ms Script
application/x-javascript 2600:9000:2182:1400:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/sp-2.9.1.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:1400:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 02:25:59 GMT
content-encoding: gzip
last-modified: Sun, 14 Oct 2018 12:37:03 GMT
server: AmazonS3
age: 4957195
etag: W/"e0e6c30dc2f18c8cee12448a4cbb07eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: EIAgVeHVqqjAIC0zZYKZOLpZcjkf3lvb_VdpwDD1INO03Dy8Gi_2RA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 38ms
12ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: gzznFnUVpt0nTixEWpevFqG7ClW0l5RPb70Ga3fjAYkDzb9lBL/KNSgbYoQ8W3more+gtRVI2EJQirlbktpnJA==
x-fb-trip-id: 1425083115
x-frame-options: DENY
date: Thu, 01 Apr 2021 11:25:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 i
pixel.keywee.co/ 43 B
294 B 318ms
102ms Image
image/gif 3.208.245.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.keywee.co/i?stm=1617276354121&e=pv&url=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk&page=Report%3A%20Manhattan%20prosecutors%20subpoena%20bank%20records%20of%20Trump%20Organization%20CFO&tv=js-2.9.1&tna=cf&aid=1021&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_passive=1&f_wheel=wheel&eid=bf14465e-18aa-44a4-b950-842c86f4265a&dtm=1617276354120&vp=1600x1200&ds=1600x1200&vid=1&sid=e6b2dd87-1d63-4ad6-9244-0a9a4095fdc2&duid=b37f47fd-0b09-414f-9c36-e4f6a6a76f2d&fp=1072425006

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.208.245.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-245-103.compute-1.amazonaws.com

Software

nginx/1.17.6 /

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

status: 200 OK
date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
server: nginx/1.17.6
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 127ms
42ms XHR
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 30468
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 06 Mar 2021 01:32:40 GMT
server: AmazonS3
date: Thu, 01 Apr 2021 03:02:27 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: ntuvdSSMfJUi_5IjBh3oJZSWCzNR0x7WZjj2tcaTULA39XSUl5-oBA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVDSB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 4247
date: Thu, 01 Apr 2021 10:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Thu, 01 Apr 2021 12:15:07 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 71ms
22ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVDSB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 41209
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1617276354.263660,VS0,VE0
x-served-by: cache-fra19168-FRA

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWGyH71-4DFYW5TXG9Z8DJ1MBW52hptB4pTknQN5LPbTk2-HwLV1-WJV7CgTs-W7xx-fM9cdz4VW7tlxDx2mZWZMW4zplRs5NL6ZfW3yY7w2711G7YW7yHT6C237z_FV7yQwy5fyXl9W4VTKL_2X9w3cW3jh6PM6dYRDXW6R_j__1SVBQtW4bbsQ_6ChvfTW3h0GgD992GFNW8PFKlr37kKZnW4WjvtM4llJXtW2Jwm_v7jpfs5N7tyJXNM3STXN75x7Vmq1TJ-W4RQPb25Y0Sw2W8D_Dkq392Q8cW8fPwbw8S7MZ_W1wN9hD5mnSpLW2KGlxq4zbyY_W7441QJ1h2P3nW8gGth96TjJ2_W6Jk0MV6cn1lLW6Y638k6XfNsLW1mkpQr24QslSW1DVy1f3g720sW4hGDRs5tm9Qg39LD1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec9fcf6b659410910ea85ede599a646224af9c17afed0c9f2a41a063876379f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: G8i/CS/1X0sbzdtavpby7A==
cross-origin-resource-policy: cross-origin
expires: Thu, 01 Apr 2021 11:33:23 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: JbiKOYKZTpYvlBcV/ri4BX3hTxrrjGyTEzZKlPr0ysK+sP6FomEEXvPhtT32epQb8Ori7l2yy6tPAVQEnfgzvQ==
x-fb-trip-id: 1425083115
x-fb-content-md5: e5b6196ada4d4884e65184b3dcc712a0
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 01 Apr 2021 11:25:54 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "db96c91d80b9edb070b401460600fe5b"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

13ms
13ms

Script
text/javascript

2a03:2880:f206:e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f206:e5:face:b00c:0:4420 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:44:32 GMT
x-fb-trip-id: 1679558926
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-length: 4824

Redirect headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: ftw
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control: max-age=21600
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 57ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWGyH71-4DFYW5TXG9Z8DJ1MBW52hptB4pTknQN5LPbTk2-HwLV1-WJV7CgTs-W7xx-fM9cdz4VW7tlxDx2mZWZMW4zplRs5NL6ZfW3yY7w2711G7YW7yHT6C237z_FV7yQwy5fyXl9W4VTKL_2X9w3cW3jh6PM6dYRDXW6R_j__1SVBQtW4bbsQ_6ChvfTW3h0GgD992GFNW8PFKlr37kKZnW4WjvtM4llJXtW2Jwm_v7jpfs5N7tyJXNM3STXN75x7Vmq1TJ-W4RQPb25Y0Sw2W8D_Dkq392Q8cW8fPwbw8S7MZ_W1wN9hD5mnSpLW2KGlxq4zbyY_W7441QJ1h2P3nW8gGth96TjJ2_W6Jk0MV6cn1lLW6Y638k6XfNsLW1mkpQr24QslSW1DVy1f3g720sW4hGDRs5tm9Qg39LD1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB0) /
Resource Hash: 0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:22:22 GMT
Server: ECS (amb/6BB0)
Age: 1242
Etag: "965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29026

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 26ms
8ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWGyH71-4DFYW5TXG9Z8DJ1MBW52hptB4pTknQN5LPbTk2-HwLV1-WJV7CgTs-W7xx-fM9cdz4VW7tlxDx2mZWZMW4zplRs5NL6ZfW3yY7w2711G7YW7yHT6C237z_FV7yQwy5fyXl9W4VTKL_2X9w3cW3jh6PM6dYRDXW6R_j__1SVBQtW4bbsQ_6ChvfTW3h0GgD992GFNW8PFKlr37kKZnW4WjvtM4llJXtW2Jwm_v7jpfs5N7tyJXNM3STXN75x7Vmq1TJ-W4RQPb25Y0Sw2W8D_Dkq392Q8cW8fPwbw8S7MZ_W1wN9hD5mnSpLW2KGlxq4zbyY_W7441QJ1h2P3nW8gGth96TjJ2_W6Jk0MV6cn1lLW6Y638k6XfNsLW1mkpQr24QslSW1DVy1f3g720sW4hGDRs5tm9Qg39LD1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 08 Apr 2021 11:25:54 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/0.9/ 20 KB
7 KB 105ms
33ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/0.9/id5-api.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVDSB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

1ed5f2fc1e66035303acba9525aeae50f4b303e9dc137c6e1ced3c240048dddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.192/26
date: Thu, 01 Apr 2021 11:22:07 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: rbx1
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 7102
x-request-id: 186126182

GET
H2 200 dm.js Show response
tag.durationmedia.net/sites/10733/ 87 KB
24 KB 36ms
12ms Script
application/javascript 2600:9000:211e:6e00:10:ce97:9fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.durationmedia.net/sites/10733/dm.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVDSB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6e00:10:ce97:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e822947648b73ae37994e5c67c567d09bcfcd1b55778030b4d700d1b3e4846a8

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: P37JWL0g3vP.ZvIjELx2Z4TBIwJEqMQ4
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 15:32:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "708e56f50950c095608e6329496cf2b0"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
cache-control: public,max-age=900
date: Thu, 01 Apr 2021 11:25:54 GMT
accept-ranges: bytes
content-length: 24558
x-amz-cf-id: G8CBho454K3nuYztJ6I-SmYL5A3MTWWFDOiNVSae3bp8jb2so7Tf0A==

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=13765220&ns__t=1617276354199&ns_c=UTF-8&c8=Report%3A%20Manhattan%20prosecutors%20subpoena%20bank%20records%20of%20Trump%20Organization%20CFO&c7=https%3A%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=13765220&ns__t=1617276354199&ns_c=UTF-8&c8=Report%3A%20Manhattan%20prosecutors%20subpoena%20bank%20records%20of%20Trump%20Organization%20CFO&c7=https%3A%...

0
528 B

23ms
22ms

Image
text/plain

104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=13765220&ns__t=1617276354199&ns_c=UTF-8&c8=Report%3A%20Manhattan%20prosecutors%20subpoena%20bank%20records%20of%20Trump%20Organization%20CFO&c7=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk&c9=&cs_ak_ss=1
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Apr 2021 11:25:54 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=13765220&ns__t=1617276354199&ns_c=UTF-8&c8=Report%3A%20Manhattan%20prosecutors%20subpoena%20bank%20records%20of%20Trump%20Organization%20CFO&c7=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Thu, 01 Apr 2021 11:25:54 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a62e20a7c3e8c337b12317ca9e4d8b0c Show response
dennis.blueconic.net/plugin/library/ 491 KB
145 KB 33ms
33ms Script
text/javascript 108.128.220.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dennis.blueconic.net/plugin/library/a62e20a7c3e8c337b12317ca9e4d8b0c

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/dennis.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.220.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-220-162.eu-west-1.compute.amazonaws.com

Software

- /

Resource Hash

23aa22be1a0ef6aabce05ab7817029e9d4a5b3eb92e5e485df2f2139e7cc6993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 11:25:54 GMT
server: -
etag: a62e20a7c3e8c337b12317ca9e4d8b0c
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: public, no-cache="Set-Cookie", max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 147824
x-xss-protection: 1; mode=block
expires: Fri, 01 Apr 2022 11:25:54 GMT

POST
H2 200 LB-Zone-3 Show response
dennis.blueconic.net/DG/DEFAULT/rest/rpc/381/ 1 KB
1 KB 112ms
112ms XHR
application/json 108.128.220.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dennis.blueconic.net/DG/DEFAULT/rest/rpc/381/LB-Zone-3?referer=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk&bcsessionid=&bctempid=33b74249-ed13-4bb3-8007-9fe78ff769ce&overruleReferrer=&time=2021-04-01T13%3A25%3A54%2B02%3A00&ts=1617276354213

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/dennis.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.220.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-220-162.eu-west-1.compute.amazonaws.com

Software

- /

Resource Hash

88f463df444c800ef20454f789edca3568e3d135d38d5094a106af4d1ac03f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://theweek.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 766
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 19 KB
19 KB 23ms
23ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/xia0rvc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9712da95885dd6bdb189f5a01d816defeb9ef10da71d750906a30e11156bf7c6

Request headers

Origin: https://theweek.com
Referer: https://use.typekit.net/xia0rvc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
server: nginx
etag: "83d5d34ada9d3835ff15f4e0202acf78c83bd6d3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19464

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.33

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-fb-rlafr: 0
pragma: public
x-fb-debug: R0WRrmsUDgDSo2dtupMDMuu1ppOFV+xhZFvXnpIIhvtrLuKHxWF+vY2H3MMGtCrPWI4fpJi0Ocm64TFjJVzpSw==
x-fb-trip-id: 1425083115
x-frame-options: DENY
date: Thu, 01 Apr 2021 11:25:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 680856479121812 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 65ms
65ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/680856479121812?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b5f830ad89b4ee029c0583173e0086c6248d4d2c594ab866a084b57938597bdc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: lCYcJrWbJgY4rlaM604foo2h+lFTXnJStQl4bclGH5u73ALsLc6jq43xTaJLznqU+vFNYkGGgQSz/NVQQKV0HA==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 01 Apr 2021 11:25:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jhMHNPH3upE
www.youtube.com/embed/ Frame EC49 0
0 85ms
62ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jhMHNPH3upE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/jhMHNPH3upE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Apr 2021 11:25:54 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=9GDqcFYC_zk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=HgHAb48i0WI; Domain=.youtube.com; Expires=Tue, 28-Sep-2021 11:25:54 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+818; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cxvRXWR9438
www.youtube.com/embed/ Frame 6D58 0
0 74ms
52ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/cxvRXWR9438

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/cxvRXWR9438
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Apr 2021 11:25:54 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=WswgOW6QU30; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=hUepFNBJLAE; Domain=.youtube.com; Expires=Tue, 28-Sep-2021 11:25:54 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+113; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Cfnbf98kR-Q
www.youtube.com/embed/ Frame A1CB 0
0 68ms
47ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Cfnbf98kR-Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Cfnbf98kR-Q
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Apr 2021 11:25:54 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=bFrINefY9HQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=zd7MVya-w8A; Domain=.youtube.com; Expires=Tue, 28-Sep-2021 11:25:54 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+493; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 uJcchib4hCw
www.youtube.com/embed/ Frame E45F 0
0 77ms
57ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/uJcchib4hCw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/uJcchib4hCw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Apr 2021 11:25:54 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=pin68xNj_ug; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=d-zPOBcrt_s; Domain=.youtube.com; Expires=Tue, 28-Sep-2021 11:25:54 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+330; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 7AY_fsySKSA
www.youtube.com/embed/ Frame 2026 0
0 78ms
59ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/7AY_fsySKSA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/7AY_fsySKSA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Apr 2021 11:25:54 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=a3YGMO0i8DQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=IPk4UqYNCVc; Domain=.youtube.com; Expires=Tue, 28-Sep-2021 11:25:54 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+618; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK fb_med.svg
bypass.theweek.com/bundles/twsite/images/social_buttons/ 1007 B
1 KB 266ms
181ms Image
image/svg+xml 52.24.19.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bypass.theweek.com/bundles/twsite/images/social_buttons/fb_med.svg
Requested by: Host: bypass.theweek.com
URL: https://bypass.theweek.com/css/f0d962f.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.19.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-19-130.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 379f1358db0e9352a0dd7f76719a5e49aa399e6805a39c258f446da0b2b02a1d

Request headers

Referer: https://bypass.theweek.com/css/f0d962f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:54 GMT
Age: 2460
X-Cache: HIT
X-Cache-Hits: 2425
Connection: keep-alive
Content-Length: 1007
X-Internal-Host: www1.theweek.com
Last-Modified: Mon, 22 Mar 2021 22:41:26 GMT
Server: nginx/1.12.2
ETag: "3ef-5be27c41f8655"
Vary: User-Agent
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Expires: Thu, 01 Apr 2021 12:25:54 GMT

GET
H/1.1 200
OK twitter_med.svg
bypass.theweek.com/bundles/twsite/images/social_buttons/ 1 KB
2 KB 278ms
187ms Image
image/svg+xml 52.24.19.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bypass.theweek.com/bundles/twsite/images/social_buttons/twitter_med.svg
Requested by: Host: bypass.theweek.com
URL: https://bypass.theweek.com/css/f0d962f.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.19.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-19-130.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 1f62d0314c0c4e2d5c57dcb4f2892d86a4f6807d5ce7722f85b0c2b2f431130e

Request headers

Referer: https://bypass.theweek.com/css/f0d962f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:54 GMT
Age: 2455
X-Cache: HIT
X-Cache-Hits: 2440
Connection: keep-alive
Content-Length: 1530
X-Internal-Host: www1.theweek.com
Last-Modified: Mon, 22 Mar 2021 22:41:26 GMT
Server: nginx/1.12.2
ETag: "5fa-5be27c41f8e25"
Vary: User-Agent
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Expires: Thu, 01 Apr 2021 12:25:54 GMT

GET
H/1.1 200
OK email_med.svg
bypass.theweek.com/bundles/twsite/images/social_buttons/ 1 KB
2 KB 187ms
178ms Image
image/svg+xml 52.24.19.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bypass.theweek.com/bundles/twsite/images/social_buttons/email_med.svg
Requested by: Host: bypass.theweek.com
URL: https://bypass.theweek.com/css/f0d962f.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.19.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-19-130.us-west-2.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: c404f55745129a328b5afc09179541db419838e0c4ea479578a278e7872367b7

Request headers

Referer: https://bypass.theweek.com/css/f0d962f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:54 GMT
Age: 2437
X-Cache: HIT
X-Cache-Hits: 2405
Connection: keep-alive
Content-Length: 1346
X-Internal-Host: www1.theweek.com
Last-Modified: Mon, 22 Mar 2021 22:41:26 GMT
Server: nginx/1.12.2
ETag: "542-5be27c41f8655"
Vary: User-Agent
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Expires: Thu, 01 Apr 2021 12:25:54 GMT

GET
H2 200 l
use.typekit.net/af/5033af/0000000000000000000151d3/27/ 24 KB
24 KB 15ms
15ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5033af/0000000000000000000151d3/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/xia0rvc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 93b5ed083890da172d66e71d22afee08570a83ca5ae66c5d68b554a66ebe6a6c

Request headers

Origin: https://theweek.com
Referer: https://use.typekit.net/xia0rvc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
server: nginx
etag: "03405b9e59fd24cd7edba320df0608cbfb285a8a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24788

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
15 KB 33ms
10ms Script
application/x-javascript 2600:9000:2127:0:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: bypass.theweek.com
URL: https://bypass.theweek.com/js/ddc9e4e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:0:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ffa272cd7c67be28bb54afb5184deb64931a4f018890876020acbdbdbb0d7ea2

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 10:13:37 GMT
content-encoding: gzip
last-modified: Thu, 25 Mar 2021 00:12:18 GMT
server: nginx
age: 4336
etag: W/"605bd562-8e8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: Pk8-D9OtFMGGX1bIeyEUDoxQnXNNdECZQCVfsw3ynnDqhX_5vuHMBw==
expires: Thu, 01 Apr 2021 12:13:37 GMT

GET
H2 200 datalayer Show response
theweek.com/blaize/ 682 B
1 KB 72ms
72ms XHR
application/json 65.9.58.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theweek.com/blaize/datalayer
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f95da8ee76b6c6af54fca542f681232b499da7b98457d80b79d2ad09f4300b9f

Request headers

Referer: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo?_hsmi=96965274&_hsenc=p2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-length: 682
x-amz-cf-id: _CYK6iM2SO9KNed2KmgmB3vxgcfqvkwnEO8nJMb8junA8UzAKv033Q==
x-blaize-request: fffffffff1a1dd44

GET
H2 200 index.html Show response
cdn.privacy-mgmt.com/ Frame 449B 4 KB
2 KB 26ms
26ms Document
text/html 13.226.159.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/index.html?message_id=406609&consentUUID=c7de53be-64fc-4641-add7-629057be117f&requestUUID=c34b1514-165e-45ea-be2f-4141bdf4f6f5&preload_message=true
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-31.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71b76d51d2da6bd16bba3c1ae1d61a6f24c72a21d5786e11c2c636ee1f4c908a

Request headers

:method: GET
:authority: cdn.privacy-mgmt.com
:scheme: https
:path: /index.html?message_id=406609&consentUUID=c7de53be-64fc-4641-add7-629057be117f&requestUUID=c34b1514-165e-45ea-be2f-4141bdf4f6f5&preload_message=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

content-type: text/html
last-modified: Tue, 16 Mar 2021 18:45:34 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 01 Apr 2021 10:32:19 GMT
etag: W/"f895edfe84fb752b0b1fea2c750ad685"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: nAH2smYFeWfiMlFGaoJgS0n-EeXrxMPed_vgxTCUXCjq-4zUf1uIPA==
age: 3216

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 192 KB
58 KB 36ms
12ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=77423f0087d959346e87b8b1213c05a0&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

463bf4e6a836618bce271265951a46b461c3ba14c61508c4fc9f069fe5d972bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://theweek.com
Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: WUih3ZfDojBnVf351EZ8cA==
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Apr 2022 10:45:16 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58847
x-fb-rlafr: 0
x-fb-debug: /O6E3xyFvGZSuj/gDCaEanrbFrT6t1M9s3ylNSZfiFWeyF0gwyRKJSUaZk21iMB6ti1g2WjGS7BCzqWWvfBGIA==
x-fb-trip-id: 1425083115
x-fb-content-md5: 5a3543d96821f7cf7abf2e151290baf6
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 01 Apr 2021 11:25:54 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "3a5718b5947748354e3b81f72322dd2d"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 rules-p-c99KiP7-l3Cng.js Show response
rules.quantcount.com/ 3 B
359 B 31ms
10ms Script
application/x-javascript 2600:9000:2182:7e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-c99KiP7-l3Cng.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:7e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 09:08:35 GMT
via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 20:54:26 GMT
server: AmazonS3
age: 8240
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: _EzCQPayG2OLQggUmQqmDzXpzJu6SEoYaVpE9MMovEVGeqY50Jb1ZA==

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
533 B 34ms
15ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://theweek.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 SetPermissionWithData Show response
initiate.zeddit.com/ 389 B
1 KB 112ms
86ms Script
text/html 2606:4700:20::681a:587
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://initiate.zeddit.com/SetPermissionWithData?origId=&curSession=&pid=&sxTg=NA&tId=57b24947-762d-4ac0-a8a5-08e3b39f9d8c&refer=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk&callback=jsonp1617276518553

Requested by

Host: d2ip7iv1l4ergv.cloudfront.net
URL: https://d2ip7iv1l4ergv.cloudfront.net/embed/widget/subxGDL.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:587 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1f61d908bcfa1f811383221a48754fc7e6a47f30d2f574ec0fca7862cb1b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uq%2Bhw8XgAh7yhrDkYSEwGahkn8pMdk0TCLArh0r3%2FRfRnUMAl1M0VZEolqoV%2FaZDW7c5FCr08WP86U8I%2FpK4ntThXm2I9DvnMVM%2BGbEjmMoydRi2c%2FqbTI%2Fx5PRX6rIT"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache
cf-request-id: 092ec7d75a000005d09c089000000001
cf-ray: 6391759ef81205d0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
apigw-requestid: dGgWZjobLPEEMGg=

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
368 B 86ms
86ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3644&u=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk&pid=4ykq6mfkouVwI&cb=0&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F359%2Ftheweek.com%2Fspeed_reads%22%7D%5D&cfgv=0&gdpre=1&gdprc=CPD-L0kPD-L0kAGABCENBTCgAAAAAH_AABpYAAAPKAIMBAUAgCFsAAQIFCIQAAQhiQAAAAFBCIBQJIAMqgAWVwEdoIAACAxAQgAAgBBQgwCAAQCAJKAgBACwQCAAiAQAAgAEAIAAEJBILACwEAAAFAJCBAiACECAgiAAg5DAgIgCCAFABAAAuJDACAMosACBBgBUIAJQggGAgMgEACOAGWANQAdgBSwDeAJiAYEIgFABWAGWANQAdgBAAClgGsAOqAfIBgQkAGAA4Ac4CSwkBIABAAPAArACJAGWANQAfoBAAClgGKANYAbQA3gB8gExAJlAYEAwYKAEAB2AL4AYQCSw0A0AKwAywBqADsAIAAQUApYBrADeAHVAPkAioBgQcAEAA4BJYqASAI4AZYA1AB2AFLAN4AmIBgQDch0AoAHwAVgBqAD9ALEAXMAxQB1AF2gNEHgAwAVAEZASWQgEACOAGoAUMAxQB1AF2gNEAdqRABAAqAIySgEgAIAB4AG0ARIAwgDFAHUAXaA7UmABAIyUgDAFDALmAbQBWwC7QHalQAYAKgAfAJLA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://theweek.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 4rVVcriqhAX4N4rZDQ7it6CrzSwi1dST07OkOeSE46PecGVHJ_TYvw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
368 B 86ms
86ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3644&u=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8PH4_o7cFFWmH1CPvqif-wwyc_8qala_P8Ka8stN-aRK03qHlZcEPFym4dcvxU_Cn2X6cfbDI7K-C6SEDJkZAMhJZtCGWO0XWrPUlqeLpjKPl3KEk&pid=4ykq6mfkouVwI&cb=1&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F359%2Ftheweek.com%2Fspeed_reads%22%7D%5D&cfgv=0&gdpre=1&gdprc=CPD-L0kPD-L0kAGABCENBTCgAAAAAH_AABpYAAAPKAIMBAUAgCFsAAQIFCIQAAQhiQAAAAFBCIBQJIAMqgAWVwEdoIAACAxAQgAAgBBQgwCAAQCAJKAgBACwQCAAiAQAAgAEAIAAEJBILACwEAAAFAJCBAiACECAgiAAg5DAgIgCCAFABAAAuJDACAMosACBBgBUIAJQggGAgMgEACOAGWANQAdgBSwDeAJiAYEIgFABWAGWANQAdgBAAClgGsAOqAfIBgQkAGAA4Ac4CSwkBIABAAPAArACJAGWANQAfoBAAClgGKANYAbQA3gB8gExAJlAYEAwYKAEAB2AL4AYQCSw0A0AKwAywBqADsAIAAQUApYBrADeAHVAPkAioBgQcAEAA4BJYqASAI4AZYA1AB2AFLAN4AmIBgQDch0AoAHwAVgBqAD9ALEAXMAxQB1AF2gNEHgAwAVAEZASWQgEACOAGoAUMAxQB1AF2gNEAdqRABAAqAIySgEgAIAB4AG0ARIAwgDFAHUAXaA7UmABAIyUgDAFDALmAbQBWwC7QHalQAYAKgAfAJLA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://theweek.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: LapQrz1z_UyQAodmaFHZ8MDj_AYbvtBElhyKNuihwTTUR-3GD1RMfA==

GET
H2 200 fb1020.jpg.webp
images.theweek.com/sites/default/files/ 7 KB
7 KB 48ms
15ms Image
image/webp 2600:9000:2182:7a00:1f:10c0:9300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.theweek.com/sites/default/files/fb1020.jpg.webp?resize=100x100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7a00:1f:10c0:9300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

13aab5ccbd47417b02f27e67ed2fb0d653d5afe77551781e37f218c8276aa875

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 10:32:22 GMT
via: 1.1 varnish-v4, 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3212
x-cache: Hit from cloudfront
content-length: 6794
x-internal-host: db2.theweek.com
access-control-allow-origin: *
server: nginx/1.12.2
x-cache-api: MISS (ec2-35-165-109-162)
x-varnish: 627571268
x-cacheable-api: YES (ec2-35-165-109-162)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: K9sWJoyqTTvfUZgx7ZmBBhotaA3qSwHWjucdSEC4O_yo390D9ZYcKA==
expires: Thu, 01 Apr 2021 11:32:22 GMT

GET
H2 200 gettyimages-1128135352_0.jpg.webp
images.theweek.com/sites/default/files/styles/tw_image_6_4/public/ 1 KB
2 KB 65ms
32ms Image
image/webp 2600:9000:2182:7a00:1f:10c0:9300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.theweek.com/sites/default/files/styles/tw_image_6_4/public/gettyimages-1128135352_0.jpg.webp?itok=9eo3K6fC&resize=90x90

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7a00:1f:10c0:9300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

34764877071bc2e939cdebb3b3c1a44094a2d936bd72d6685148e5a3732373f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 10:34:06 GMT
via: 1.1 varnish-v4, 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3108
x-cache: Hit from cloudfront
content-length: 1402
x-internal-host: db2.theweek.com
access-control-allow-origin: *
server: nginx/1.12.2
x-cache-api: MISS (ec2-35-165-109-162)
x-varnish: 627309802
x-cacheable-api: YES (ec2-35-165-109-162)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: qniXwr3VFFkjIGJEOgY0l25qO5XNmKC2tdFV4689zQF7ZT2I4FLb2A==
expires: Thu, 01 Apr 2021 11:34:06 GMT

GET
H2 200 gettyimages-1304253770.jpg.webp
images.theweek.com/sites/default/files/styles/tw_image_6_4/public/ 1 KB
2 KB 473ms
441ms Image
image/webp 2600:9000:2182:7a00:1f:10c0:9300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.theweek.com/sites/default/files/styles/tw_image_6_4/public/gettyimages-1304253770.jpg.webp?itok=c3-xNEA6&resize=90x90

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7a00:1f:10c0:9300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

4b31b378f39c6defa128738b8c0074fb788cdc07c925fbcc0c44a444f4de9dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
via: 1.1 varnish-v4, 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 0
x-cache: Miss from cloudfront
content-length: 1244
x-internal-host: db2.theweek.com
access-control-allow-origin: *
server: nginx/1.12.2
x-cache-api: MISS (ec2-35-165-109-162)
x-varnish: 630000595
x-cacheable-api: YES (ec2-35-165-109-162)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: 7AxiwFGKEbN8Wjvwd86FlTtDMp0f3its_lABlCpsKL2Fys7dSzgMsQ==
expires: Thu, 01 Apr 2021 12:25:54 GMT

GET
H2 200 gettyimages-1306033200.jpg.webp
images.theweek.com/sites/default/files/styles/tw_image_6_4/public/ 1 KB
2 KB 53ms
20ms Image
image/webp 2600:9000:2182:7a00:1f:10c0:9300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.theweek.com/sites/default/files/styles/tw_image_6_4/public/gettyimages-1306033200.jpg.webp?itok=ZVAmevx1&resize=90x90

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7a00:1f:10c0:9300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

ef646c6efb9d0d0154b37742605cc70a052dfefb2c6bbe51efc62b6a4c0e472b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 10:40:54 GMT
via: 1.1 varnish-v4, 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2700
x-cache: Hit from cloudfront
content-length: 1110
x-internal-host: db2.theweek.com
access-control-allow-origin: *
server: nginx/1.12.2
x-cache-api: MISS (ec2-35-165-109-162)
x-varnish: 629644463
x-cacheable-api: YES (ec2-35-165-109-162)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: zck_gdaltrjsbC_wT5KVXg1mrY-YlheUF3uJCSvmzHGgXhaTHLpcUA==
expires: Thu, 01 Apr 2021 11:40:54 GMT

GET
H2 200 gettyimages-1232046339.jpg.webp
images.theweek.com/sites/default/files/styles/tw_image_6_4/public/ 1 KB
2 KB 488ms
456ms Image
image/webp 2600:9000:2182:7a00:1f:10c0:9300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.theweek.com/sites/default/files/styles/tw_image_6_4/public/gettyimages-1232046339.jpg.webp?itok=V_eVXkwF&resize=90x90

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7a00:1f:10c0:9300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

ae9cad86f8b6139ac389de8bcfda669ce0687e8758a2c2907aeef9adc2cc3c97

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
via: 1.1 varnish-v4, 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 0
x-cache: Miss from cloudfront
content-length: 1294
x-internal-host: db2.theweek.com
access-control-allow-origin: *
server: nginx/1.12.2
x-cache-api: MISS (ec2-35-165-109-162)
x-varnish: 630000598
x-cacheable-api: YES (ec2-35-165-109-162)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: kfF_y9O-um0z2NvC91CI5zjpu85Bg5YQ-hdQR8OwghVxILLsj3HHJw==
expires: Thu, 01 Apr 2021 12:25:54 GMT

GET
H2 200 screen_shot_2021-03-31_at_10.46.25_pm.png.webp
images.theweek.com/sites/default/files/styles/tw_image_6_4/public/ 1 KB
2 KB 29ms
28ms Image
image/webp 2600:9000:2182:7a00:1f:10c0:9300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.theweek.com/sites/default/files/styles/tw_image_6_4/public/screen_shot_2021-03-31_at_10.46.25_pm.png.webp?itok=zMLd3n8K&resize=90x90

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7a00:1f:10c0:9300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

beac9c8bb07c5342d3f859056b4475cfba189e9ea1041dd614a35719e229bfc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:07:36 GMT
via: 1.1 varnish-v4, 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1098
x-cache: Hit from cloudfront
content-length: 1468
x-internal-host: db2.theweek.com
access-control-allow-origin: *
server: nginx/1.12.2
x-cache-api: MISS (ec2-35-165-109-162)
x-varnish: 629130144
x-cacheable-api: YES (ec2-35-165-109-162)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: KLgilnr3a0rN1Lwxb0HFysN9AVgR6D1wikXObXIgIfJy-ydR34CkKg==
expires: Thu, 01 Apr 2021 12:07:36 GMT

GET
H2 200 gettyimages-1232050558.jpg.webp
images.theweek.com/sites/default/files/styles/tw_image_6_4/public/ 924 B
1 KB 450ms
449ms Image
image/webp 2600:9000:2182:7a00:1f:10c0:9300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.theweek.com/sites/default/files/styles/tw_image_6_4/public/gettyimages-1232050558.jpg.webp?itok=NR7OdsfX&resize=90x90

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7a00:1f:10c0:9300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

0f4620e714176aa75fb45953e276028060293202ad77dd0127e3b860458f0e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
via: 1.1 varnish-v4, 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 0
x-cache: Miss from cloudfront
content-length: 924
x-internal-host: db2.theweek.com
access-control-allow-origin: *
server: nginx/1.12.2
x-cache-api: MISS (ec2-35-165-109-162)
x-varnish: 629458876
x-cacheable-api: YES (ec2-35-165-109-162)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: xOD1z-V6724mmx_Kb8SC4HkruzS8qd1MbD8vrMn-T4T1BaeAtlkqSA==
expires: Thu, 01 Apr 2021 12:25:54 GMT

GET
H2 200 screen_shot_2021-03-31_at_11.16.23_pm.png.webp
images.theweek.com/sites/default/files/styles/tw_image_6_4/public/ 1 KB
1 KB 28ms
27ms Image
image/webp 2600:9000:2182:7a00:1f:10c0:9300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.theweek.com/sites/default/files/styles/tw_image_6_4/public/screen_shot_2021-03-31_at_11.16.23_pm.png.webp?itok=o5NxguqQ&resize=90x90

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7a00:1f:10c0:9300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

42e93e94c1a969c480a74f2043d9a62f5741a9c1f6e0a82a13d3301a903bbde2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:16:11 GMT
via: 1.1 varnish-v4, 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 583
x-cache: Hit from cloudfront
content-length: 1056
x-internal-host: db2.theweek.com
access-control-allow-origin: *
server: nginx/1.12.2
x-cache-api: MISS (ec2-35-165-109-162)
x-varnish: 628747281
x-cacheable-api: YES (ec2-35-165-109-162)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: THdHu-p7PZvPZX5skMJeUSyiDHeCDdA9jagUJYIIairjumtrylPP0Q==
expires: Thu, 01 Apr 2021 12:16:11 GMT

GET
H2 200 gettyimages-1128135352_0.jpg.webp
images.theweek.com/sites/default/files/styles/tw_image_6_4/public/ 3 KB
4 KB 35ms
21ms Image
image/webp 2600:9000:2182:7a00:1f:10c0:9300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.theweek.com/sites/default/files/styles/tw_image_6_4/public/gettyimages-1128135352_0.jpg.webp?itok=9eo3K6fC&resize=180x180

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:7a00:1f:10c0:9300:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

80d6c143c04a206bcf05746be60152b9f4a2638e8dbfb8a84efd4fdf201fc185

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:09:10 GMT
via: 1.1 varnish-v4, 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1004
x-cache: Hit from cloudfront
content-length: 3448
x-internal-host: db2.theweek.com
access-control-allow-origin: *
server: nginx/1.12.2
x-cache-api: MISS (ec2-35-165-109-162)
x-varnish: 629103923
x-cacheable-api: YES (ec2-35-165-109-162)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: KOu0ysKibmicNTozLhDdqamZUNGYp4E8vve4RDuJn6C3IwFhP3J48g==
expires: Thu, 01 Apr 2021 12:09:10 GMT

GET
H2 200 jhMHNPH3upE Show response
www.youtube.com/embed/ Frame DAEB 50 KB
21 KB 123ms
122ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jhMHNPH3upE

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad7cafdba8b70b965b4779feee9765a2bab49092ac08baadd8173fcd01e0e161

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/jhMHNPH3upE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=9GDqcFYC_zk; VISITOR_INFO1_LIVE=HgHAb48i0WI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Apr 2021 11:25:54 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+004; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cxvRXWR9438 Show response
www.youtube.com/embed/ Frame D49A 50 KB
21 KB 58ms
58ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/cxvRXWR9438

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75e43e21ee560551967183393ca63d517306ef2c05705a4a35b85b779521cd0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/cxvRXWR9438
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=9GDqcFYC_zk; VISITOR_INFO1_LIVE=HgHAb48i0WI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Apr 2021 11:25:54 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+059; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Cfnbf98kR-Q Show response
www.youtube.com/embed/ Frame 2AA6 51 KB
22 KB 52ms
52ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Cfnbf98kR-Q

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

371fde0bbbc1c422851eda09da8cf602a7aca10f93a95381219e9b85035af7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Cfnbf98kR-Q
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=9GDqcFYC_zk; VISITOR_INFO1_LIVE=HgHAb48i0WI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Apr 2021 11:25:54 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+856; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 uJcchib4hCw Show response
www.youtube.com/embed/ Frame F71B 50 KB
21 KB 51ms
51ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/uJcchib4hCw

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b727d608a9a74bfc425f201c41fbd4939e7c12dd14b2951e03b1b92847be3ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/uJcchib4hCw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=9GDqcFYC_zk; VISITOR_INFO1_LIVE=HgHAb48i0WI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Apr 2021 11:25:54 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+604; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 7AY_fsySKSA Show response
www.youtube.com/embed/ Frame F28B 50 KB
21 KB 48ms
48ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/7AY_fsySKSA

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85fd4e012d34c3966e348add38d14ed4c272bbb0bd47bc35a0d0fc95c3573411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/7AY_fsySKSA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=9GDqcFYC_zk; VISITOR_INFO1_LIVE=HgHAb48i0WI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Apr 2021 11:25:54 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+439; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 381 Show response
dennis.blueconic.net/DG/DEFAULT/rest/rpc/ 720 B
1 KB 44ms
44ms XHR
application/json 108.128.220.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dennis.blueconic.net/DG/DEFAULT/rest/rpc/381?referer=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&bcsessionid=33b74249-ed13-4bb3-8007-9fe78ff769ce&bctempid=&overruleReferrer=&time=2021-04-01T13%3A25%3A54%2B02%3A00&ts=1617276354450

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.220.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-220-162.eu-west-1.compute.amazonaws.com

Software

- /

Resource Hash

2c7849a4c6bc737742805a252d0ed7a58883c4cce575000412887e3b814ca603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://theweek.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 471
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 381 Show response
dennis.blueconic.net/DG/DEFAULT/rest/rpc/ 275 B
884 B 36ms
36ms XHR
application/json 108.128.220.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dennis.blueconic.net/DG/DEFAULT/rest/rpc/381?referer=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&bcsessionid=33b74249-ed13-4bb3-8007-9fe78ff769ce&bctempid=&overruleReferrer=&time=2021-04-01T13%3A25%3A54%2B02%3A00&ts=1617276354461

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.220.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-220-162.eu-west-1.compute.amazonaws.com

Software

- /

Resource Hash

292ba4727425b25ed5f0d0dc7ef68566f384ab3354336430bf903786117313bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://theweek.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 153
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 381 Show response
dennis.blueconic.net/DG/DEFAULT/rest/rpc/ 138 B
876 B 36ms
36ms XHR
application/json 108.128.220.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dennis.blueconic.net/DG/DEFAULT/rest/rpc/381?referer=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&bcsessionid=33b74249-ed13-4bb3-8007-9fe78ff769ce&bctempid=&overruleReferrer=&time=2021-04-01T13%3A25%3A54%2B02%3A00&ts=1617276354463

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.220.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-220-162.eu-west-1.compute.amazonaws.com

Software

- /

Resource Hash

c74de3b3122a424d7bf1330e18e71444cc5377e06970eaf11a5e33e8899f75b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://theweek.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 144
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
dennis.blueconic.net/DG/DEFAULT/ 66 B
861 B 34ms
32ms Script
text/javascript 108.128.220.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dennis.blueconic.net/DG/DEFAULT/cs?bcsessionid=33b74249-ed13-4bb3-8007-9fe78ff769ce&&callback=bc_json382

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/dennis.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.220.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-220-162.eu-west-1.compute.amazonaws.com

Software

- /

Resource Hash

27e8bf0cb08c07b113b889a6cbe31b808d9909c2b5c7493b36def17292b9aee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html Show response
platform.twitter.com/widgets/ Frame A0FD 320 KB
104 KB 15ms
15ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Ftheweek.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://theweek.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1866906
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Apr 2021 11:25:54 GMT
Etag: "e9ffeb87a3b6f068499be71966b442d9+gzip"
Last-Modified: Wed, 03 Mar 2021 19:20:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BC3)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105690

GET
H2 200 465576534193662 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/465576534193662?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

380386116d8835e377b515878cc5297bf27cabe508f68c63148758e4e512df28

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70754
x-fb-rlafr: 0
pragma: public
x-fb-debug: LCs68HpBkuf7uaS32MppXybi0G/V4R0vMep0vfNN8PlOOagutNSPcNi7CWCU9FwsYBd9R9fB5HNyEAW7T2QFlQ==
x-fb-trip-id: 1425083115
x-frame-options: DENY
date: Thu, 01 Apr 2021 11:25:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 36ms
11ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=680856479121812&ev=KWCEPV&dl=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&rl=&if=false&ts=1617276354488&cd[noad30]=0&cd[noadcm]=0&cd[nokart]=0&cd[pvps]=1&cd[slensec]=0&cd[ar30d]=0&cd[arcm]=0&cd[kar30d]=0&cd[karcm]=0&cd[ts30d]=0&cd[tscm]=0&cd[kru]=0&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1617276354487.979589945&it=1617276354244&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=2&rqm=GET

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 01 Apr 2021 11:25:54 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 36ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=680856479121812&ev=PageView&dl=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&rl=&if=false&ts=1617276354490&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1617276354487.979589945&it=1617276354244&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 01 Apr 2021 11:25:54 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
462 B 35ms
14ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://theweek.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame 6198 5 KB
2 KB 111ms
77ms Document
text/html 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=5945

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ae2d80dd86f277faf6648715e01b2114e01d8d8478924821ee816ad23ef9fea

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.dianomi.com
:scheme: https
:path: /smartads.epl?id=5945
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbebb0f62df5ec45bc7456e17a45dc89e1617276354; expires=Sat, 01-May-21 11:25:54 GMT; path=/; domain=.dianomi.com; HttpOnly; SameSite=Lax
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=60; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/2900/13.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
cf-request-id: 092ec7d80900002014c4221000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 639175a0088e2014-AMS
content-encoding: br
cf-h2-pushed: </img/a/pss/2900/13.css>

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame 3CDA 5 KB
2 KB 108ms
76ms Document
text/html 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=5947

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f17d275ee6e1c658258b1a2dbfa3e673e01b6b90e477e5258e03f28f04ea4ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.dianomi.com
:scheme: https
:path: /smartads.epl?id=5947
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbebb0f62df5ec45bc7456e17a45dc89e1617276354; expires=Sat, 01-May-21 11:25:54 GMT; path=/; domain=.dianomi.com; HttpOnly; SameSite=Lax
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=60; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/2900/13.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
cf-request-id: 092ec7d80900002014ff33f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 639175a0088f2014-AMS
content-encoding: br
cf-h2-pushed: </img/a/pss/2900/13.css>

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame D990 5 KB
2 KB 105ms
74ms Document
text/html 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=5948

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

346aec395871633c6b8401a7ec46bc0063bc2c08f135d4cae8f5237ae611bc22

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.dianomi.com
:scheme: https
:path: /smartads.epl?id=5948
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbebb0f62df5ec45bc7456e17a45dc89e1617276354; expires=Sat, 01-May-21 11:25:54 GMT; path=/; domain=.dianomi.com; HttpOnly; SameSite=Lax
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=60; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/2900/13.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
cf-request-id: 092ec7d80a00002014e523f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 639175a008972014-AMS
content-encoding: br
cf-h2-pushed: </img/a/pss/2900/13.css>

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame D482 5 KB
1 KB 131ms
101ms Document
text/html 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=5948

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65bccf88f88115be834c412f42124cef2d42f4ddcde9701fc1cd4310f89a8b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.dianomi.com
:scheme: https
:path: /smartads.epl?id=5948
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbebb0f62df5ec45bc7456e17a45dc89e1617276354; expires=Sat, 01-May-21 11:25:54 GMT; path=/; domain=.dianomi.com; HttpOnly; SameSite=Lax
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=60; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/2900/13.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
cf-request-id: 092ec7d8090000201405928000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 639175a008902014-AMS
content-encoding: br
cf-h2-pushed: </img/a/pss/2900/13.css>

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame B7DA 5 KB
2 KB 132ms
102ms Document
text/html 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=5948

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de4cb59a08c7506ae78ad0a90e215e6461264003473ced6445afc86720e2f4b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.dianomi.com
:scheme: https
:path: /smartads.epl?id=5948
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbebb0f62df5ec45bc7456e17a45dc89e1617276354; expires=Sat, 01-May-21 11:25:54 GMT; path=/; domain=.dianomi.com; HttpOnly; SameSite=Lax
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=60; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/2900/13.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
cf-request-id: 092ec7d80a000020142d8cf000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 639175a008942014-AMS
content-encoding: br
cf-h2-pushed: </img/a/pss/2900/13.css>

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame D150 5 KB
2 KB 122ms
93ms Document
text/html 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=5948

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ea822352510597efb126cd043ecd5d1226ce556be0110c0df5783d3d95378b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.dianomi.com
:scheme: https
:path: /smartads.epl?id=5948
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbebb0f62df5ec45bc7456e17a45dc89e1617276354; expires=Sat, 01-May-21 11:25:54 GMT; path=/; domain=.dianomi.com; HttpOnly; SameSite=Lax
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=60; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/2900/13.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
cf-request-id: 092ec7d80d00002014e8b03000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 639175a008962014-AMS
content-encoding: br
cf-h2-pushed: </img/a/pss/2900/13.css>

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/110954/ Frame 8391
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/110954/connatix.player.dc.js

987 KB
215 KB

21ms
20ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/110954/connatix.player.dc.js
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4e218e3fc6a2cd4db7394de52429103322f41c7a35c978538cbc4e604eb703bf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
last-modified: Thu, 01 Apr 2021 08:18:26 GMT
age: 10918
etag: "3d602b67409a9e96a13ad41d31b1a7c4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 220366

Redirect headers

location: https://cds.connatix.com/p/110954/connatix.player.dc.js
date: Thu, 01 Apr 2021 11:25:54 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
age: 0
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H2 200 adsct
t.co/i/ 43 B
456 B 177ms
134ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o4oal&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 01 Apr 2021 11:25:54 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: a146d2f7ae62d7a295749fb7a4011e47cd0f294eba59bb39ae512e507c1d4062
x-transaction: e0da4b79edc2f2be
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 304ms
100ms Image
image/gif 34.230.209.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=theweek.com&p=%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&u=jFMEbDjjj3Obs6Sy&d=theweek.com&g=8273&g0=news%2Cspeedread&g1=Catherine%20Garcia&n=1&f=00001&c=0&x=0&m=0&y=14205&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2256&t=B3Ke3FBnEsr_J6KlO0vlVyeUo2&V=125&i=Report%3A%20Manhattan%20prosecutors%20subpoena%20bank%20records%20of%20Trump%20Organization%20CFO&tz=-120&sn=1&sv=DcTvoaDr4VteY7Vqg-sycnDBAFy0&sd=1&im=067b2fff&_
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.209.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-54145327-1&cid=1777496210.1617276355&jid=1461027566&gjid=1142457135&_gid=785659572.1617276355&_u=aGBAgEADQAQCAE~&z=1887960262

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Apr 2021 11:25:54 GMT
content-type: text/plain
access-control-allow-origin: https://theweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
123 B 46ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=78047029&t=pageview&_s=1&dl=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&ul=en-us&de=UTF-8&dt=Report%3A%20Manhattan%20prosecutors%20subpoena%20bank%20records%20of%20Trump%20Organization%20CFO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAQCAG~&jid=1108859251&gjid=1723627358&cid=1777496210.1617276355&tid=UA-54145327-3&_gid=785659572.1617276355&_r=1&gtm=2wg3o0WNVDSB&cd4=20210331&cd5=News&cd6=Catherine%20Garcia&cd8=975092&cd12=speedread&cd52=speedread%2CNews&cd55=Report%3A%20Manhattan%20prosecutors%20subpoena%20bank%20records%20of%20Trump%20Organization%20CFO&cd85=null&cd102=undefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined%7Cundefined&cd124=&z=1550691585

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 89 KB
35 KB 41ms
34ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-K6L2STV&t=gtm34&cid=1777496210.1617276355

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4beebdb42ef98dccd2072fe2ec45fde764fe3681703ae40318ceb2fe72b0e642

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35944
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Apr 2021 11:25:54 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
384 B 26ms
20ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=78047029&t=pageview&_s=1&dl=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&ul=en-us&de=UTF-8&dt=Report%3A%20Manhattan%20prosecutors%20subpoena%20bank%20records%20of%20Trump%20Organization%20CFO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEADQAQC~&jid=1461027566&gjid=1142457135&cid=1777496210.1617276355&tid=UA-54145327-1&_gid=785659572.1617276355&gtm=2wg3o0WNVDSB&cd1=%5Bspeedread%2CNews%5D&cd3=%5BCatherine%20Garcia%5D&cd4=2021-03-31%2023%3A37%3A00&z=2094655297

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 12:53:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81147
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Notice.37f30.css
cdn.privacy-mgmt.com/ Frame 449B 29 KB
5 KB 21ms
21ms Stylesheet
text/css 13.226.159.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Notice.37f30.css
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=406609&consentUUID=c7de53be-64fc-4641-add7-629057be117f&requestUUID=c34b1514-165e-45ea-be2f-4141bdf4f6f5&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-31.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f34567304f288693cf33a0b0ff04fa42ed930db606948b4d5e6a9c715865affa

Request headers

Referer: https://cdn.privacy-mgmt.com/index.html?message_id=406609&consentUUID=c7de53be-64fc-4641-add7-629057be117f&requestUUID=c34b1514-165e-45ea-be2f-4141bdf4f6f5&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 10:45:42 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 18:45:34 GMT
server: AmazonS3
age: 2413
etag: W/"227670f327655cdc0f6317b8d0f58d27"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: YjproZaZZ66KyYd4a12jZcxULU0xFLmenknjgUOArR1iFC56_M3GHQ==

GET
H2 200 GetCustomDataWidget Show response
entry.zeddit.com/widget/ 1 KB
919 B 80ms
70ms Script
text/html 2606:4700:20::681a:587
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entry.zeddit.com/widget/GetCustomDataWidget?p_id=996&wid=0&page_size=4&type=canvas-panel&page_id=1&lc=0&filter_type=&filter_value=&sxTg=control&clickedId=0&iss=1708526&dtId=D210401%2FahQmbk6Qt4Wg%2BUx56VSRnQ6O9RAemvajCTJJDDFILw%3D&rrc=&display=0&isnew=0&animation_type=popup&isContentGate=0&tP=0&dp=1&pv=1&apiKey=jovz__1y&isreturn=0&ss=&isSlideClose=0&isSlideCloseAlt=0&dS=1&cPs=1&freq=1&lPs=0&lVd=2021-4-1&isEmailAud=0&isPanelAud=0&isRegAud=0&isDropoff=0&sxrd=0&host=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&callback=jsonp1617277196252

Requested by

Host: bypass.theweek.com
URL: https://bypass.theweek.com/js/5040ba6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:587 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b4af16bc8d535eaa5923706be1899d9d5e40e33f32d1677dccbace56f70240d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OS0%2BrR6mqOvkEFqrLBnJE0CAxgQuBPx%2Fy07CMihK8QMjSsQug9iBL5K9RoW0wTOmT%2BsoIxArmTVvIXH4AKycN4XfhFnabN%2FT%2BAPY90G8ZwzjYZHOexqcqOltvuLo"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache
cf-request-id: 092ec7d853000005d036a86000000001
cf-ray: 639175a08abb05d0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
apigw-requestid: dGgWbh2GrPEEJog=

GET
H2 200 GetCustomDataWidget Show response
entry.zeddit.com/widget/ 1 KB
924 B 69ms
66ms Script
text/html 2606:4700:20::681a:587
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entry.zeddit.com/widget/GetCustomDataWidget?p_id=996&wid=0&page_size=4&type=canvas-panel&page_id=1&lc=0&filter_type=&filter_value=&sxTg=control&clickedId=0&iss=1708526&dtId=D210401%2FahQmbk6Qt4Wg%2BUx56VSRnQ6O9RAemvajCTJJDDFILw%3D&rrc=&display=0&isnew=0&animation_type=slide&isContentGate=0&tP=0&dp=1&pv=1&apiKey=jovz__1y&isreturn=0&ss=&isSlideClose=0&isSlideCloseAlt=0&dS=1&cPs=1&freq=1&lPs=0&lVd=2021-4-1&isEmailAud=0&isPanelAud=0&isRegAud=0&isDropoff=0&sxrd=0&host=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&callback=jsonp1617277226775

Requested by

Host: bypass.theweek.com
URL: https://bypass.theweek.com/js/5040ba6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:587 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a20a17cd7b49941206eed99fb28e073d98e9ed7c18fbf919f2e86b05de0f9f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fELMDgKLUzNZ84pJC8PR7%2Ft1DcQPDmCHMXt6F1fOaFHp4AApuaHIFp%2FsD7xqmsERq2lB%2FVIeVVd%2Bz94wSMmyxPFI2EO1c7FK%2BHf4wnO7Rb5a3T84%2FlW0xgjAKlTl"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache
cf-request-id: 092ec7d853000005d095007000000001
cf-ray: 639175a08abc05d0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
apigw-requestid: dGgWbi6WLPEEJKA=

GET
H2 200 GetCustomDataWidget Show response
entry.zeddit.com/widget/ 1 KB
925 B 72ms
72ms Script
text/html 2606:4700:20::681a:587
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entry.zeddit.com/widget/GetCustomDataWidget?p_id=996&wid=0&page_size=4&type=canvas-email&page_id=1&lc=0&filter_type=&filter_value=&sxTg=control&clickedId=0&iss=1708526&dtId=D210401%2FahQmbk6Qt4Wg%2BUx56VSRnQ6O9RAemvajCTJJDDFILw%3D&rrc=&display=0&isnew=0&animation_type=popup&isContentGate=0&tP=0&dp=1&pv=1&apiKey=jovz__1y&isreturn=0&ss=&isSlideClose=0&isSlideCloseAlt=0&dS=1&cPs=1&freq=1&lPs=0&lVd=2021-4-1&isEmailAud=0&isPanelAud=0&isRegAud=0&isDropoff=0&sxrd=0&host=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&callback=jsonp1617276645402

Requested by

Host: bypass.theweek.com
URL: https://bypass.theweek.com/js/5040ba6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:587 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21d9f6ae6c202ad02b14a08371e97db262a0d8b36cc1eea6a4d57a9711846a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NcJBtQ6EXW%2Fo37GaDTjOXmUtu1tj97Mw%2Ff40iIROUxm0ZBJfXwGwMvm9Kcy67neoZMP%2BIigt5DGNoTzKq3oTj1EhP%2FeaaPEFTRLqVrHr9E%2FX3%2BvNQWdJv8vt98iF"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache
cf-request-id: 092ec7d855000005d0b68c3000000001
cf-ray: 639175a08ac605d0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
apigw-requestid: dGgWbjp9LPEEKYQ=

GET
H2 200 GetCustomDataWidget Show response
entry.zeddit.com/widget/ 1 KB
920 B 142ms
113ms Script
text/html 2606:4700:20::681a:587
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://entry.zeddit.com/widget/GetCustomDataWidget?p_id=996&wid=0&page_size=4&type=canvas-email&page_id=1&lc=0&filter_type=&filter_value=&sxTg=control&clickedId=0&iss=1708526&dtId=D210401%2FahQmbk6Qt4Wg%2BUx56VSRnQ6O9RAemvajCTJJDDFILw%3D&rrc=&display=0&isnew=0&animation_type=slide&isContentGate=0&tP=0&dp=1&pv=1&apiKey=jovz__1y&isreturn=0&ss=&isSlideClose=0&isSlideCloseAlt=0&dS=1&cPs=1&freq=1&lPs=0&lVd=2021-4-1&isEmailAud=0&isPanelAud=0&isRegAud=0&isDropoff=0&sxrd=0&host=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&callback=jsonp1617277150019

Requested by

Host: bypass.theweek.com
URL: https://bypass.theweek.com/js/5040ba6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:587 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ae5bdb90e77274f7119f2c3705db3fc342ad30ff314099a61f433ce6e254dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nWptNXrIrxBK%2BwnVkJvmRZsddt2E3zCImPFEMia8AKMle5M8v2KhS9R2wfESdhUSgnl0Rec4ScVHvIHuhaFa5LpfeEcbyB8PrMpeYhQ4P1fS7AkF1t6gO5ERMeZJ"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache
cf-request-id: 092ec7d8b7000005d0af8b6000000001
cf-ray: 639175a12c3c05d0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
apigw-requestid: dGgWdibfLPEEJ0Q=

GET
H2 200 SaveDataWithCheckPermission Show response
datatracking.zeddit.com/ 267 B
631 B 140ms
93ms Script
text/html 2606:4700:20::681a:587
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://datatracking.zeddit.com/SaveDataWithCheckPermission?apiKey=jovz__1y&action=1&origId=D210401%2FahQmbk6Qt4Wg%2BUx56VSRnQ6O9RAemvajCTJJDDFILw%3D&curSession=1708526&external=1&pid=996&dtype=0&vtype=1&host=https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&callback=jsonp1617276841164

Requested by

Host: bypass.theweek.com
URL: https://bypass.theweek.com/js/5040ba6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:587 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02affd96a8972b933d7a3c2f7cd1398b512a95612103937c5579ef0bd423eff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amzn-requestid: 97b87f76-d94a-4095-8417-b06f48583d56
x-amz-apigw-id: dGgWdG1HrPEFthQ=
cf-request-id: 092ec7d8c9000005d0569a1000000001
server: cloudflare
x-amzn-trace-id: Root=1-6065adc2-011db53a6631076d4a4dc17f;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PKme%2Fof95nHch4balRoViVmlpqAmd32tqn3oWuKXMxKca%2FumgNycK3Ig6pzT8yy8EMf7v%2FSwRuum98TlgZj745FiKuB1VT7%2BHXODe7m769CW9adHkwfWcAdfy101vyqvwbEyUw%3D%3D"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache
cf-ray: 639175a14c9005d0-FRA

GET
H2 200 polyfills.65071.js Show response
cdn.privacy-mgmt.com/ Frame 449B 5 KB
2 KB 23ms
22ms Script
application/javascript 13.226.159.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/polyfills.65071.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=406609&consentUUID=c7de53be-64fc-4641-add7-629057be117f&requestUUID=c34b1514-165e-45ea-be2f-4141bdf4f6f5&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-31.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Referer: https://cdn.privacy-mgmt.com/index.html?message_id=406609&consentUUID=c7de53be-64fc-4641-add7-629057be117f&requestUUID=c34b1514-165e-45ea-be2f-4141bdf4f6f5&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 10:29:23 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 18:45:34 GMT
server: AmazonS3
age: 3392
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: GI5HsP6f8VwdDcb6kCamW4EuVYPbz9LxobFO2XZf2_LuupFJuyP7HQ==

GET
H2 200 Notice.2f2bf.js Show response
cdn.privacy-mgmt.com/ Frame 449B 170 KB
42 KB 23ms
23ms Script
application/javascript 13.226.159.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Notice.2f2bf.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=406609&consentUUID=c7de53be-64fc-4641-add7-629057be117f&requestUUID=c34b1514-165e-45ea-be2f-4141bdf4f6f5&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-31.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cff6d399aa3793e3ebf9dc4fb7c21d2a846642f2490d6be9effaff766d4ff5ce

Request headers

Referer: https://cdn.privacy-mgmt.com/index.html?message_id=406609&consentUUID=c7de53be-64fc-4641-add7-629057be117f&requestUUID=c34b1514-165e-45ea-be2f-4141bdf4f6f5&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:06:18 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 18:45:34 GMT
server: AmazonS3
age: 1176
etag: W/"c85163727e52a58ce3e4990198570614"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: lwm1-9R7nUNNxzKikp7Br_8BUxDj6F89sjkyJrv1BkCpFnK5PWUi2g==

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 33ms
32ms Fetch
text/plain 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=462337980564780&input_token&origin=1&redirect_uri=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&sdk=joey&wants_cookie_data=false

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: I7iO9eiwDuqHyg8lS3ScsnSeY5MYSS/wfDFSHa7WaJH4gvTXx5jxl3eMjs+LYvAnt1QF7FgAEix+22ZXGpdgNA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 01 Apr 2021 11:25:54 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://theweek.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 4943 34 KB
13 KB 59ms
59ms Document
text/html 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=462337980564780&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b89ac5b6f0ba8%26domain%3Dtheweek.com%26origin%3Dhttps%253A%252F%252Ftheweek.com%252Ff261438eb44138%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Ftheweek&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=77423f0087d959346e87b8b1213c05a0&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2c31bb9c716d1e76e26a1b1ceb38e8e9b0157a867ff57b6469d3e360caa1994

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=462337980564780&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b89ac5b6f0ba8%26domain%3Dtheweek.com%26origin%3Dhttps%253A%252F%252Ftheweek.com%252Ff261438eb44138%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Ftheweek&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: 17/b/yMRZZhHAIk5LpYc6zjtdjAMVzRP+vhtC73M5YquXtdQdArYeNxIPA/yTRkhq6P2tBQpf2Sy1i7SVRjGXQ==
date: Thu, 01 Apr 2021 11:25:54 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/4ad4b014/ Frame F28B 354 KB
52 KB 9ms
7ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7AY_fsySKSA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56f048c95f0a1d5a78704d93885cf3b397251bfb49846bc78ec3a9569363542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7AY_fsySKSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64436
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53213
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:31:58 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/ Frame F28B 162 KB
58 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7AY_fsySKSA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff7c449ce793438eb4bad2682bc26200baab4a588374ced0c5b50550f85f8f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7AY_fsySKSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64474
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59747
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:31:20 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame F28B 2 MB
511 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7AY_fsySKSA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

290714822395f985081e4c9f9156e76907285730057975c705edbbf3ee8e84f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7AY_fsySKSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64333
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 522978
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:33:41 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/ Frame F28B 8 KB
3 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7AY_fsySKSA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7AY_fsySKSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64474
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:31:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F28B 15 KB
15 KB 46ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7AY_fsySKSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 01:51:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 466439
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sun, 27 Mar 2022 01:51:55 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/4ad4b014/ Frame F71B 354 KB
52 KB 12ms
9ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uJcchib4hCw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56f048c95f0a1d5a78704d93885cf3b397251bfb49846bc78ec3a9569363542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uJcchib4hCw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64436
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53213
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:31:58 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/ Frame F71B 162 KB
58 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uJcchib4hCw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff7c449ce793438eb4bad2682bc26200baab4a588374ced0c5b50550f85f8f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uJcchib4hCw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64474
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59747
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:31:20 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame F71B 2 MB
511 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uJcchib4hCw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

290714822395f985081e4c9f9156e76907285730057975c705edbbf3ee8e84f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uJcchib4hCw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64333
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 522978
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:33:41 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/ Frame F71B 8 KB
3 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uJcchib4hCw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uJcchib4hCw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64474
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:31:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F71B 15 KB
15 KB 45ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uJcchib4hCw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 01:51:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 466439
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sun, 27 Mar 2022 01:51:55 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/4ad4b014/ Frame 2AA6 354 KB
52 KB 11ms
9ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Cfnbf98kR-Q

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56f048c95f0a1d5a78704d93885cf3b397251bfb49846bc78ec3a9569363542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Cfnbf98kR-Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64436
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53213
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:31:58 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/ Frame 2AA6 162 KB
58 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Cfnbf98kR-Q

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff7c449ce793438eb4bad2682bc26200baab4a588374ced0c5b50550f85f8f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Cfnbf98kR-Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64474
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59747
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:31:20 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame 2AA6 2 MB
511 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Cfnbf98kR-Q

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

290714822395f985081e4c9f9156e76907285730057975c705edbbf3ee8e84f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Cfnbf98kR-Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64333
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 522978
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:33:41 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/ Frame 2AA6 8 KB
3 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Cfnbf98kR-Q

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Cfnbf98kR-Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64474
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:31:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2AA6 15 KB
15 KB 48ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Cfnbf98kR-Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 01:51:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 466439
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sun, 27 Mar 2022 01:51:55 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 58ms
19ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=680856479121812&ev=PageView&dl=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&rl=&if=false&ts=1617276354688&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&fbp=fb.1.1617276354487.979589945&it=1617276354244&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 01 Apr 2021 11:25:54 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 53ms
18ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=465576534193662&ev=PageView&dl=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&rl=&if=false&ts=1617276354691&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1617276354487.979589945&it=1617276354244&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 01 Apr 2021 11:25:54 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/4ad4b014/ Frame D49A 354 KB
52 KB 28ms
21ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cxvRXWR9438

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56f048c95f0a1d5a78704d93885cf3b397251bfb49846bc78ec3a9569363542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/cxvRXWR9438
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64436
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53213
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:31:58 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/ Frame D49A 162 KB
58 KB 27ms
19ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cxvRXWR9438

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff7c449ce793438eb4bad2682bc26200baab4a588374ced0c5b50550f85f8f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/cxvRXWR9438
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64474
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59747
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:31:20 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame D49A 2 MB
511 KB 27ms
19ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cxvRXWR9438

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

290714822395f985081e4c9f9156e76907285730057975c705edbbf3ee8e84f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/cxvRXWR9438
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64333
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 522978
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:33:41 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/ Frame D49A 8 KB
3 KB 27ms
20ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cxvRXWR9438

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/cxvRXWR9438
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64474
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:31:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D49A 15 KB
15 KB 29ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cxvRXWR9438

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 01:51:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 466439
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sun, 27 Mar 2022 01:51:55 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
505 B 63ms
16ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-54145327-1&cid=1777496210.1617276355&jid=1461027566&_u=aGBAgEADQAQCAE~&z=188190591

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 57ms
22ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-54145327-1&cid=1777496210.1617276355&jid=1461027566&_u=aGBAgEADQAQCAE~&z=188190591

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13.css
www.dianomi.com/img/a/pss/2900/ Frame D990 3 KB
1 KB 11ms
0ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2900/13.css

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c8a013afcc84b7d1fb30bdee502c2bf4cbad6491230c7c34e7518b0403c4698

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 845743
cf-polished: origSize=5285
strict-transport-security: max-age=60; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Jan 2021 05:39:04 GMT
server: cloudflare
etag: W/"14a5-5b9db305e0e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d844000020143e9ad000000001
cf-ray: 639175a069892014-AMS
cf-bgj: minify

GET
H2 200 13.css
www.dianomi.com/img/a/pss/2900/ Frame 3CDA 3 KB
1 KB 39ms
27ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2900/13.css

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c8a013afcc84b7d1fb30bdee502c2bf4cbad6491230c7c34e7518b0403c4698

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5947
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 845743
cf-polished: origSize=5285
strict-transport-security: max-age=60; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Jan 2021 05:39:04 GMT
server: cloudflare
etag: W/"14a5-5b9db305e0e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d8af0000201429214000000001
cf-ray: 639175a11af42014-AMS
cf-bgj: minify

GET
H2 200 13.css
www.dianomi.com/img/a/pss/2900/ Frame 6198 3 KB
1 KB 61ms
51ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2900/13.css

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c8a013afcc84b7d1fb30bdee502c2bf4cbad6491230c7c34e7518b0403c4698

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5945
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 845743
cf-polished: origSize=5285
strict-transport-security: max-age=60; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Jan 2021 05:39:04 GMT
server: cloudflare
etag: W/"14a5-5b9db305e0e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d8b0000020143619f000000001
cf-ray: 639175a11afa2014-AMS
cf-bgj: minify

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
418 B 52ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-54145327-3&cid=1777496210.1617276355&jid=1108859251&gjid=1723627358&_gid=785659572.1617276355&_u=aGDAAEADQAQCAG~&z=11008072

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Apr 2021 11:25:54 GMT
content-type: text/plain
access-control-allow-origin: https://theweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13.css
www.dianomi.com/img/a/pss/2900/ Frame D150 3 KB
1 KB 40ms
31ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2900/13.css

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c8a013afcc84b7d1fb30bdee502c2bf4cbad6491230c7c34e7518b0403c4698

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 845743
cf-polished: origSize=5285
strict-transport-security: max-age=60; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Jan 2021 05:39:04 GMT
server: cloudflare
etag: W/"14a5-5b9db305e0e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d8b000002014cc9ef000000001
cf-ray: 639175a11afb2014-AMS
cf-bgj: minify

GET
H2 200 13.css
www.dianomi.com/img/a/pss/2900/ Frame D482 3 KB
1 KB 37ms
28ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2900/13.css

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c8a013afcc84b7d1fb30bdee502c2bf4cbad6491230c7c34e7518b0403c4698

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 845743
cf-polished: origSize=5285
strict-transport-security: max-age=60; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Jan 2021 05:39:04 GMT
server: cloudflare
etag: W/"14a5-5b9db305e0e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d8b500002014d2bd8000000001
cf-ray: 639175a12b082014-AMS
cf-bgj: minify

GET
H2 200 13.css
www.dianomi.com/img/a/pss/2900/ Frame B7DA 3 KB
1 KB 35ms
27ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2900/13.css

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c8a013afcc84b7d1fb30bdee502c2bf4cbad6491230c7c34e7518b0403c4698

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 845743
cf-polished: origSize=5285
strict-transport-security: max-age=60; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Jan 2021 05:39:04 GMT
server: cloudflare
etag: W/"14a5-5b9db305e0e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d8b60000201430b31000000001
cf-ray: 639175a12b0c2014-AMS
cf-bgj: minify

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/4ad4b014/ Frame DAEB 354 KB
52 KB 16ms
11ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhMHNPH3upE

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56f048c95f0a1d5a78704d93885cf3b397251bfb49846bc78ec3a9569363542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jhMHNPH3upE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64436
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53213
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:31:58 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/ Frame DAEB 162 KB
58 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhMHNPH3upE

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff7c449ce793438eb4bad2682bc26200baab4a588374ced0c5b50550f85f8f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jhMHNPH3upE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64474
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59747
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:31:20 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame DAEB 2 MB
511 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhMHNPH3upE

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

290714822395f985081e4c9f9156e76907285730057975c705edbbf3ee8e84f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jhMHNPH3upE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64333
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 522978
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:33:41 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/ Frame DAEB 8 KB
3 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhMHNPH3upE

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jhMHNPH3upE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64474
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:31:20 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DAEB 15 KB
15 KB 43ms
18ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhMHNPH3upE

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 01:51:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 466439
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sun, 27 Mar 2022 01:51:55 GMT

POST
H/1.1 200
OK /
eum-blue-saas.instana.io/ 0
190 B 184ms
37ms Other
text/plain 54.229.43.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-blue-saas.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.43.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Thu, 01 Apr 2021 11:25:54 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 0

GET
H/1.1 200 scriptloaded Show response
be.durationmedia.net/ 0
569 B 428ms
100ms Fetch 34.192.127.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://be.durationmedia.net/scriptloaded?siteId=10733

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.127.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Apr 2021 11:25:54 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Access-Control-Allow-Origin: https://theweek.com
Access-Control-Expose-Headers: Authorization
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H2 200 connatix.player.css
cds.connatix.com/p/110954/ 54 KB
8 KB 16ms
16ms Stylesheet
text/css 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/110954/connatix.player.css
Requested by: Host: bypass.theweek.com
URL: https://bypass.theweek.com/js/5040ba6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 876b0e86f9b4ed7d924c72b345b6b88b2939d2fd67f34becf715954c0fbf519a

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
last-modified: Thu, 01 Apr 2021 08:18:26 GMT
age: 10918
etag: "637a1378127cdbe744099c4ebcd33e04"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 8356

GET
H2 200 viewability3.js Show response
www.dianomi.com/js/ Frame D990 6 KB
2 KB 39ms
37ms Script
application/javascript 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability3.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

505f592cdecf6df413af2352c526396d5d3cd878e8fbbf693a242bd57e01d249

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3799
cf-polished: origSize=8527
last-modified: Mon, 22 Mar 2021 18:19:33 GMT
strict-transport-security: max-age=60; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"214f-5be241b86ea4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-request-id: 092ec7d954000020143bba8000000001
cf-ray: 639175a21d642014-AMS
expires: Thu, 01 Apr 2021 15:25:54 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame D990 1 KB
1 KB 46ms
44ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 584337
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d9520000201405944000000001
accept-ranges: bytes
cf-ray: 639175a21d682014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/206071/2/ Frame D990 7 KB
7 KB 40ms
39ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/206071/2/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

915efd9cf33dc57c8d02c6fcd87b2ecb19250785ee3824d89ae0a6cec732945a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142346
cf-polished: qual=85, origFmt=jpeg, origSize=73253
content-disposition: inline; filename="251x213.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 7094
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Mar 2021 13:10:06 GMT
server: cloudflare
etag: "11e25-5beac99ba4bf5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d95200002014d900f000000001
accept-ranges: bytes
cf-ray: 639175a21d6d2014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/194701/4/ Frame D990 13 KB
14 KB 32ms
32ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/194701/4/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

742bf2f370e5a3b9bbbe3c8c872e406f05fa497d0acf19ef61524d372a179a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 788800
cf-polished: qual=85, origFmt=jpeg, origSize=26188
content-disposition: inline; filename="251x213.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 13658
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Jan 2021 21:53:03 GMT
server: cloudflare
etag: "664c-5b8bb0bfbcdc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d9520000201430b3d000000001
accept-ranges: bytes
cf-ray: 639175a21d702014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/206186/2/ Frame D990 8 KB
8 KB 55ms
55ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/206186/2/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

689734b713f5c4efded607636372e6a6718f2c445b3998c5ac71582cf7770d3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97821
cf-polished: qual=85, origFmt=jpeg, origSize=58768
content-disposition: inline; filename="251x213.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 7736
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Mar 2021 17:32:42 GMT
server: cloudflare
etag: "e590-5be73eb5971af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d956000020141b24d000000001
accept-ranges: bytes
cf-ray: 639175a21d722014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H3-Q050

200

B25529873.299274046;dc_pre=CJDKk_X33O8CFYlo4AodJ88HXw;dc_trk_aid=492253651;dc_trk_cid=148077842;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/ Frame D990
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299274046;dc_trk_aid=492253651;dc_trk_cid=148077842;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gd...
https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299274046;dc_pre=CJDKk_X33O8CFYlo4AodJ88HXw;dc_trk_aid=492253651;dc_trk_cid=148077842;ord=1617276354;dc_lat=;dc_rdid=;tag_for_...

42 B
205 B

149ms
92ms

Image
image/gif

216.58.214.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299274046;dc_pre=CJDKk_X33O8CFYlo4AodJ88HXw;dc_trk_aid=492253651;dc_trk_cid=148077842;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.214.198 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s23-in-f198.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299274046;dc_pre=CJDKk_X33O8CFYlo4AodJ88HXw;dc_trk_aid=492253651;dc_trk_cid=148077842;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 viewability3.js Show response
www.dianomi.com/js/ Frame 3CDA 6 KB
2 KB 44ms
42ms Script
application/javascript 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability3.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

505f592cdecf6df413af2352c526396d5d3cd878e8fbbf693a242bd57e01d249

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5947
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3799
cf-polished: origSize=8527
last-modified: Mon, 22 Mar 2021 18:19:33 GMT
strict-transport-security: max-age=60; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"214f-5be241b86ea4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-request-id: 092ec7d95300002014ef35a000000001
cf-ray: 639175a21d772014-AMS
expires: Thu, 01 Apr 2021 15:25:54 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame 3CDA 1 KB
1 KB 37ms
35ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5947
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 584337
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d9550000201441918000000001
accept-ranges: bytes
cf-ray: 639175a21d7d2014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/206183/2/ Frame 3CDA 9 KB
9 KB 38ms
37ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/206183/2/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9030e5fd3da89699199107f3c0b560d3e864779722ff3236f37bcd585019a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5947
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 493191
cf-polished: qual=85, origFmt=jpeg, origSize=34784
content-disposition: inline; filename="251x213.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 9074
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Mar 2021 18:17:08 GMT
server: cloudflare
etag: "87e0-5be748a3e3289"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d95700002014d9010000000001
accept-ranges: bytes
cf-ray: 639175a22d802014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/194690/3/ Frame 3CDA 8 KB
8 KB 46ms
45ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/194690/3/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

851da3eb27f41fb96dd016aaf7e931f9205f95e2e934c51b016033eeb332903e

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5947
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 724289
cf-polished: qual=85, origFmt=jpeg, origSize=19476
content-disposition: inline; filename="251x213.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 8288
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Jan 2021 21:18:15 GMT
server: cloudflare
etag: "4c14-5b8ba8f8773c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d95a00002014e8b26000000001
accept-ranges: bytes
cf-ray: 639175a22d922014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/206074/2/ Frame 3CDA 7 KB
7 KB 54ms
54ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/206074/2/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

915efd9cf33dc57c8d02c6fcd87b2ecb19250785ee3824d89ae0a6cec732945a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5947
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 261507
cf-polished: qual=85, origFmt=jpeg, origSize=73253
content-disposition: inline; filename="251x213.webp"
vary: Accept
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri,csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-request-id: 092ec7d95800002014ca2a1000000001
cf-ray: 639175a22d932014-AMS
expires: Thu, 08 Apr 2021 11:25:54 GMT

GET
H3-Q050

200

B25529873.299034821;dc_pre=CN3Kk_X33O8CFamSdwodt4cFzQ;dc_trk_aid=491930003;dc_trk_cid=148077845;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/ Frame 3CDA
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299034821;dc_trk_aid=491930003;dc_trk_cid=148077845;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gd...
https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299034821;dc_pre=CN3Kk_X33O8CFamSdwodt4cFzQ;dc_trk_aid=491930003;dc_trk_cid=148077845;ord=1617276354;dc_lat=;dc_rdid=;tag_for_...

42 B
204 B

146ms
89ms

Image
image/gif

216.58.214.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299034821;dc_pre=CN3Kk_X33O8CFamSdwodt4cFzQ;dc_trk_aid=491930003;dc_trk_cid=148077845;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5947

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.214.198 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s23-in-f198.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299034821;dc_pre=CN3Kk_X33O8CFamSdwodt4cFzQ;dc_trk_aid=491930003;dc_trk_cid=148077845;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 viewability3.js Show response
www.dianomi.com/js/ Frame 6198 6 KB
2 KB 52ms
51ms Script
application/javascript 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability3.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5945

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

505f592cdecf6df413af2352c526396d5d3cd878e8fbbf693a242bd57e01d249

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5945
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3799
cf-polished: origSize=8527
last-modified: Mon, 22 Mar 2021 18:19:33 GMT
strict-transport-security: max-age=60; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"214f-5be241b86ea4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-request-id: 092ec7d95800002014d1bc3000000001
cf-ray: 639175a22d972014-AMS
expires: Thu, 01 Apr 2021 15:25:54 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame 6198 1 KB
1 KB 40ms
40ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5945

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5945
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 584337
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d9580000201417a6a000000001
accept-ranges: bytes
cf-ray: 639175a22d992014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/206072/2/ Frame 6198 7 KB
7 KB 56ms
55ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/206072/2/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5945

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

915efd9cf33dc57c8d02c6fcd87b2ecb19250785ee3824d89ae0a6cec732945a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5945
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 254199
cf-polished: qual=85, origFmt=jpeg, origSize=73253
content-disposition: inline; filename="251x213.webp"
vary: Accept
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri,csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-request-id: 092ec7d959000020143b31a000000001
cf-ray: 639175a22d9e2014-AMS
expires: Thu, 08 Apr 2021 11:25:54 GMT

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/206185/2/ Frame 6198 9 KB
9 KB 46ms
46ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/206185/2/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5945

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9030e5fd3da89699199107f3c0b560d3e864779722ff3236f37bcd585019a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5945
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 493234
cf-polished: qual=85, origFmt=jpeg, origSize=34784
content-disposition: inline; filename="251x213.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 9074
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Mar 2021 17:32:19 GMT
server: cloudflare
etag: "87e0-5be73e9f49339"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d95b00002014cca04000000001
accept-ranges: bytes
cf-ray: 639175a22da02014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/194690/3/ Frame 6198 8 KB
8 KB 53ms
53ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/194690/3/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5945

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

851da3eb27f41fb96dd016aaf7e931f9205f95e2e934c51b016033eeb332903e

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5945
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 724289
cf-polished: qual=85, origFmt=jpeg, origSize=19476
content-disposition: inline; filename="251x213.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 8288
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Jan 2021 21:18:15 GMT
server: cloudflare
etag: "4c14-5b8ba8f8773c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d95900002014213d4000000001
accept-ranges: bytes
cf-ray: 639175a22d9c2014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H3-Q050

200

B25529873.299140014;dc_pre=CMnMk_X33O8CFUDEuwgd3CkPbA;dc_trk_aid=492316713;dc_trk_cid=148077791;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/ Frame 6198
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299140014;dc_trk_aid=492316713;dc_trk_cid=148077791;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gd...
https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299140014;dc_pre=CMnMk_X33O8CFUDEuwgd3CkPbA;dc_trk_aid=492316713;dc_trk_cid=148077791;ord=1617276354;dc_lat=;dc_rdid=;tag_for_...

42 B
205 B

149ms
92ms

Image
image/gif

216.58.214.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299140014;dc_pre=CMnMk_X33O8CFUDEuwgd3CkPbA;dc_trk_aid=492316713;dc_trk_cid=148077791;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5945

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.214.198 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s23-in-f198.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299140014;dc_pre=CMnMk_X33O8CFUDEuwgd3CkPbA;dc_trk_aid=492316713;dc_trk_cid=148077791;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 viewability3.js Show response
www.dianomi.com/js/ Frame D150 6 KB
2 KB 47ms
47ms Script
application/javascript 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability3.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

505f592cdecf6df413af2352c526396d5d3cd878e8fbbf693a242bd57e01d249

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3799
cf-polished: origSize=8527
last-modified: Mon, 22 Mar 2021 18:19:33 GMT
strict-transport-security: max-age=60; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"214f-5be241b86ea4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-request-id: 092ec7d95c00002014e5261000000001
cf-ray: 639175a22da72014-AMS
expires: Thu, 01 Apr 2021 15:25:54 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame D150 1 KB
1 KB 54ms
53ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 584337
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d95f000020140681f000000001
accept-ranges: bytes
cf-ray: 639175a23db12014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/194689/3/ Frame D150 16 KB
17 KB 80ms
80ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/194689/3/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee0bdca3a9d5c8b84b33c8ed8df89a7bef61cef37aea30cae2680677cf565169

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=60; includeSubDomains
content-length: 16738
cf-request-id: 092ec7d96000002014331d7000000001
last-modified: Tue, 12 Jan 2021 21:53:15 GMT
server: cloudflare
etag: "4162-5b8bb0cb2e8c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 639175a23db32014-AMS
expires: Sat, 01 May 2021 21:25:54 GMT

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/206187/2/ Frame D150 9 KB
9 KB 52ms
52ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/206187/2/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9030e5fd3da89699199107f3c0b560d3e864779722ff3236f37bcd585019a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 491368
cf-polished: qual=85, origFmt=jpeg, origSize=34784
content-disposition: inline; filename="251x213.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 9074
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Mar 2021 17:34:41 GMT
server: cloudflare
etag: "87e0-5be73f269bf01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d9630000201409017000000001
accept-ranges: bytes
cf-ray: 639175a23db42014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/206073/2/ Frame D150 7 KB
7 KB 50ms
50ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/206073/2/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

915efd9cf33dc57c8d02c6fcd87b2ecb19250785ee3824d89ae0a6cec732945a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 256543
cf-polished: qual=85, origFmt=jpeg, origSize=73253
content-disposition: inline; filename="251x213.webp"
vary: Accept
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri,csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-request-id: 092ec7d9610000201424091000000001
cf-ray: 639175a23db62014-AMS
expires: Thu, 08 Apr 2021 11:25:54 GMT

GET
H3-Q050

200

B25529873.299274046;dc_pre=CNrRk_X33O8CFUws4AodxC0EbQ;dc_trk_aid=492253651;dc_trk_cid=148077842;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/ Frame D150
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299274046;dc_trk_aid=492253651;dc_trk_cid=148077842;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gd...
https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299274046;dc_pre=CNrRk_X33O8CFUws4AodxC0EbQ;dc_trk_aid=492253651;dc_trk_cid=148077842;ord=1617276354;dc_lat=;dc_rdid=;tag_for_...

42 B
204 B

146ms
90ms

Image
image/gif

216.58.214.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299274046;dc_pre=CNrRk_X33O8CFUws4AodxC0EbQ;dc_trk_aid=492253651;dc_trk_cid=148077842;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.214.198 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s23-in-f198.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299274046;dc_pre=CNrRk_X33O8CFUws4AodxC0EbQ;dc_trk_aid=492253651;dc_trk_cid=148077842;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=78047029&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&ul=en-us&de=UTF-8&dt=Report%3A%20Manhattan%20prosecutors%20subpoena%20bank%20records%20of%20Trump%20Organization%20CFO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sub(x)&ea=Page%20loaded&el=control&_u=aGDACEADRAQCAG~&jid=&gjid=&cid=1777496210.1617276355&tid=UA-54145327-3&_gid=785659572.1617276355&gtm=2wg3o0WNVDSB&cd4=20210331&cd5=News&cd6=Catherine%20Garcia&cd8=975092&cd12=speedread&cd52=speedread%2CNews&cd55=Report%3A%20Manhattan%20prosecutors%20subpoena%20bank%20records%20of%20Trump%20Organization%20CFO&cd81=1&cd82=3&cd83=0&cd84=1&cd85=null&cd86=57b24947-762d-4ac0-a8a5-08e3b39f9d8c&cd102=A%7CB%7CA%7Cnull%7CA%7CB%7CA%7CA%7CA%7CA&cd122=control&cd123=L&cd124=LLL&cd125=D210401%2FahQmbk6Qt4Wg%2BUx56VSRnQ6O9RAemvajCTJJDDFILw%3D&cd126=&z=494187709

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 12:53:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81147
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 viewability3.js Show response
www.dianomi.com/js/ Frame D482 6 KB
2 KB 47ms
46ms Script
application/javascript 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability3.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

505f592cdecf6df413af2352c526396d5d3cd878e8fbbf693a242bd57e01d249

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3799
cf-polished: origSize=8527
last-modified: Mon, 22 Mar 2021 18:19:33 GMT
strict-transport-security: max-age=60; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"214f-5be241b86ea4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-request-id: 092ec7d9750000201430b41000000001
cf-ray: 639175a25e112014-AMS
expires: Thu, 01 Apr 2021 15:25:54 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame D482 1 KB
1 KB 36ms
36ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 584337
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d975000020144191c000000001
accept-ranges: bytes
cf-ray: 639175a25e162014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/206184/2/ Frame D482 8 KB
8 KB 51ms
41ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/206184/2/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

689734b713f5c4efded607636372e6a6718f2c445b3998c5ac71582cf7770d3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 493234
cf-polished: qual=85, origFmt=jpeg, origSize=58768
content-disposition: inline; filename="251x213.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 7736
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Mar 2021 17:31:50 GMT
server: cloudflare
etag: "e590-5be73e8465ace"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d98300002014ff36b000000001
accept-ranges: bytes
cf-ray: 639175a26e532014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/206074/2/ Frame D482 7 KB
7 KB 46ms
41ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/206074/2/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

915efd9cf33dc57c8d02c6fcd87b2ecb19250785ee3824d89ae0a6cec732945a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 261507
cf-polished: qual=85, origFmt=jpeg, origSize=73253
content-disposition: inline; filename="251x213.webp"
vary: Accept
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri,csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-request-id: 092ec7d98000002014331db000000001
cf-ray: 639175a26e482014-AMS
expires: Thu, 08 Apr 2021 11:25:54 GMT

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/194690/3/ Frame D482 8 KB
8 KB 38ms
33ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/194690/3/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

851da3eb27f41fb96dd016aaf7e931f9205f95e2e934c51b016033eeb332903e

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 724289
cf-polished: qual=85, origFmt=jpeg, origSize=19476
content-disposition: inline; filename="251x213.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 8288
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Jan 2021 21:18:15 GMT
server: cloudflare
etag: "4c14-5b8ba8f8773c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d98000002014d2bef000000001
accept-ranges: bytes
cf-ray: 639175a26e492014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H3-Q050

200

B25529873.299140014;dc_pre=CJTSk_X33O8CFciFgwcdfQ0F-A;dc_trk_aid=492316713;dc_trk_cid=148077791;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/ Frame D482
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299140014;dc_trk_aid=492316713;dc_trk_cid=148077791;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gd...
https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299140014;dc_pre=CJTSk_X33O8CFciFgwcdfQ0F-A;dc_trk_aid=492316713;dc_trk_cid=148077791;ord=1617276354;dc_lat=;dc_rdid=;tag_for_...

42 B
742 B

144ms
88ms

Image
image/gif

216.58.214.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299140014;dc_pre=CJTSk_X33O8CFciFgwcdfQ0F-A;dc_trk_aid=492316713;dc_trk_cid=148077791;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.214.198 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s23-in-f198.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299140014;dc_pre=CJTSk_X33O8CFciFgwcdfQ0F-A;dc_trk_aid=492316713;dc_trk_cid=148077791;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 viewability3.js Show response
www.dianomi.com/js/ Frame B7DA 6 KB
2 KB 37ms
32ms Script
application/javascript 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability3.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

505f592cdecf6df413af2352c526396d5d3cd878e8fbbf693a242bd57e01d249

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3799
cf-polished: origSize=8527
last-modified: Mon, 22 Mar 2021 18:19:33 GMT
strict-transport-security: max-age=60; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"214f-5be241b86ea4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-request-id: 092ec7d9800000201417a70000000001
cf-ray: 639175a26e452014-AMS
expires: Thu, 01 Apr 2021 15:25:54 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame B7DA 1 KB
1 KB 35ms
31ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 584337
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d9810000201400af5000000001
accept-ranges: bytes
cf-ray: 639175a26e4a2014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/206071/2/ Frame B7DA 7 KB
7 KB 45ms
41ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/206071/2/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

915efd9cf33dc57c8d02c6fcd87b2ecb19250785ee3824d89ae0a6cec732945a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142346
cf-polished: qual=85, origFmt=jpeg, origSize=73253
content-disposition: inline; filename="251x213.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 7094
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Mar 2021 13:10:06 GMT
server: cloudflare
etag: "11e25-5beac99ba4bf5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d9830000201424096000000001
accept-ranges: bytes
cf-ray: 639175a26e542014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/194690/3/ Frame B7DA 8 KB
8 KB 42ms
38ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/194690/3/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

851da3eb27f41fb96dd016aaf7e931f9205f95e2e934c51b016033eeb332903e

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 724289
cf-polished: qual=85, origFmt=jpeg, origSize=19476
content-disposition: inline; filename="251x213.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 8288
x-xss-protection: 1; mode=block
last-modified: Tue, 12 Jan 2021 21:18:15 GMT
server: cloudflare
etag: "4c14-5b8ba8f8773c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d981000020143bbad000000001
accept-ranges: bytes
cf-ray: 639175a26e4c2014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 251x213.jpg
www.dianomi.com/img/a/sav2/206182/2/ Frame B7DA 8 KB
8 KB 47ms
43ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/206182/2/251x213.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

689734b713f5c4efded607636372e6a6718f2c445b3998c5ac71582cf7770d3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 493234
cf-polished: qual=85, origFmt=jpeg, origSize=58768
content-disposition: inline; filename="251x213.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 7736
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Mar 2021 17:45:24 GMT
server: cloudflare
etag: "e590-5be7418c7868a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 01 May 2021 21:25:54 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 092ec7d98300002014f523b000000001
accept-ranges: bytes
cf-ray: 639175a26e552014-AMS
cf-bgj: imgq:85,h2pri,csam-hash

GET
H3-Q050

200

B25529873.299034821;dc_pre=CJTVk_X33O8CFf_huwgdS_IEEg;dc_trk_aid=491930003;dc_trk_cid=148077845;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/ Frame B7DA
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299034821;dc_trk_aid=491930003;dc_trk_cid=148077845;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gd...
https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299034821;dc_pre=CJTVk_X33O8CFf_huwgdS_IEEg;dc_trk_aid=491930003;dc_trk_cid=148077845;ord=1617276354;dc_lat=;dc_rdid=;tag_for_...

42 B
204 B

145ms
89ms

Image
image/gif

216.58.214.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299034821;dc_pre=CJTVk_X33O8CFf_huwgdS_IEEg;dc_trk_aid=491930003;dc_trk_cid=148077845;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5948

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.214.198 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s23-in-f198.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B25529873.299034821;dc_pre=CJTVk_X33O8CFf_huwgdS_IEEg;dc_trk_aid=491930003;dc_trk_cid=148077845;ord=1617276354;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WEK_Logo_WHT_Red_block.jpg
www.dennis.co.uk/wp-content/uploads/2017/01/ Frame 449B 87 KB
87 KB 103ms
39ms Image
image/jpeg 35.197.249.251
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dennis.co.uk/wp-content/uploads/2017/01/WEK_Logo_WHT_Red_block.jpg
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.197.249.251 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 065aa86c1cd35d5a26995a5c4ab9d64575287610be13d53a806ea5b83bebb7e7

Request headers

Referer: https://cdn.privacy-mgmt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
last-modified: Thu, 07 Sep 2017 15:50:44 GMT
server: nginx
etag: "59b16ad4-15c41"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 89153

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
53 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-54145327-1&cid=1777496210.1617276355&jid=427359010&gjid=1066423013&_gid=785659572.1617276355&_u=aGDACEADRAQCAG~&z=1947352741

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Apr 2021 11:25:55 GMT
content-type: text/plain
access-control-allow-origin: https://theweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F28B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
160 B

40ms
40ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7AY_fsySKSA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae63a7be894f27f9b5f1aa32c0c198490c219a47066f0e3028318b31932bdede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F28B 29 B
407 B 24ms
6ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:11:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 891
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:26:04 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F71B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
160 B

39ms
38ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uJcchib4hCw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59c0e6efbedb896499ed0cec94884ab3607cfd9983b24f0d84bd3442a6c84f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F71B 29 B
394 B 27ms
13ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:11:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 891
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:26:04 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
62 B 11ms
11ms Other
text/plain 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary1NB5BCvvKAc4IEEL

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 01 Apr 2021 11:25:55 GMT
content-type: text/plain
access-control-allow-origin: https://theweek.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 2AA6 113 B
920 B 69ms
53ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c24977ac983c0112db73841d4e1917a53251753b070d39b7145123fc8498780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 2AA6 29 B
54 B 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:11:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 891
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:26:04 GMT

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 4943 400 B
671 B 11ms
11ms Image
image/png 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=462337980564780&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b89ac5b6f0ba8%26domain%3Dtheweek.com%26origin%3Dhttps%253A%252F%252Ftheweek.com%252Ff261438eb44138%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Ftheweek&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=462337980564780&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b89ac5b6f0ba8%26domain%3Dtheweek.com%26origin%3Dhttps%253A%252F%252Ftheweek.com%252Ff261438eb44138%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Ftheweek&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 5DuSGKLgQBd/Lu9yqyW/lqXrQcCZxxXt8rO+HnTgTxXTmHASPqDzPaUvhml9N7J0ua6CQEjKRUMdRjU32Je83A==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Thu, 25 Mar 2021 20:18:51 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Fri, 25 Mar 2022 20:18:51 GMT

GET
H2 200 -ofl1sj1niM.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yT/l/en_US/ Frame 4943 477 KB
124 KB 11ms
11ms XHR
application/x-javascript 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yT/l/en_US/-ofl1sj1niM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

306259642e1ab99f0a099519f021ace7cacd1c98ae8b0e3ee5346616023eaa40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=462337980564780&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b89ac5b6f0ba8%26domain%3Dtheweek.com%26origin%3Dhttps%253A%252F%252Ftheweek.com%252Ff261438eb44138%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Ftheweek&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: XtgNJdF6sYG94hQQzq7aKrLOhQZ7U8UMF73R2dHvE42mGJcFw0IGFdFYr20CL5j0Tjxcu69CLdGbTBZ6uB5J6A==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: awQGc6luVUibXNvotnP4sw==
date: Tue, 30 Mar 2021 17:30:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 126301
x-fb-rlafr: 0
expires: Wed, 30 Mar 2022 17:30:12 GMT

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame 8391 2 KB
2 KB 448ms
115ms XHR
multipart/form-data 3.140.99.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=110954
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.99.218 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4668425e87b3d03472239bab31d0e44d18ee608fdc4dfdbebdf9ccb969bcaf39

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 01 Apr 2021 11:25:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://theweek.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1349

GET
H2 200 settings Show response
syndication.twitter.com/ Frame A0FD 183 B
411 B 169ms
124ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=1e79a2ac62c043abde95de64891430aa206c7493

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Ftheweek.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 01 Apr 2021 11:25:55 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 11:25:55 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 068f22528a181c7fdf937561c9d70f94
strict-transport-security: max-age=631138519
content-length: 152

GET
H2 200 css
fonts.googleapis.com/ Frame D990 7 KB
1 KB 35ms
14ms Font
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2900/13.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51a81ff5087d8ce810440d4ba5fc26db94dca3b0669746ef14f9e01385a6b995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.dianomi.com
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 10:05:13 GMT
server: ESF
date: Thu, 01 Apr 2021 11:25:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Apr 2021 11:25:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3CDA 7 KB
730 B 33ms
15ms Font
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2900/13.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51a81ff5087d8ce810440d4ba5fc26db94dca3b0669746ef14f9e01385a6b995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.dianomi.com
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 10:00:11 GMT
server: ESF
date: Thu, 01 Apr 2021 11:25:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Apr 2021 11:25:55 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
274 B 45ms
30ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-54145327-1&cid=1777496210.1617276355&jid=427359010&_u=aGDACEADRAQCAG~&z=268097929

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 45ms
31ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-54145327-1&cid=1777496210.1617276355&jid=427359010&_u=aGDACEADRAQCAG~&z=268097929

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame F28B 97 KB
32 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561e2cc2ff84be0897fc18138575f4c31aaa1afd52731d70949eed5fcd513156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7AY_fsySKSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64334
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32714
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:33:41 GMT

GET
H3-Q050 200 JKpd_lk327AobN_pv_3rQSdPyh1_wevmg2lsMnVM1bk.js Show response
www.google.com/js/th/ Frame F28B 33 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/JKpd_lk327AobN_pv_3rQSdPyh1_wevmg2lsMnVM1bk.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24aa5dfe5937dbb0286cdfe9bffdeb41274fca1d7fc1ebe683696c32754cd5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 13:17:52 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 425283
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12778
x-xss-protection: 0
expires: Sun, 27 Mar 2022 13:17:52 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame F28B 24 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccd9d82356daa470ee0cbcd896661c78d291e75f75198a43b77694ef307041e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/7AY_fsySKSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64267
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:34:48 GMT

GET
DATA 200
OK truncated
/ Frame F28B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnhLbaMgiLtS6EhhaZDp2PmORlE_0LDX_fyYiiNRXw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F28B 3 KB
4 KB 27ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnhLbaMgiLtS6EhhaZDp2PmORlE_0LDX_fyYiiNRXw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7AY_fsySKSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

59b34eb4d63e9dbc6f5c1f16b5f2116149a0236a39189cdfac0117073ce23152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:13:55 GMT
x-content-type-options: nosniff
age: 720
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3473
x-xss-protection: 0
server: fife
etag: "v285"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 02 Apr 2021 07:13:55 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/7AY_fsySKSA/ Frame F28B 19 KB
19 KB 27ms
7ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/7AY_fsySKSA/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/7AY_fsySKSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f1e735e7aa9d891b41c9ff9e616016f2ab9bd817fb79dca1b4ae597a1904c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:24:47 GMT
x-content-type-options: nosniff
server: sffe
age: 68
etag: "1617231713"
vary: Origin
content-type: image/webp
cache-control: public, max-age=300
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19342
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:29:47 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame D49A 113 B
160 B 39ms
39ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9235e24776676b8531b4e2f0906d0b09a29b309f7f0be051e514519b0eaaabfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D49A 29 B
54 B 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:11:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 891
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:26:04 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame D150 7 KB
679 B 44ms
29ms Font
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2900/13.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51a81ff5087d8ce810440d4ba5fc26db94dca3b0669746ef14f9e01385a6b995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.dianomi.com
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 10:03:15 GMT
server: ESF
date: Thu, 01 Apr 2021 11:25:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Apr 2021 11:25:55 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 6198 7 KB
1 KB 42ms
28ms Font
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2900/13.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51a81ff5087d8ce810440d4ba5fc26db94dca3b0669746ef14f9e01385a6b995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.dianomi.com
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 10:06:44 GMT
server: ESF
date: Thu, 01 Apr 2021 11:25:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Apr 2021 11:25:55 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame F71B 97 KB
32 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561e2cc2ff84be0897fc18138575f4c31aaa1afd52731d70949eed5fcd513156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uJcchib4hCw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64334
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32714
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:33:41 GMT

GET
H3-Q050 200 JKpd_lk327AobN_pv_3rQSdPyh1_wevmg2lsMnVM1bk.js Show response
www.google.com/js/th/ Frame F71B 33 KB
13 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/JKpd_lk327AobN_pv_3rQSdPyh1_wevmg2lsMnVM1bk.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24aa5dfe5937dbb0286cdfe9bffdeb41274fca1d7fc1ebe683696c32754cd5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 13:17:52 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 425283
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12778
x-xss-protection: 0
expires: Sun, 27 Mar 2022 13:17:52 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame F71B 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccd9d82356daa470ee0cbcd896661c78d291e75f75198a43b77694ef307041e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/uJcchib4hCw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64267
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:34:48 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame B7DA 7 KB
679 B 16ms
16ms Font
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2900/13.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51a81ff5087d8ce810440d4ba5fc26db94dca3b0669746ef14f9e01385a6b995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.dianomi.com
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 10:06:47 GMT
server: ESF
date: Thu, 01 Apr 2021 11:25:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Apr 2021 11:25:55 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame D482 7 KB
679 B 20ms
20ms Font
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2900/13.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51a81ff5087d8ce810440d4ba5fc26db94dca3b0669746ef14f9e01385a6b995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.dianomi.com
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 10:00:26 GMT
server: ESF
date: Thu, 01 Apr 2021 11:25:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Apr 2021 11:25:55 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 114 KB
37 KB 87ms
42ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185497-164226995996356.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:29 GMT
server: nginx
etag: W/"605322dd-1c9d1"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 02 Apr 2021 11:25:55 GMT

GET
H2 204 identity Show response
api.rlcdn.com/api/ 0
244 B 54ms
21ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope&cv=CPD-L0kPD-L0kAGABCENBTCgAAAAAH_AABpYAAAPKAIMBAUAgCFsAAQIFCIQAAQhiQAAAAFBCIBQJIAMqgAWVwEdoIAACAxAQgAAgBBQgwCAAQCAJKAgBACwQCAAiAQAAgAEAIAAEJBILACwEAAAFAJCBAiACECAgiAAg5DAgIgCCAFABAAAuJDACAMosACBBgBUIAJQggGAgMgEACOAGWANQAdgBSwDeAJiAYEIgFABWAGWANQAdgBAAClgGsAOqAfIBgQkAGAA4Ac4CSwkBIABAAPAArACJAGWANQAfoBAAClgGKANYAbQA3gB8gExAJlAYEAwYKAEAB2AL4AYQCSw0A0AKwAywBqADsAIAAQUApYBrADeAHVAPkAioBgQcAEAA4BJYqASAI4AZYA1AB2AFLAN4AmIBgQDch0AoAHwAVgBqAD9ALEAXMAxQB1AF2gNEHgAwAVAEZASWQgEACOAGoAUMAxQB1AF2gNEAdqRABAAqAIySgEgAIAB4AG0ARIAwgDFAHUAXaA7UmABAIyUgDAFDALmAbQBWwC7QHalQAYAKgAfAJLA.YAAAAAAAAAAA&ct=4
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
via: 1.1 google
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://theweek.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
387 B 92ms
30ms XHR
application/json 52.17.101.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185497&gdpr=1&gdpr_consent=CPD-L0kPD-L0kAGABCENBTCgAAAAAH_AABpYAAAPKAIMBAUAgCFsAAQIFCIQAAQhiQAAAAFBCIBQJIAMqgAWVwEdoIAACAxAQgAAgBBQgwCAAQCAJKAgBACwQCAAiAQAAgAEAIAAEJBILACwEAAAFAJCBAiACECAgiAAg5DAgIgCCAFABAAAuJDACAMosACBBgBUIAJQggGAgMgEACOAGWANQAdgBSwDeAJiAYEIgFABWAGWANQAdgBAAClgGsAOqAfIBgQkAGAA4Ac4CSwkBIABAAPAArACJAGWANQAfoBAAClgGKANYAbQA3gB8gExAJlAYEAwYKAEAB2AL4AYQCSw0A0AKwAywBqADsAIAAQUApYBrADeAHVAPkAioBgQcAEAA4BJYqASAI4AZYA1AB2AFLAN4AmIBgQDch0AoAHwAVgBqAD9ALEAXMAxQB1AF2gNEHgAwAVAEZASWQgEACOAGoAUMAxQB1AF2gNEAdqRABAAqAIySgEgAIAB4AG0ARIAwgDFAHUAXaA7UmABAIyUgDAFDALmAbQBWwC7QHalQAYAKgAfAJLA.YAAAAAAAAAAA
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.101.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6f9cf248372db3e79653b40d79fd26d8943fc15d856badd6032d7e34cb0961d8

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theweek.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 01 May 2021 11:25:55 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame 2AA6 97 KB
32 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561e2cc2ff84be0897fc18138575f4c31aaa1afd52731d70949eed5fcd513156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Cfnbf98kR-Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64334
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32714
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:33:41 GMT

GET
H3-Q050 200 JKpd_lk327AobN_pv_3rQSdPyh1_wevmg2lsMnVM1bk.js Show response
www.google.com/js/th/ Frame 2AA6 33 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/JKpd_lk327AobN_pv_3rQSdPyh1_wevmg2lsMnVM1bk.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24aa5dfe5937dbb0286cdfe9bffdeb41274fca1d7fc1ebe683696c32754cd5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 13:17:52 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 425283
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12778
x-xss-protection: 0
expires: Sun, 27 Mar 2022 13:17:52 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame 2AA6 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccd9d82356daa470ee0cbcd896661c78d291e75f75198a43b77694ef307041e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Cfnbf98kR-Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64267
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:34:48 GMT

GET
DATA 200
OK truncated
/ Frame 2AA6 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 AAUvwnhLWZRu2mFcPXHvzrtChla7JG3UEr7Y8qb_LQiESQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2AA6 3 KB
3 KB 37ms
22ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnhLWZRu2mFcPXHvzrtChla7JG3UEr7Y8qb_LQiESQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Cfnbf98kR-Q

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4da3af22685cd41a5ab358abae1feca12168b35c9a7c7f921e0387a3fb0662f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 08:14:08 GMT
x-content-type-options: nosniff
age: 11507
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3048
x-xss-protection: 0
server: fife
etag: "v81"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 20 Mar 2021 19:53:37 GMT

GET
H3-Q050 200 sddefault.jpg
i.ytimg.com/vi/Cfnbf98kR-Q/ Frame 2AA6 32 KB
32 KB 37ms
23ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Cfnbf98kR-Q/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Cfnbf98kR-Q

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec330ef73cfaa15152a5bdc8fb8460f39ecdfce0b747ed9b99a3f23880e7700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 10:45:47 GMT
x-content-type-options: nosniff
server: sffe
age: 2408
etag: "1616766614"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32288
x-xss-protection: 0
expires: Thu, 01 Apr 2021 12:45:47 GMT

GET
DATA 200
OK truncated
/ Frame F71B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 AAUvwnjH36FonAFpKEwWV3svN0HCML1V1nVe0rv5MovtoHk=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F71B 2 KB
2 KB 32ms
21ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnjH36FonAFpKEwWV3svN0HCML1V1nVe0rv5MovtoHk=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uJcchib4hCw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

efa0893cbeee1fca1e3999d20dda03147246f0a6275b111fafa699fcf88f09f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 10:54:58 GMT
x-content-type-options: nosniff
age: 1857
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2039
x-xss-protection: 0
server: fife
etag: "vb834"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 02 Apr 2021 06:54:58 GMT

GET
H3-Q050 200 sddefault.webp
i.ytimg.com/vi_webp/uJcchib4hCw/ Frame F71B 17 KB
17 KB 34ms
23ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/uJcchib4hCw/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uJcchib4hCw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5b483e0cea9e7b774a196c388bce8502aea246606aa6fe0eb7a6999eea06135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:24:49 GMT
x-content-type-options: nosniff
server: sffe
age: 66
etag: "1617244507"
vary: Origin
content-type: image/webp
cache-control: public, max-age=300
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17218
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:29:49 GMT

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame DAEB 113 B
160 B 44ms
39ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9122c9b6a1f5937e686c48e4a41fa8a22978bbb3cb238e86a387ae33b94bd04d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame DAEB 29 B
54 B 9ms
6ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:11:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 891
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:26:04 GMT

GET
H/1.1 200
OK button.75a79c54dcfc115f36a5bc654a4d6c25.js Show response
platform.twitter.com/js/ 7 KB
3 KB 13ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.75a79c54dcfc115f36a5bc654a4d6c25.js
Requested by: Host: bypass.theweek.com
URL: https://bypass.theweek.com/js/5040ba6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB0) /
Resource Hash: 97d03f0364ee71256d492e6abad11ff53f0bf177b6476ac4645ea1b045f1f743

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:20:13 GMT
Server: ECS (amb/6BB0)
Age: 1866931
Etag: "ba8d4b9e84a41a5e804e7520c9979b13+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2297

POST
H2 200 /
www.facebook.com/tr/ 0
31 B 11ms
11ms Other
text/plain 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBJWm0EoLcgB1A43Z

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 01 Apr 2021 11:25:55 GMT
content-type: text/plain
access-control-allow-origin: https://theweek.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame D49A 97 KB
32 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561e2cc2ff84be0897fc18138575f4c31aaa1afd52731d70949eed5fcd513156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/cxvRXWR9438
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64334
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32714
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:33:41 GMT

GET
H3-Q050 200 JKpd_lk327AobN_pv_3rQSdPyh1_wevmg2lsMnVM1bk.js Show response
www.google.com/js/th/ Frame D49A 33 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/JKpd_lk327AobN_pv_3rQSdPyh1_wevmg2lsMnVM1bk.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24aa5dfe5937dbb0286cdfe9bffdeb41274fca1d7fc1ebe683696c32754cd5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 13:17:52 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 425283
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12778
x-xss-protection: 0
expires: Sun, 27 Mar 2022 13:17:52 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame D49A 24 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccd9d82356daa470ee0cbcd896661c78d291e75f75198a43b77694ef307041e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/cxvRXWR9438
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64267
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:34:48 GMT

GET
DATA 200
OK truncated
/ Frame D49A 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 AAUvwnjD3DznsxZvLJsQhRWkophyg2XYqBFuNCxg4O9S9A=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D49A 2 KB
2 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnjD3DznsxZvLJsQhRWkophyg2XYqBFuNCxg4O9S9A=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cxvRXWR9438

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

abbba943556ec9ceb2a28a8ed710c06fe2a456d854722561d3c972b1bb81e1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 09:45:15 GMT
x-content-type-options: nosniff
age: 6040
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1819
x-xss-protection: 0
server: fife
etag: "v14a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 02 Apr 2021 09:45:15 GMT

GET
H3-Q050 200 sddefault.jpg
i.ytimg.com/vi/cxvRXWR9438/ Frame D49A 39 KB
39 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/cxvRXWR9438/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cxvRXWR9438

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60c9cc88504fd9b37fc3eb6b846d9a3c409cf5b3760b2ef03ca2e115ff4c77d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1617230510"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40026
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:30:55 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame DAEB 97 KB
32 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561e2cc2ff84be0897fc18138575f4c31aaa1afd52731d70949eed5fcd513156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jhMHNPH3upE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64334
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32714
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:33:41 GMT

GET
H3-Q050 200 JKpd_lk327AobN_pv_3rQSdPyh1_wevmg2lsMnVM1bk.js Show response
www.google.com/js/th/ Frame DAEB 33 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/JKpd_lk327AobN_pv_3rQSdPyh1_wevmg2lsMnVM1bk.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24aa5dfe5937dbb0286cdfe9bffdeb41274fca1d7fc1ebe683696c32754cd5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 13:17:52 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 425283
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12778
x-xss-protection: 0
expires: Sun, 27 Mar 2022 13:17:52 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame DAEB 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccd9d82356daa470ee0cbcd896661c78d291e75f75198a43b77694ef307041e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jhMHNPH3upE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 64267
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:34:48 GMT

GET
DATA 200
OK truncated
/ Frame DAEB 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 AAUvwnjD3DznsxZvLJsQhRWkophyg2XYqBFuNCxg4O9S9A=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame DAEB 2 KB
2 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnjD3DznsxZvLJsQhRWkophyg2XYqBFuNCxg4O9S9A=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhMHNPH3upE

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

abbba943556ec9ceb2a28a8ed710c06fe2a456d854722561d3c972b1bb81e1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 09:45:15 GMT
x-content-type-options: nosniff
age: 6040
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1819
x-xss-protection: 0
server: fife
etag: "v14a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 02 Apr 2021 09:45:15 GMT

GET
H3-Q050 200 sddefault.jpg
i.ytimg.com/vi/jhMHNPH3upE/ Frame DAEB 29 KB
29 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/jhMHNPH3upE/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhMHNPH3upE

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1f7ba07a695ae021e40bc75941778d5eed1fdaf057e61e06f78541cba44b48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1617230959"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29988
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:30:55 GMT

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame 8391 0
292 B 109ms
109ms XHR
multipart/form-data 3.140.99.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=110954
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.99.218 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 01 Apr 2021 11:25:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://theweek.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
20 KB 70ms
37ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bypass.theweek.com
URL: https://bypass.theweek.com/js/5040ba6.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

e1ddbaa5656b81d691f281fff7f65b97344df9d138d33bf5decee8f04cbbae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "829 / 386 of 1000 / last-modified: 1617270103"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19790
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:25:55 GMT

GET
H2 200 2_media.bin Show response
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/446e05ae-f6f3-4517-8afb-d1009b455d80/ Frame 8391 285 B
437 B 53ms
18ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/446e05ae-f6f3-4517-8afb-d1009b455d80/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cafe8375fe772891a1cafce9de31e8fa2cd4ad22f28d500739d32d510f79ec16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 19:16:16 GMT
age: 73152
etag: "76e73c3a496b4a7051ba668d2d0244d0"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 249

GET
H/1.1 200
OK follow_button.0edc1ef9f8b82d9b79c6115bda79f63f.en.html Show response
platform.twitter.com/widgets/ Frame A39D 36 KB
14 KB 13ms
13ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.0edc1ef9f8b82d9b79c6115bda79f63f.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB0) /
Resource Hash: b633d59ced5ad19802402708ae117a19f8cd718df17441ac151d09882b333269

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://theweek.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1866931
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Apr 2021 11:25:55 GMT
Etag: "4e5e8687266ea3243e4e6eb1d5cc34ec+gzip"
Last-Modified: Wed, 03 Mar 2021 19:20:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BB0)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13700

GET
H/1.1 200
OK tweet_button.0edc1ef9f8b82d9b79c6115bda79f63f.en.html Show response
platform.twitter.com/widgets/ Frame 9E43 32 KB
13 KB 26ms
13ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.0edc1ef9f8b82d9b79c6115bda79f63f.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB0) /
Resource Hash: f85348f16f773be0593f6964a88ae226c85683d2fd9802c859ce1bf0fda027c1

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://theweek.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1866930
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Apr 2021 11:25:55 GMT
Etag: "261ad3b11e174efa13458f601d8c2ebb+gzip"
Last-Modified: Wed, 03 Mar 2021 19:20:19 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BB0)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12296

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 4943 67 B
761 B 31ms
31ms Image
image/png 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1617276355157&t_start=1617276355157&t_domcontent=1617276355464&t_layout=1617276355808&t_onload=1617276355808&t_paint=1617276355808&t_creport=1617276355808&t_tti=1617276355464&lid=6946149050255263100-0

Requested by

Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=462337980564780&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2b89ac5b6f0ba8%26domain%3Dtheweek.com%26origin%3Dhttps%253A%252F%252Ftheweek.com%252Ff261438eb44138%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Ffacebook.com%2Ftheweek&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: jmhCWQSBnzF1quVGXRQUv1GeT/8J7APuHNonBUvFRhFiIywnqmfshd91EMcyipUbOvJE54XjCC+4ASDSQHIOQg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 01 Apr 2021 11:25:55 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F28B 4 KB
2 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:25:55 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame F28B 0
38 B 6ms
6ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?NDICdg
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/7AY_fsySKSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D49A 4 KB
2 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:25:55 GMT

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F71B 4 KB
2 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:25:55 GMT

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 2AA6 4 KB
2 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:25:55 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame F71B 0
36 B 6ms
5ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?WhURqw
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/uJcchib4hCw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:56 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 2AA6 0
13 B 6ms
5ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?4vAJzA
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/Cfnbf98kR-Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:56 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame DAEB 4 KB
2 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:25:56 GMT

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame 8391 0
292 B 110ms
110ms XHR
multipart/form-data 3.140.99.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=110954
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.99.218 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 01 Apr 2021 11:25:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://theweek.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 8391 117 B
416 B 504ms
176ms XHR
multipart/form-data 3.140.99.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=110954
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.99.218 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e459fc9cd0f986756c48e93c5fb7f2a1080173e1998046fe5859a2a56ea58274

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 01 Apr 2021 11:25:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://theweek.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame 8391 0
292 B 218ms
109ms XHR
multipart/form-data 3.140.99.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=110954
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.99.218 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 01 Apr 2021 11:25:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://theweek.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 1_th.jpg
img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/446e05ae-f6f3-4517-8afb-d1009b455d80/ 7 KB
8 KB 21ms
20ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/446e05ae-f6f3-4517-8afb-d1009b455d80/1_th.jpg?crop=402:226,smart&width=402&height=226&format=jpeg&quality=60&fit=crop
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: de87bb5bb9c2badfafdb371fafa2a4277b37ad5bdddb3e51a5b2d1636b8a9885

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:56 GMT
age: 80213
etag: "2gWMy6BL4PXkvw2rMZGpTwZGGSzeBuBcNCQaAp3fKn4"
access-control-max-age: 86400
fastly-io-info: ifsz=76830 idim=2560x1440 ifmt=jpeg ofsz=7633 odim=402x226 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=31557600
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 7633

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame D150 77 B
437 B 46ms
46ms XHR
image/gif 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=194689&impression_id=YGWtwgMQCPwq82hQ-7oj-QAAAAI&adgroup_variant_ids=194689,206187,206073&smartad_variant_id=8161&device_type=computer&smartad_id=5948

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:56 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=60; includeSubDomains
content-length: 77
cf-request-id: 092ec7de1e00002014c492a000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 639175a9cd552014-AMS
expires: Wed, 31 Mar 2021 11:25:56 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame D150 77 B
163 B 47ms
46ms XHR
image/gif 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=206187&impression_id=YGWtwgMQCPwq82hQ-7oj-QAAAAI&adgroup_variant_ids=194689,206187,206073&smartad_variant_id=8161&device_type=computer&smartad_id=5948

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:56 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=60; includeSubDomains
content-length: 77
cf-request-id: 092ec7de1e0000201400b60000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 639175a9cd562014-AMS
expires: Wed, 31 Mar 2021 11:25:56 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame D150 77 B
163 B 47ms
47ms XHR
image/gif 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=206073&impression_id=YGWtwgMQCPwq82hQ-7oj-QAAAAI&adgroup_variant_ids=194689,206187,206073&smartad_variant_id=8161&device_type=computer&smartad_id=5948

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=5948
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:56 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=60; includeSubDomains
content-length: 77
cf-request-id: 092ec7de1e00002014c89fe000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 639175a9cd572014-AMS
expires: Wed, 31 Mar 2021 11:25:56 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame D49A 0
13 B 7ms
6ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?olrpGA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/cxvRXWR9438
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/cxvRXWR9438
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:56 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame DAEB 0
13 B 6ms
5ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?xwCM1Q
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/jhMHNPH3upE
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/jhMHNPH3upE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:56 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 0B94
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
572 B

14ms
13ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: theweek.com
URL: https://theweek.com/speedreads/975092/report-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB0) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://theweek.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1866932
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Apr 2021 11:25:56 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 03 Mar 2021 19:22:21 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BB0)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Thu, 01 Apr 2021 11:25:56 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Thu, 01 Apr 2021 11:25:56 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
status: 302 Found
strict-transport-security: max-age=631138519
x-connection-hash: 068f22528a181c7fdf937561c9d70f94
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 119
x-transaction: 00934c53007847a1
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A39D 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK /
eum-blue-saas.instana.io/ 0
190 B 35ms
35ms Other
text/plain 54.229.43.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-blue-saas.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.43.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Thu, 01 Apr 2021 11:25:56 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 0

GET
H2 200 73647 Show response
api.omappapi.com/v2/embed/ 227 B
748 B 238ms
151ms XHR
application/json 65.9.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/73647?d=theweek.com
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pagely Gateway/1.5.1 /
Resource Hash: 5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:57 GMT
via: 1.1 c76f57c516237f120f723cde4dab446f.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: PRG50-C1
x-cache-status: HIT
x-cache: Miss from cloudfront
content-length: 227
x-optinmonster-account: 82807
x-user-agent: standard--
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Pagely Gateway/1.5.1
etag: "b91e5dc54e033e761837b7b846da520f"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: rO-9WavAVM4QMj1HcR1_fm8Nv2mtSW-jpKph_RJigkSk_pmPPILL_Q==

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/13765220/ 0
400 B 218ms
218ms Script
application/x-javascript 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/13765220/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNVDSB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 11:25:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Sun, 04 Apr 2021 11:25:57 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
650 B 186ms
142ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o4oal&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo

Requested by

Host: bypass.theweek.com
URL: https://bypass.theweek.com/js/5040ba6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 121
pragma: no-cache
last-modified: Thu, 01 Apr 2021 11:25:57 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d0590e279c41477c635e214d15a10ba6
x-transaction: 0093fa59001abcf1
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 6532 34 KB
13 KB 55ms
55ms Document
text/html 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=462337980564780&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfab805bbe475a4%26domain%3Dtheweek.com%26origin%3Dhttps%253A%252F%252Ftheweek.com%252Ff261438eb44138%26relation%3Dparent.parent&container_width=90&href=http%3A%2F%2Ffacebook.com%2Ftheweek&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=77423f0087d959346e87b8b1213c05a0&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

767d33317b48b0ec3ad00793284eacb25904b528793809175498b93baa1ada92

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=462337980564780&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfab805bbe475a4%26domain%3Dtheweek.com%26origin%3Dhttps%253A%252F%252Ftheweek.com%252Ff261438eb44138%26relation%3Dparent.parent&container_width=90&href=http%3A%2F%2Ffacebook.com%2Ftheweek&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: c/WoCH/uBq9q0yq8sbCjtynMAk6AeK6/JN4RAn0QLoEW0KfQLorlz7GhZvMOeGSw3/OCuY7ouyZoE7KbOp9ygQ==
date: Thu, 01 Apr 2021 11:25:57 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3D4C 0
149 B 41ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=theweek.com&gdpr=1&gdpr_consent=CPD-L0kPD-L0kAGABCENBTCgAAAAAH_AABpYAAAPKAIMBAUAgCFsAAQIFCIQAAQhiQAAAAFBCIBQJIAMqgAWVwEdoIAACAxAQgAAgBBQgwCAAQCAJKAgBACwQCAAiAQAAgAEAIAAEJBILACwEAAAFAJCBAiACECAgiAAg5DAgIgCCAFABAAAuJDACAMosACBBgBUIAJQggGAgMgEACOAGWANQAdgBSwDeAJiAYEIgFABWAGWANQAdgBAAClgGsAOqAfIBgQkAGAA4Ac4CSwkBIABAAPAArACJAGWANQAfoBAAClgGKANYAbQA3gB8gExAJlAYEAwYKAEAB2AL4AYQCSw0A0AKwAywBqADsAIAAQUApYBrADeAHVAPkAioBgQcAEAA4BJYqASAI4AZYA1AB2AFLAN4AmIBgQDch0AoAHwAVgBqAD9ALEAXMAxQB1AF2gNEHgAwAVAEZASWQgEACOAGoAUMAxQB1AF2gNEAdqRABAAqAIySgEgAIAB4AG0ARIAwgDFAHUAXaA7UmABAIyUgDAFDALmAbQBWwC7QHalQAYAKgAfAJLA.YAAAAAAAAAAA

Requested by

Host: bypass.theweek.com
URL: https://bypass.theweek.com/js/5040ba6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=theweek.com&gdpr=1&gdpr_consent=CPD-L0kPD-L0kAGABCENBTCgAAAAAH_AABpYAAAPKAIMBAUAgCFsAAQIFCIQAAQhiQAAAAFBCIBQJIAMqgAWVwEdoIAACAxAQgAAgBBQgwCAAQCAJKAgBACwQCAAiAQAAgAEAIAAEJBILACwEAAAFAJCBAiACECAgiAAg5DAgIgCCAFABAAAuJDACAMosACBBgBUIAJQggGAgMgEACOAGWANQAdgBSwDeAJiAYEIgFABWAGWANQAdgBAAClgGsAOqAfIBgQkAGAA4Ac4CSwkBIABAAPAArACJAGWANQAfoBAAClgGKANYAbQA3gB8gExAJlAYEAwYKAEAB2AL4AYQCSw0A0AKwAywBqADsAIAAQUApYBrADeAHVAPkAioBgQcAEAA4BJYqASAI4AZYA1AB2AFLAN4AmIBgQDch0AoAHwAVgBqAD9ALEAXMAxQB1AF2gNEHgAwAVAEZASWQgEACOAGoAUMAxQB1AF2gNEAdqRABAAqAIySgEgAIAB4AG0ARIAwgDFAHUAXaA7UmABAIyUgDAFDALmAbQBWwC7QHalQAYAKgAfAJLA.YAAAAAAAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theweek.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theweek.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 481
date: Thu, 01 Apr 2021 11:25:57 GMT
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 13ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=78047029&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftheweek.com%2Fspeedreads%2F975092%2Freport-manhattan-prosecutors-subpoena-bank-records-trump-organization-cfo&ul=en-us&de=UTF-8&dt=Report%3A%20Manhattan%20prosecutors%20subpoena%20bank%20records%20of%20Trump%20Organization%20CFO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blaize&ea=Page%20loaded&el=Group%20A%7CB%7CA%7Cnull%7CA%7CB%7CA%7CA%7CA%7CA&_u=aGjACEADRAQCAG~&jid=1273359548&gjid=1109973164&cid=1777496210.1617276355&tid=UA-54145327-3&_gid=1602138507.1617276358&_r=1&gtm=2wg3o0WNVDSB&cd4=20210331&cd5=News&cd6=Catherine%20Garcia&cd8=975092&cd12=speedread&cd52=speedread%2CNews&cd55=Report%3A%20Manhattan%20prosecutors%20subpoena%20bank%20records%20of%20Trump%20Organization%20CFO&cd81=1&cd82=3&cd83=0&cd84=1&cd85=null&cd86=57b24947-762d-4ac0-a8a5-08e3b39f9d8c&cd102=A%7CB%7CA%7Cnull%7CA%7CB%7CA%7CA%7CA%7CA&cd122=control&cd123=L&cd124=LLL&cd125=D210401%2FahQmbk6Qt4Wg%2BUx56VSRnQ6O9RAemvajCTJJDDFILw%3D&cd126=&z=1616983962

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:25:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-54145327-3&cid=1777496210.1617276355&jid=1273359548&gjid=1109973164&_gid=1602138507.1617276358&_u=aGjACEADRAQCAG~&z=569890384

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Apr 2021 11:25:57 GMT
content-type: text/plain
access-control-allow-origin: https://theweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 6532 400 B
543 B 11ms
11ms Image
image/png 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=462337980564780&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfab805bbe475a4%26domain%3Dtheweek.com%26origin%3Dhttps%253A%252F%252Ftheweek.com%252Ff261438eb44138%26relation%3Dparent.parent&container_width=90&href=http%3A%2F%2Ffacebook.com%2Ftheweek&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=462337980564780&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfab805bbe475a4%26domain%3Dtheweek.com%26origin%3Dhttps%253A%252F%252Ftheweek.com%252Ff261438eb44138%26relation%3Dparent.parent&container_width=90&href=http%3A%2F%2Ffacebook.com%2Ftheweek&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 5DuSGKLgQBd/Lu9yqyW/lqXrQcCZxxXt8rO+HnTgTxXTmHASPqDzPaUvhml9N7J0ua6CQEjKRUMdRjU32Je83A==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Thu, 25 Mar 2021 20:18:51 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Fri, 25 Mar 2022 20:18:51 GMT

GET
H2 200 -ofl1sj1niM.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yT/l/en_US/ Frame 6532 477 KB
124 KB 11ms
11ms XHR
application/x-javascript 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yT/l/en_US/-ofl1sj1niM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=462337980564780&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfab805bbe475a4%26domain%3Dtheweek.com%26origin%3Dhttps%253A%252F%252Ftheweek.com%252Ff261438eb44138%26relation%3Dparent.parent&container_width=90&href=http%3A%2F%2Ffacebook.com%2Ftheweek&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

306259642e1ab99f0a099519f021ace7cacd1c98ae8b0e3ee5346616023eaa40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=462337980564780&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfab805bbe475a4%26domain%3Dtheweek.com%26origin%3Dhttps%253A%252F%252Ftheweek.com%252Ff261438eb44138%26relation%3Dparent.parent&container_width=90&href=http%3A%2F%2Ffacebook.com%2Ftheweek&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: XtgNJdF6sYG94hQQzq7aKrLOhQZ7U8UMF73R2dHvE42mGJcFw0IGFdFYr20CL5j0Tjxcu69CLdGbTBZ6uB5J6A==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: awQGc6luVUibXNvotnP4sw==
date: Tue, 30 Mar 2021 17:30:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 126301
x-fb-rlafr: 0
expires: Wed, 30 Mar 2022 17:30:12 GMT

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 6532 67 B
189 B 31ms
31ms Image
image/png 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1617276357792&t_start=1617276357792&t_domcontent=1617276357797&t_layout=1617276357811&t_onload=1617276357811&t_paint=1617276357811&t_creport=1617276357811&t_tti=1617276357797&lid=6946149062973202281-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=462337980564780&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfab805bbe475a4%26domain%3Dtheweek.com%26origin%3Dhttps%253A%252F%252Ftheweek.com%252Ff261438eb44138%26relation%3Dparent.parent&container_width=90&href=http%3A%2F%2Ffacebook.com%2Ftheweek&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ZvNINre2YtOvke2+LuUiKdOquZd6B8lRyWQtckSfAm6nV7RgRAvH5RoWv6wyBry4a4FK3A1XmelcEcVDGD4KMg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 01 Apr 2021 11:25:57 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK /
eum-blue-saas.instana.io/ 0
190 B 32ms
32ms Other
text/plain 54.229.43.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-blue-saas.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.43.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Thu, 01 Apr 2021 11:25:59 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 0

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame 8391 0
292 B 111ms
110ms XHR
multipart/form-data 3.140.99.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=110954
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.99.218 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 01 Apr 2021 11:26:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://theweek.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK /
eum-blue-saas.instana.io/ 0
190 B 47ms
46ms Other
text/plain 54.229.43.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-blue-saas.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.43.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theweek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Thu, 01 Apr 2021 11:26:04 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 0

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F28B 28 B
266 B 19ms
19ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/7AY_fsySKSA
X-YouTube-Client-Version: 1.20210330.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtIZ0hBYjQ4aTBXSSjC25aDBg%3D%3D
X-YouTube-Ad-Signals: dt=1617276355024&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C350&vis=1&wgl=true&ca_type=image&bid=ANyPxKqeERqyrgDqgzHu_M06o-3bmhucjsLfLYXqrmDBTEfGp4rsz0dsAPjhefBQkZQZxQGSwK_fvR9QaM-WviyNpCT0_n1vxg

Response headers

date: Thu, 01 Apr 2021 11:26:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:26:05 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2AA6 28 B
168 B 19ms
19ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Cfnbf98kR-Q
X-YouTube-Client-Version: 1.20210330.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtIZ0hBYjQ4aTBXSSjC25aDBg%3D%3D
X-YouTube-Ad-Signals: dt=1617276355133&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C350&vis=1&wgl=true&ca_type=image&bid=ANyPxKqGjKGw3mYcyIEmkhjVa_Q8gvkOzOK3HNBDCkowwWfSSPyONDlTxzOqSnysj_agxzoC1GJCNUSAXAHtUxr7Pp9MvL-SHg

Response headers

date: Thu, 01 Apr 2021 11:26:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:26:05 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F71B 28 B
168 B 19ms
19ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/uJcchib4hCw
X-YouTube-Client-Version: 1.20210330.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtIZ0hBYjQ4aTBXSSjC25aDBg%3D%3D
X-YouTube-Ad-Signals: dt=1617276355077&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C350&vis=1&wgl=true&ca_type=image&bid=ANyPxKqdiB8RZf4L9aKDtl_Ba9XJnvX5x1f3KOJ2HzucOhyos1i32Qr8tMsNZxVntkMXTnsGhdV7V9ur8TnVh9QaMD1qsVA19A

Response headers

date: Thu, 01 Apr 2021 11:26:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:26:05 GMT

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D49A 28 B
125 B 30ms
29ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/cxvRXWR9438
X-YouTube-Client-Version: 1.20210330.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtIZ0hBYjQ4aTBXSSjC25aDBg%3D%3D
X-YouTube-Ad-Signals: dt=1617276355325&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C350&vis=1&wgl=true&ca_type=image&bid=ANyPxKqRlPbQ9UzUkHdVyUfdnlo0cYsbqt8kFThE_c0XV2ai0dCpymbxOmVwY1Uzyl4fXy87_7UYm6AawRh_4zVpLJdXaufNZQ

Response headers

date: Thu, 01 Apr 2021 11:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:26:06 GMT

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame DAEB 28 B
305 B 20ms
20ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/jhMHNPH3upE
X-YouTube-Client-Version: 1.20210330.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtIZ0hBYjQ4aTBXSSjC25aDBg%3D%3D
X-YouTube-Ad-Signals: dt=1617276355444&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C350&vis=1&wgl=true&ca_type=image&bid=ANyPxKqcAH_Y8tjX4mU3_KyyysDDIAkCG61Lz3uZdYZYre809yYCgJ6otDKZJrqbmFDIIZzhLVa1YG3EnYsEWgzzDvoo9LXkjg

Response headers

date: Thu, 01 Apr 2021 11:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:26:06 GMT

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 8391 83 B
398 B 178ms
178ms XHR
multipart/form-data 3.140.99.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=110954
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.99.218 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 59c85ee006962d0ff034fd769d72c25dca88c915691e79020e69903494f4d216

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 01 Apr 2021 11:26:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://theweek.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theweek.com/	1970-01-19 17:14:36	Name: _gat_UA-54145327-3 Value: 1
.theweek.com/	1970-01-20 10:45:48	Name: _ga Value: GA1.2.1777496210.1617276355
theweek.com/	1970-01-19 17:14:37	Name: _omappvs Value: 1617276357704
.theweek.com/	1970-01-19 17:16:02	Name: _gid Value: GA1.2.1602138507.1617276358
theweek.com/	1970-01-23 17:13:09	Name: _omappvp Value: iuPoQeTELwKHMR1OAFqxE5Aqx3jAZ93EhJ8M20k3kympannn6Hs72REsVP9fJ8yaRuVLZ1zpuVYZ0GPfuiKf9mQRk3KRkexQ

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.silobreaker.com/e2t/tc/VWGyH71-4DFYW5TXG9Z8DJ1MBW52hptB4pTknQN5LPbTk2-HwLV1-WJV7CgTs-W7xx-fM9cdz4VW7tlxDx2mZWZMW4zplRs5NL6ZfW3yY7w2711G7YW7yHT6C237z_FV7yQwy5fyXl9W4VTKL_2X9w3cW3jh6PM6dYRDXW6R_j__1SVBQtW4bbsQ_6ChvfTW3h0GgD992GFNW8PFKlr37kKZnW4WjvtM4llJXtW2Jwm_v7jpfs5N7tyJXNM3STXN75x7Vmq1TJ-W4RQPb25Y0Sw2W8D_Dkq392Q8cW8fPwbw8S7MZ_W1wN9hD5mnSpLW2KGlxq4zbyY_W7441QJ1h2P3nW8gGth96TjJ2_W6Jk0MV6cn1lLW6Y638k6XfNsLW1mkpQr24QslSW1DVy1f3g720sW4hGDRs5tm9Qg39LD1(Line 13) Message: toS
console-api	log	URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js(Line 1) Message: Messaging without detection successfully executed.
console-api	error	URL: https://cdn.keywee.co/dist/analytics.min.js(Line 1) Message: TypeError: Cannot read property 'setItem' of null
console-api	warning	URL: https://cdn.permutive.com/5642074a-7820-46d3-a3d9-f26f3cc6e800-web.js(Line 1) Message: Permutive was not initialized. localStorage not supported
console-api	log	URL: https://ccpa.sp-prod.net/ccpa.js(Line 1) Message: CCPA script successfully executed.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060601(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://bypass.theweek.com/js/cd079ab.js(Line 1579) Message: new visitor
console-api	log	URL: https://dennis.blueconic.net/plugin/library/a62e20a7c3e8c337b12317ca9e4d8b0c(Line 1093) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://dennis.blueconic.net/plugin/library/a62e20a7c3e8c337b12317ca9e4d8b0c(Line 1088) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 465576534193662.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
ad.doubleclick.net
ampcid.google.com
ampcid.google.de
analytics.twitter.com
api.omappapi.com
api.rlcdn.com
be.durationmedia.net
btloader.com
bypass.theweek.com
c.amazon-adsystem.com
capi.connatix.com
ccpa.sp-prod.net
cd.connatix.com
cdn.blueconic.net
cdn.id5-sync.com
cdn.keywee.co
cdn.permutive.com
cdn.privacy-mgmt.com
cds.connatix.com
code.jquery.com
connect.facebook.net
d2ip7iv1l4ergv.cloudfront.net
datatracking.zeddit.com
dennis-co-uk.videoplayerhub.com
dennis.blueconic.net
entry.zeddit.com
eum-blue-saas.instana.io
eum.instana.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.ytimg.com
images.theweek.com
img.connatix.com
info.silobreaker.com
initiate.zeddit.com
js-sec.indexww.com
match.adsrvr.org
p.typekit.net
ping.chartbeat.net
pixel.keywee.co
platform.instagram.com
platform.twitter.com
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.ads-twitter.com
static.chartbeat.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
syndication.twitter.com
t.co
tag.durationmedia.net
theweek.com
use.typekit.net
vid.connatix.com
webcontentassessor.global.ssl.fastly.net
www.dennis.co.uk
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.youtube.com
yt3.ggpht.com
104.111.238.139
104.18.23.230
104.19.150.54
104.244.42.3
104.244.42.5
104.244.42.8
108.128.220.162
13.225.84.112
13.226.159.31
142.250.186.98
143.204.202.102
143.204.90.109
151.101.113.194
151.101.12.157
151.101.2.137
185.59.220.199
199.60.103.254
2001:4de0:ac18::1:a:3a
216.58.214.198
23.218.208.246
2600:9000:211e:6e00:10:ce97:9fc0:93a1
2600:9000:2127:0:18:1fcd:34e:d2a1
2600:9000:2182:1400:e:ec66:e40:93a1
2600:9000:2182:7a00:1f:10c0:9300:93a1
2600:9000:2182:7e00:6:44e3:f8c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:587
2606:4700:20::681a:932
2606:4700:20::ac43:4686
2606:4700::6810:9df3
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:800::2006
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2016
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c04::9c
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00::210:ba2a
2a02:26f0:7100:298::19fd
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f106:83:face:b00c:0:25de
2a03:2880:f206:c4:face:b00c:0:43fe
2a03:2880:f206:e5:face:b00c:0:4420
3.140.99.218
3.208.245.103
34.120.133.55
34.192.127.138
34.230.209.106
35.197.249.251
46.105.202.126
52.17.101.63
52.24.19.130
54.229.43.10
65.9.58.110
65.9.95.127
65.9.96.113
02affd96a8972b933d7a3c2f7cd1398b512a95612103937c5579ef0bd423eff4
02e0b0463eb2612a8ead8e591f5081f45f11d3b675eb5eb4ff6a37a630104b6c
065aa86c1cd35d5a26995a5c4ab9d64575287610be13d53a806ea5b83bebb7e7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0862c2487c0665ea2123f42a17adf474adee38aab90c6a1a4288a0124d05294a
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
0f4620e714176aa75fb45953e276028060293202ad77dd0127e3b860458f0e73
109e2e3005bd7ded1c6da319eb033be395bc28cbfaa82718c3dd31e5b7a3597e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
126811023686b5fccfb6f3b2ad92b05ee0fda717b3f9300c2040dc3849952ad4
13aab5ccbd47417b02f27e67ed2fb0d653d5afe77551781e37f218c8276aa875
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ed5f2fc1e66035303acba9525aeae50f4b303e9dc137c6e1ced3c240048dddd
1f62d0314c0c4e2d5c57dcb4f2892d86a4f6807d5ce7722f85b0c2b2f431130e
21d9f6ae6c202ad02b14a08371e97db262a0d8b36cc1eea6a4d57a9711846a89
23aa22be1a0ef6aabce05ab7817029e9d4a5b3eb92e5e485df2f2139e7cc6993
24aa5dfe5937dbb0286cdfe9bffdeb41274fca1d7fc1ebe683696c32754cd5b9
256fa88f13d6d977461dc8330ce70d9f231a93074aaebf6d592283133b8afb87
27e8bf0cb08c07b113b889a6cbe31b808d9909c2b5c7493b36def17292b9aee0
290714822395f985081e4c9f9156e76907285730057975c705edbbf3ee8e84f6
292ba4727425b25ed5f0d0dc7ef68566f384ab3354336430bf903786117313bc
2c7849a4c6bc737742805a252d0ed7a58883c4cce575000412887e3b814ca603
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9
2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde
306259642e1ab99f0a099519f021ace7cacd1c98ae8b0e3ee5346616023eaa40
31f5d75e677ff91de18702505c7fbae693917d3901df4e4d54c83f1b3c775947
32aa621c6edb2ed1f409105a39384deba8e28bb0b8a0df30e59856d111511229
346aec395871633c6b8401a7ec46bc0063bc2c08f135d4cae8f5237ae611bc22
34764877071bc2e939cdebb3b3c1a44094a2d936bd72d6685148e5a3732373f9
371fde0bbbc1c422851eda09da8cf602a7aca10f93a95381219e9b85035af7ed
379f1358db0e9352a0dd7f76719a5e49aa399e6805a39c258f446da0b2b02a1d
380386116d8835e377b515878cc5297bf27cabe508f68c63148758e4e512df28
3886f930aa91aaf5b153cae9e472a64dd46841b782939f444da889e93e593001
3a9b532fb08cac21640e90def820adee960efcbbe198f136df925a5ea2e699be
3b4af16bc8d535eaa5923706be1899d9d5e40e33f32d1677dccbace56f70240d
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ea822352510597efb126cd043ecd5d1226ce556be0110c0df5783d3d95378b1
425f1e735e7aa9d891b41c9ff9e616016f2ab9bd817fb79dca1b4ae597a1904c
42e93e94c1a969c480a74f2043d9a62f5741a9c1f6e0a82a13d3301a903bbde2
463bf4e6a836618bce271265951a46b461c3ba14c61508c4fc9f069fe5d972bc
4668425e87b3d03472239bab31d0e44d18ee608fdc4dfdbebdf9ccb969bcaf39
4b31b378f39c6defa128738b8c0074fb788cdc07c925fbcc0c44a444f4de9dda
4beebdb42ef98dccd2072fe2ec45fde764fe3681703ae40318ceb2fe72b0e642
4c39c9160c7938bf298f1233a4a890ca601bad50a896832c51e77878bd8d7e6b
4ccf9a204618cc3ba886b0a1f1cc8d4653b9b5f05940dcfeea888c0e8d63e6e7
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4da3af22685cd41a5ab358abae1feca12168b35c9a7c7f921e0387a3fb0662f5
4e218e3fc6a2cd4db7394de52429103322f41c7a35c978538cbc4e604eb703bf
4ec330ef73cfaa15152a5bdc8fb8460f39ecdfce0b747ed9b99a3f23880e7700
505f592cdecf6df413af2352c526396d5d3cd878e8fbbf693a242bd57e01d249
51a81ff5087d8ce810440d4ba5fc26db94dca3b0669746ef14f9e01385a6b995
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
561e2cc2ff84be0897fc18138575f4c31aaa1afd52731d70949eed5fcd513156
566bf8a98ae88b90d34c5c471560ea8d1c95665a9accb8bd28e09e70d3418d2c
56f048c95f0a1d5a78704d93885cf3b397251bfb49846bc78ec3a9569363542f
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070
59b34eb4d63e9dbc6f5c1f16b5f2116149a0236a39189cdfac0117073ce23152
59c0e6efbedb896499ed0cec94884ab3607cfd9983b24f0d84bd3442a6c84f0c
59c85ee006962d0ff034fd769d72c25dca88c915691e79020e69903494f4d216
5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8
5d1f7ba07a695ae021e40bc75941778d5eed1fdaf057e61e06f78541cba44b48
5ebe362f800324963fe80e32795e423caf853336bd6b45ea41c90c556c075bcc
60c9cc88504fd9b37fc3eb6b846d9a3c409cf5b3760b2ef03ca2e115ff4c77d6
65bccf88f88115be834c412f42124cef2d42f4ddcde9701fc1cd4310f89a8b4a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
689734b713f5c4efded607636372e6a6718f2c445b3998c5ac71582cf7770d3e
6ae5bdb90e77274f7119f2c3705db3fc342ad30ff314099a61f433ce6e254dd0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b895b19247913407e59afe926d0f7fcfee4a5f62e3c12f3396194583fd3df1c
6c24977ac983c0112db73841d4e1917a53251753b070d39b7145123fc8498780
6f9cf248372db3e79653b40d79fd26d8943fc15d856badd6032d7e34cb0961d8
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
71b76d51d2da6bd16bba3c1ae1d61a6f24c72a21d5786e11c2c636ee1f4c908a
72f3481a60f056ba2dd9f54712d84ff709083e13b8e57eedf2e03f1922e368f4
742bf2f370e5a3b9bbbe3c8c872e406f05fa497d0acf19ef61524d372a179a24
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74f8c078fef6dd5a8efe492097c3a11e3a31b8ae0e210a477c4a3d70c7b9ac31
75afcd6252ef0c8bc32b634f48d86684d3d2fd9603256d726d3a6a632067a033
75e43e21ee560551967183393ca63d517306ef2c05705a4a35b85b779521cd0b
767d33317b48b0ec3ad00793284eacb25904b528793809175498b93baa1ada92
7a328c00667393c400f21f0913d72031313f0cbbe2cf9006dc41412bdae7bde2
7ba411a6589f2e1ea3d1b271780623ec046532feeebe3430b16dc78f9d8c29f7
7bc2dd5ff1dcabaa22e905cdc0ae742975ccd73711707a7fbc8f919e0dfed1a3
7f5125217d1ef16b021cc5c94724846ae2e0a9e899190172fb36160c03dbaf5a
80d6c143c04a206bcf05746be60152b9f4a2638e8dbfb8a84efd4fdf201fc185
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834b8273d56ef4cbd9d1bd45cd14621b52dcd372a6e1bcddfe2e3454d7658525
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851da3eb27f41fb96dd016aaf7e931f9205f95e2e934c51b016033eeb332903e
85fd4e012d34c3966e348add38d14ed4c272bbb0bd47bc35a0d0fc95c3573411
87503b0607e740f35c0db718c3f24b633a923217b9acec4f9a77ad485ca9dc4f
876b0e86f9b4ed7d924c72b345b6b88b2939d2fd67f34becf715954c0fbf519a
881e7b20812ce29768f6a17c9ad915d47bda3210d3e9d71211058e678edc200d
88f463df444c800ef20454f789edca3568e3d135d38d5094a106af4d1ac03f17
893fe0bf2a4faf85ea9d84fd60666789ad9dbb7080e6910f723e25e8c190e381
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8ae2d80dd86f277faf6648715e01b2114e01d8d8478924821ee816ad23ef9fea
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579
8c8a013afcc84b7d1fb30bdee502c2bf4cbad6491230c7c34e7518b0403c4698
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
9122c9b6a1f5937e686c48e4a41fa8a22978bbb3cb238e86a387ae33b94bd04d
915efd9cf33dc57c8d02c6fcd87b2ecb19250785ee3824d89ae0a6cec732945a
92238bb4b1044267815facd2468ce7b449503438c2105443f31a8308c50d8d98
9235e24776676b8531b4e2f0906d0b09a29b309f7f0be051e514519b0eaaabfa
93b5ed083890da172d66e71d22afee08570a83ca5ae66c5d68b554a66ebe6a6c
9712da95885dd6bdb189f5a01d816defeb9ef10da71d750906a30e11156bf7c6
97d03f0364ee71256d492e6abad11ff53f0bf177b6476ac4645ea1b045f1f743
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a20a17cd7b49941206eed99fb28e073d98e9ed7c18fbf919f2e86b05de0f9f10
a2234bd16a4a55d6617c5ecd0023be8a570585b8d84df98c2a6c6a45d672b579
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138
a9030e5fd3da89699199107f3c0b560d3e864779722ff3236f37bcd585019a9c
aa7975863a60118324624e0c519edc0569dfabd46d0ba1a526665675301333d3
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aad7e7a8eb8f10f277a21ed0cfef3cd2b51ff4020f464784c59b7f5bf82088ab
abbba943556ec9ceb2a28a8ed710c06fe2a456d854722561d3c972b1bb81e1cc
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acea44b7167f5a9cc4ed95bf4cb6cf8d8feefebaf1a1cedb02a8a8caf1b1e715
ad7cafdba8b70b965b4779feee9765a2bab49092ac08baadd8173fcd01e0e161
ae63a7be894f27f9b5f1aa32c0c198490c219a47066f0e3028318b31932bdede
ae9cad86f8b6139ac389de8bcfda669ce0687e8758a2c2907aeef9adc2cc3c97
b5f830ad89b4ee029c0583173e0086c6248d4d2c594ab866a084b57938597bdc
b633d59ced5ad19802402708ae117a19f8cd718df17441ac151d09882b333269
b727d608a9a74bfc425f201c41fbd4939e7c12dd14b2951e03b1b92847be3ed5
bd82f7ce5f8044a90cf1ae1da7e2e76b874df229c987d3c594a8258a948d2d47
beac9c8bb07c5342d3f859056b4475cfba189e9ea1041dd614a35719e229bfc7
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c404f55745129a328b5afc09179541db419838e0c4ea479578a278e7872367b7
c5b483e0cea9e7b774a196c388bce8502aea246606aa6fe0eb7a6999eea06135
c72bceee168c719353adfd03a33787feabaadaabe3a99d10509fb5d546ca0d73
c74de3b3122a424d7bf1330e18e71444cc5377e06970eaf11a5e33e8899f75b7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cafe8375fe772891a1cafce9de31e8fa2cd4ad22f28d500739d32d510f79ec16
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6337910aabb01d11f6a02c8b4148d743539f2ecc399f6bb33b3bfc70cd5bb5
cff6d399aa3793e3ebf9dc4fb7c21d2a846642f2490d6be9effaff766d4ff5ce
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d2c31bb9c716d1e76e26a1b1ceb38e8e9b0157a867ff57b6469d3e360caa1994
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de4cb59a08c7506ae78ad0a90e215e6461264003473ced6445afc86720e2f4b6
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de87bb5bb9c2badfafdb371fafa2a4277b37ad5bdddb3e51a5b2d1636b8a9885
debb0cf5b0dad0357738cccba85a1cdc04f251f5e99655cbda0c85323036b80b
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1ddbaa5656b81d691f281fff7f65b97344df9d138d33bf5decee8f04cbbae8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e459fc9cd0f986756c48e93c5fb7f2a1080173e1998046fe5859a2a56ea58274
e822947648b73ae37994e5c67c567d09bcfcd1b55778030b4d700d1b3e4846a8
ec9fcf6b659410910ea85ede599a646224af9c17afed0c9f2a41a063876379f8
eccd9d82356daa470ee0cbcd896661c78d291e75f75198a43b77694ef307041e
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee0bdca3a9d5c8b84b33c8ed8df89a7bef61cef37aea30cae2680677cf565169
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef646c6efb9d0d0154b37742605cc70a052dfefb2c6bbe51efc62b6a4c0e472b
efa0893cbeee1fca1e3999d20dda03147246f0a6275b111fafa699fcf88f09f3
f17d275ee6e1c658258b1a2dbfa3e673e01b6b90e477e5258e03f28f04ea4ff8
f34567304f288693cf33a0b0ff04fa42ed930db606948b4d5e6a9c715865affa
f3c20f1080fd06449c2022d774d762c60a94c3c9a956363488228c02055260b9
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f85348f16f773be0593f6964a88ae226c85683d2fd9802c859ce1bf0fda027c1
f95da8ee76b6c6af54fca542f681232b499da7b98457d80b79d2ad09f4300b9f
fc1f61d908bcfa1f811383221a48754fc7e6a47f30d2f574ec0fca7862cb1b35
ff7c449ce793438eb4bad2682bc26200baab4a588374ced0c5b50550f85f8f41
ffa272cd7c67be28bb54afb5184deb64931a4f018890876020acbdbdbb0d7ea2

theweek.com Open in urlscan Pro 65.9.58.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

301 Requests

100 %HTTPS

52 %IPv6

49 Domains

73 Subdomains

66 IPs

7 Countries

6423 kBTransfer

21255 kBSize

5 Cookies

35 Outgoing links

Page URL History

Redirected requests

301 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

theweek.com Open in urlscan Pro
65.9.58.110 Public Scan

Screenshot
Live screenshot

Full Image

301
Requests

100 %
HTTPS

52 %
IPv6

49
Domains

73
Subdomains

66
IPs

7
Countries

6423 kB
Transfer

21255 kB
Size

5
Cookies

301 HTTP transactions
6 data transactions