urlscan.io logo urlscan.io
SecurityTrails logo

biv.com Open in urlscan Pro
2620:12a:8001::2  Public Scan

Go To Rescan Add Verdict Report
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Submission: On October 31 via api from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 8 countries across 37 domains to perform 131 HTTP transactions. The main IP is 2620:12a:8001::2, located in United States and belongs to FASTLY, US. The main domain is biv.com.
TLS certificate: Issued by R3 on September 17th 2023. Valid for: 3 months.
This is the only time biv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 2620:12a:8001::2 54113 (FASTLY)
19 2a00:1450:400... 15169 (GOOGLE)
2 2400:52e0:1a0... 200325 (BUNNYCDN)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
4 35.157.192.247 16509 (AMAZON-02)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
5 2a00:1450:400... 15169 (GOOGLE)
7 51.104.28.77 8075 (MICROSOFT...)
1 18.66.97.10 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 18.245.60.76 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 199.232.192.134 54113 (FASTLY)
1 18.66.112.123 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 65.9.66.97 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.19.8.73 16509 (AMAZON-02)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
9 2a00:1450:400... 15169 (GOOGLE)
1 141.95.33.111 16276 (OVH)
1 35.244.159.8 15169 (GOOGLE)
5 151.139.128.10 20446 (STACKPATH...)
1 78.140.185.31 35415 (WEBZILLA)
2 2a00:1450:400... 15169 (GOOGLE)
3 95.217.58.251 24940 (HETZNER-AS)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
131 48
22    2620:12a:8001::2 (United States)

ASN54113 (FASTLY, US)
biv.com
19    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
securepubads.g.doubleclick.net
2    2400:52e0:1a01::999:1 (Los Angeles, United States)

ASN200325 (BUNNYCDN, SI)
l.getsitecontrol.com
3    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
4    35.157.192.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-192-247.eu-central-1.compute.amazonaws.com
tags.srv.stackadapt.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
5    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adserver.pressboard.ca
sr.studiostack.com
1    18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net
static.hotjar.com
1    2606:4700:4400::ac40:9bc4 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.native.ai
2    18.245.60.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-76.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    2606:4700:20::ac43:4761 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bugherd.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleapis.com
1    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
biv.disqus.com
1    18.66.112.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-123.fra56.r.cloudfront.net
w.soundcloud.com
3    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:2250:a000:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
6    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
643c8a8a6bb56185da3dc31c62083bc6.safeframe.googlesyndication.com
1    52.19.8.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
9    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
5    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
tj6w5.flx10.com
k3vzn.flx10.com
1    78.140.185.31 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 1c2-10-d2774-31.webazilla.com
cdn.ad.plus
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    95.217.58.251 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.251.58.217.95.clients.your-server.de
serving.stat-rock.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ad.plus
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
Apex Domain
Subdomains		 Transfer
22 biv.com
biv.com
600 KB
16 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
643c8a8a6bb56185da3dc31c62083bc6.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
357 KB
16 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
159 KB
6 studiostack.com
sr.studiostack.com — Cisco Umbrella Rank: 46268
27 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
325 KB
5 flx10.com
tj6w5.flx10.com — Cisco Umbrella Rank: 113110
k3vzn.flx10.com — Cisco Umbrella Rank: 123943
118 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
www.googleapis.com — Cisco Umbrella Rank: 22
imasdk.googleapis.com — Cisco Umbrella Rank: 447
127 KB
4 google.com
ampcid.google.com — Cisco Umbrella Rank: 2931
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
2 KB
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 2977
9 KB
3 stat-rock.com
serving.stat-rock.com — Cisco Umbrella Rank: 17174
4 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
7 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
709 B
3 google.de
ampcid.google.de — Cisco Umbrella Rank: 86280
www.google.de — Cisco Umbrella Rank: 6862
877 B
2 gstatic.com
fonts.gstatic.com
10 KB
2 ad.plus
cdn.ad.plus — Cisco Umbrella Rank: 129478
ad.plus — Cisco Umbrella Rank: 108241
109 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
12 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
31 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
px4.ads.linkedin.com — Cisco Umbrella Rank: 6003
1 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 778
7 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
88 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
168 KB
2 getsitecontrol.com
l.getsitecontrol.com — Cisco Umbrella Rank: 18442
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
13 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
5 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
1 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 soundcloud.com
w.soundcloud.com — Cisco Umbrella Rank: 16508
4 KB
1 disqus.com
biv.disqus.com
2 KB
1 bugherd.com
www.bugherd.com — Cisco Umbrella Rank: 19348
886 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 native.ai
cdn.native.ai
1 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 727
432 B
1 pressboard.ca
adserver.pressboard.ca — Cisco Umbrella Rank: 81416
788 B
131 37
Domain Requested by
22 biv.com biv.com
13 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
biv.com
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 sr.studiostack.com adserver.pressboard.ca
sr.studiostack.com
6 www.googletagservices.com biv.com
securepubads.g.doubleclick.net
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 tags.srv.stackadapt.com biv.com
tags.srv.stackadapt.com
3 serving.stat-rock.com cdn.ad.plus
3 k3vzn.flx10.com tj6w5.flx10.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 fonts.googleapis.com biv.com
tj6w5.flx10.com
2 fonts.gstatic.com fonts.googleapis.com
2 tj6w5.flx10.com securepubads.g.doubleclick.net
tj6w5.flx10.com
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects
2 www.google.com biv.com
tpc.googlesyndication.com
2 www.google.de biv.com
2 sb.scorecardresearch.com biv.com
2 snap.licdn.com biv.com
snap.licdn.com
2 connect.facebook.net biv.com
connect.facebook.net
2 www.googletagmanager.com biv.com
www.google-analytics.com
2 l.getsitecontrol.com biv.com
l.getsitecontrol.com
1 imasdk.googleapis.com cdn.ad.plus
1 ad.plus
1 cdn.ad.plus securepubads.g.doubleclick.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com
1 id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 643c8a8a6bb56185da3dc31c62083bc6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 region1.analytics.google.com www.googletagmanager.com
1 w.soundcloud.com www.googletagmanager.com
1 biv.disqus.com biv.com
1 www.googleapis.com biv.com
1 www.bugherd.com biv.com
1 ampcid.google.de www.google-analytics.com
1 www.facebook.com biv.com
1 ampcid.google.com www.google-analytics.com
1 cdn.native.ai biv.com
1 static.hotjar.com biv.com
1 adserver.pressboard.ca biv.com
1 px4.ads.linkedin.com biv.com
1 px.ads.linkedin.com 1 redirects
131 52
Subject Issuer Validity Valid
biv.com
R3		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2		 2023-03-07 -
2024-04-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-09 -
2023-11-07		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-09-09 -
2024-10-07		 a year crt.sh
*.pressboard.ca
Go Daddy Secure Certificate Authority - G2		 2023-02-13 -
2024-03-16		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-27 -
2024-04-26		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
bugherd.com
GTS CA 1P5		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-13 -
2024-04-20		 a year crt.sh
*.soundcloud.com
GlobalSign GCC R3 DV TLS CA 2020		 2023-01-24 -
2024-02-25		 a year crt.sh
*.studiostack.com
Go Daddy Secure Certificate Authority - G2		 2022-11-16 -
2023-12-18		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
tj6w5.flx10.com
R3		 2023-09-26 -
2023-12-25		 3 months crt.sh
cdn.ad.plus
R3		 2023-10-08 -
2024-01-06		 3 months crt.sh
k3vzn.flx10.com
R3		 2023-09-26 -
2023-12-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
serving.stat-rock.com
R3		 2023-09-17 -
2023-12-16		 3 months crt.sh
ad.plus
E1		 2023-10-30 -
2024-01-28		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Frame ID: 4B476FDF6228E2052EC9F2795F766153
Requests: 85 HTTP requests in this frame

Frame: https://643c8a8a6bb56185da3dc31c62083bc6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8B1854E72EB1108E1E3B2F589E3CF94F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=biv.com
Frame ID: 1F417223C93BF84050B29BF0E50F7FC9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1FA3740A9F59AABF29E72F96E9744BA4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D70BE2BEB965335475CB643EFC812304
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 738FF07FD567E9C67BDC10D114977A19
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9ClLkWaYwHGEAhGIJtMBOqNVaW5sJbgJuD0iQJlHHP6T5emEOCWHklH2v7xkTxkPqKHr3FgemdmO6Ws6ip_y5lC91GsOqSyYlRSqMMQ5rytp6AeDYRC7162MM1YMK9IToKzcAHusPokAqHydpd7EFBcL12H0pzAMcaZGmzna0Eoo55t6TyRslecqeC5xuY9P9xxrmP0_Ar5T9p_fNZXG79ctuKzpvDR6mF0TesgzbiR27U2-DU2ENolVNHTpRVS9NeltkIw1TgUkqnLiePrV6nnx350Q5QyH_1WvQ92ynswy5jgjhCnHvtPmoYNu0ohJriBrT0J99cKrN1dymcPBn9rLKe8OW8wDrD6GOzU-D9HFQEW7bHNW_KYeEElURUmiEBdetF14GkeAK9wOe&sai=AMfl-YS4ES1omBQ0qxpcmhyKKHYVM7KJasrjaIj7UkhS807tm6_wc_n42xfUxYtUBcXRjlgr5QM9o6y1_JjbYZ9sQyHRiKkh0a4oxJQ-Uku7opkTW7RTtTmOLyQzqXQkSwpy9Lr8WvVfNzZ4Eu3CKY8r&sig=Cg0ArKJSzA5CjjK5K2AcEAE&uach_m=[UACH]&adurl=
Frame ID: B6F88937B16E5FE6A26621010BF207B9
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst47YfaA4J1ZrqcLU5lfr4i3kwIlvM5l7Up42bbZJ3zSZvc27vVsev90_c1NjLQZPSlwL1Ul8iyqJREhZgliLzI3trGlQ3jdBi4pmOiO6YJN6azGt1O2jxGDvHtEccAqFEjkwSfNpCDbDBOGntFRY_I6_mlSrq3Zl52ZZ3OM_x1vE61tTBuGL67v21M-2fOSlTcf8Rg0OUg86qgnkxfx00ga5Ej3m0C4iCPOsgAbVGo11-TIwc8Dd50Piho7h7WiHdRe2rxq_2e0F7B5eJFhjxKfIwP0fckhvrauHWwLFprBcF99HiSUNVoz17KshP32JnGdFm1DelVbRYlSU1JoJ660TT1-4UcGYzrSR5rFCc6UyFwUZotk3uIEFUrzCqkO92RrezFpKIYzzQ&sai=AMfl-YRTqzDysb02VaNdWABlCfLePitRFzI9mMn1Ems16vd2RPMgF-1DacbgKixr7kYRVLv6GjQVQAM27ouWT_PYhyqCgK_PqPAcBSPYAzAC_M-fjeNheHLjIKyqVJ_695Uc3XFeOb5a8pbiykSIFxms&sig=Cg0ArKJSzKLsh46BtXx0EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F53328B49B7A05558B0924A25B3D977E
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOrR8Aw_8ne3l3ghK03TW8msQZxye6_U7L3nhladBmM2Jxkz3i7ebZCr-hqe7YuHMqi2TzlgHBv0JXinFtmabT2DI8R7PJWh35IHBoBftsvb-PgCqMyiIgRrdso4v5V1yUXyzSbb6IFvFXuBBINErWHueQ4SDJFTbrvijnARRS09YvW_pzAuno0izz7QCRbD4oy_ANOvVYxX5BeeYy9b1lneX3Xu7RChYBBUIP4tyJwKpA1fq-STkU7Z3eBmHrwM9oQu1u_iaR64rSzYbvYyfZo5L1_xfJJNM28mgSuuu15vZf10fROgo5UuVUR0L6wrCLMxKENBEkPxArMoGEjLT4NrEAVXMPictjYjkQEExjkaA9LIW9JV86UMzZf64RtWSzH5GmuLZTbj_f0zict57u1oD2CHPU-k8TT_kuusxJSio_Qw&sai=AMfl-YT6SWMNgDczAqC3aKq85oRcaQsJ_KgJY8l3wvOJvo8O3jKmK6R2krLEaaxdKwq4EUXfQMbC8-_8smILk-ulcnGQWu2-Fp2hrscy-vDY7nb1fRyWf-q4teerOcIyxRJr-DnZSHJEgiAxWwhoDm2t&sig=Cg0ArKJSzA22sXm1eMmuEAE&uach_m=[UACH]&adurl=
Frame ID: 4C214B0EF7FFDCEB2E05F44001F4234E
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAMf655wy60xODKdujI4Gl7rJJikiH2h5223J9jBC7Oqhnc_dQwT_s0MximMc41-4OGQDSlszavJrLiUQ4QuO-VGimQVej0pAeZepnE89R7mbpKhby6x9RVmg_oF3IqOZI85l4PxhGzptNA4Uhw3hVuWpC_FVhgq331lqkp0_dI_s7S6mod4pqgGRcJGQBdFm9WNiMX2COItBua-y4bqw3bKbCl66u0hUlWWVg8r6Mag2XuWWPwiZJMrhUo6jbiumIqhcliZD_xlUq-iysgz6SsUxxREjJqLg0Y4YKO2EkHzENWf0ZyPxg86KYPK-czb7hDi-mz8dZ6gApmG8XZbKvtnoM7b6NtENnDhmYdYGlFai60Pyr8RDmkjentApVeKcv5XOkELs197ryOjkQlFCGyMxQG_ypWh7C7o_leiIcqnrKdw&sai=AMfl-YQ2SUGIsn34QBlyBcjzshLCQgVFN4uaH8jYXwV7Bu0-HI4lyBMBqvVXqJV2lgVO8nK9WrVwWpck4fwKVsB5bSgV_9DVZjoQ2xWKhmiEmHZcEk_vtBwJVMep7z4opct1fWameHSY41cTwjOsUCMw&sig=Cg0ArKJSzBGyZWir6tKPEAE&uach_m=[UACH]&adurl=
Frame ID: 504248E46673708C67281A7F420F77A1
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswnAal1bdSOhhckutudbJrZ9yuvaJ-X6K_6_KK2neDVxMI-rE0la4DuBloYJ7cb2kPncmVkkKNJ1oCUnmqLz52ywknB_EbGw6TWIABTu0yedtBzf1yv8VEG_PEyxJMPKbEVNllnf6x0RpPpunwSPdjNbSxWlxazsqW-2SsgKS8eic4in_HdY3fZW39NnUr-GTsxp47IG-OULFoppVZzT-DiPOrmgDTGSNA43cbOnkcUK-fu6L7G92fOaIJ6A5k_GTu1R6YNP5WbC4fYaDuQ6aGSR6NEKzNQ5F1YLJgeUEPZAFv7ONKX4t7EEbtnm9DLZnkVfQntmAYWdqW9npnktNpy_vUX7NYlNnfwXxqlNsIbU99Xj9UD-W0XG08lhFAqhFgaX_voQ&sai=AMfl-YT6pdkHvKpX2VDXYIhWkUlG-BiKWJ2OjGxGGSsw9CS5SwcKlCtRNk-I7SpRHMK9YM1yK17ixRrwVDRYQwe-_r3Bjgb-ZLMrc_V8PeMNEGQKmzsibTxJJTi96XY9ClN0ImFAfm9REr6eWEMm2WSh&sig=Cg0ArKJSzGRDVilpUtX6EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 56E22BBB3156C1F4B4F573E3DF1D5281
Requests: 9 HTTP requests in this frame

Frame: https://tj6w5.flx10.com/v2/ewxbvib8Fpi/?cacheBuster=1467374737&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstY7tidpUqjNZJnebCtoGX_oWOIbIffajLz23nILl4ZvhneM9SOsKC1CDXfoalEf0IeGXXKjET53dEIrEDrcz6dblk9-gXyRwQSavcOyrlLPRpY7UEzpfJPklB1VKqv1Lf6Fb_csI5L543vzEuwMzFWG6VuyzXlJUCWyaUAyYCb4j77Zkr2rGnkXJZ-q0Hf0XtcvTM9Db2fWV3G0JcohBwvICWx3qIfxCHANu-5fQLIF09fCp7K63mszssx_eW52l0n-t51aVRWX_I3gm1wtcPTtFA-y_sykaqdahvRySKRo07YUu1dROb5jjkFCiQJlZwZvtKNN8nOCV1YCUdTFRKfovQ1pXzspa81iUpdOpe12AbU-5YQEuR1xvJny6sBive-2L3ySNg%26sai%3DAMfl-YQ7KUHG_aCh8_d9lfDzqAJq7SwLxwFIiDReBRM0Xx9Hqyc2m65NIkx0PT2xXKSD6x5cXAY57w8laoYkZf2NgObSi0r8FihnqNU2rQtzDThTf-3iIDBWg3rwNBlELiAfaHvMgRKg_5EcyX90Y0yj%26sig%3DCg0ArKJSzDIeOMAcQexxEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D
Frame ID: 48B75579A841FD4F345993CAB8A042A5
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ivanhoe responds to allegations of corruption in DRC - Resources & Agriculture | Business in VancouverShare-ArrowFacebook-DarkLinkedinTwitter

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

131
Requests

98 %
HTTPS

63 %
IPv6

37
Domains

52
Subdomains

48
IPs

8
Countries

2228 kB
Transfer

5212 kB
Size

28
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4249324&time=1698732803288&url=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4249324&time=1698732803288&url=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&e_ipv6=AQKc9qgrnO8howAAAYuEXYU9b00aX_8Mbj0jJcufMY0UWVnLHSVKjIpNCjNhMDEP
Request Chain 79
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&rid=esp&cc=1
Request Chain 83
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=biv.com&sn=ChromeSyncframe&so=0&topUrl=biv.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=MgdPu3x5bmRkb3VRZGhKdngrTm4xSzdRYnd6NmE1ZVFHaWpadGorSjJ4Rjc5T01lMVBvbTdKZWpSSXRacGR0QnFScklpcmZDbTdWQXlKeVFDZ1dRS3BIVCtoY08zUXdjbllrQmtKSDZ3TXR1SVNaamFWbDljbWJXUXFrbjJHbmx3OUQ5UUpWWlhoeTlRdHcyWHFkbzJmS3VVdnRNSXBKMmRDck9wZDBjdEhYdWllRzJzVkUycXMwaU53d3pwbGxvTjQvRzJQNHNpcmVETFdkRC9jNWQ1WTZpZkNYMzZMeTdtVjd5ZTZXckRKVjhBRWF3U0hIMjQwM2pnL21vRmtSdmZYTG1ZRU54TmhRT0RSajhtMFpsN09GcTRpdz09fA&cppv=2

131 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ivanhoe-responds-allegations-corruption-drc
biv.com/article/2022/12/ 		68 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e6422c0cd2896da46b01bf3d520b634e2277d7393b1916aa19c143fa1fe42164
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
732
cache-control
max-age=3600, public
content-encoding
gzip
content-language
en
content-length
19283
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 06:13:22 GMT
etag
W/"1698732070"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Tue, 31 Oct 2023 06:01:10 GMT
link
<https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc?amp> rel="amphtml"
server
nginx
vary
Accept-Encoding, Cookie, Cookie, Cookie
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
3, 0
x-content-type-options
nosniff
x-drupal-cache
MISS
x-drupal-dynamic-cache
MISS
x-frame-options
SAMEORIGIN
x-generator
Drupal 8 (https://www.drupal.org)
x-pantheon-styx-hostname
styx-fe2-b-5ddfb4c7bf-qxtch
x-served-by
cache-chi-klot8100027-CHI, cache-maa10221-MAA
x-styx-req-id
e3a6e3e6-77b2-11ee-906c-de28c096e1c1
x-timer
S1698732802.437518,VS0,VE247
x-ua-compatible
IE=edge
css_GpvjeKUfy3u4AlgpYap3CUERjgE6wDCswiNFwgUz_Uc.css
biv.com/sites/default/files/css/ 		51 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://biv.com/sites/default/files/css/css_GpvjeKUfy3u4AlgpYap3CUERjgE6wDCswiNFwgUz_Uc.css?s38xtf
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1a9be378a51fcb7bb802582961aa770941118e013ac030acc22345c20533fd47

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Mon, 28 Oct 2024 16:01:02 GMT
date
Tue, 31 Oct 2023 06:13:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-a-b566db499-nx9qc
age
223939
x-cache
HIT, HIT
content-length
13850
x-served-by
cache-chi-klot8100119-CHI, cache-maa10221-MAA
last-modified
Tue, 03 Oct 2023 14:33:08 GMT
server
nginx
x-timer
S1698732803.872882,VS0,VE1
etag
W/"651c2624-cdaa"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
31c55caa-75ab-11ee-af59-fa8b14041b30
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
3, 1
css_2B3x-a0JU0wEDVNOOCG3a1FrKwjonzb_ARDpQUNqskc.css
biv.com/sites/default/files/css/ 		183 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://biv.com/sites/default/files/css/css_2B3x-a0JU0wEDVNOOCG3a1FrKwjonzb_ARDpQUNqskc.css?s38xtf
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d81df1f9ad09534c040d534e3821b76b516b2b08e89f36ff0110e941436ab247

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Mon, 28 Oct 2024 16:01:02 GMT
date
Tue, 31 Oct 2023 06:13:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-a-b566db499-w998v
age
223940
x-cache
HIT, HIT
content-length
33443
x-served-by
cache-chi-klot8100149-CHI, cache-maa10221-MAA
last-modified
Tue, 03 Oct 2023 14:33:06 GMT
server
nginx
x-timer
S1698732803.873078,VS0,VE1
etag
W/"651c2622-2dd85"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
31c51857-75ab-11ee-add3-9abff781c08d
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
css_n4lBEA5Z4wCFL2bJoi5-rwLkL66LN65F3k28dmr3zSs.css
biv.com/sites/default/files/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://biv.com/sites/default/files/css/css_n4lBEA5Z4wCFL2bJoi5-rwLkL66LN65F3k28dmr3zSs.css?s38xtf
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9f8941100e59e300852f66c9a22e7eaf02e42fae8b37ae45de4dbc766af7cd2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Mon, 28 Oct 2024 16:01:03 GMT
date
Tue, 31 Oct 2023 06:13:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-a-b566db499-w998v
age
223939
x-cache
HIT, HIT
content-length
992
x-served-by
cache-chi-klot8100025-CHI, cache-maa10221-MAA
last-modified
Tue, 03 Oct 2023 14:33:07 GMT
server
nginx
x-timer
S1698732803.873587,VS0,VE1
etag
W/"651c2623-bb4"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
31c8d527-75ab-11ee-add3-9abff781c08d
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
4, 1
js_K3PGwmvNJ8jmCtWJSouGlZo57Nj5cHBFq11XCRe_eWo.js
biv.com/sites/default/files/js/ 		112 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biv.com/sites/default/files/js/js_K3PGwmvNJ8jmCtWJSouGlZo57Nj5cHBFq11XCRe_eWo.js
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b73c6c26bcd27c8e60ad5894a8b86959a39ecd8f9707045ab5d570917bf796a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Wed, 23 Oct 2024 14:20:59 GMT
date
Tue, 31 Oct 2023 06:13:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-b-5ddfb4c7bf-zmwcp
age
223939
x-cache
HIT, HIT
content-length
45319
x-served-by
cache-chi-klot8100120-CHI, cache-maa10221-MAA
last-modified
Mon, 23 Oct 2023 14:20:29 GMT
server
nginx
x-timer
S1698732803.873570,VS0,VE1
etag
W/"6536812d-1bf95"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
634ee451-71af-11ee-86e6-0667faf37296
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
35, 1
gpt.js
www.googletagservices.com/tag/js/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0309254a2d5955ce2037d5d8981beb0d1e28a06b50a28a1d192fea2b54a5909a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29792
x-xss-protection
0
server
cafe
etag
785 / 19661 / 31079180 / config-hash: 9617840091010596719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 06:13:23 GMT
present.svg
biv.com/themes/custom/biv/images/ 		1 KB
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biv.com/themes/custom/biv/images/present.svg
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
594395406053a257cc775041fab878f00a41873f1c0027f9f1b88c8384044dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Mon, 28 Oct 2024 16:01:03 GMT
date
Tue, 31 Oct 2023 06:13:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-b-5ddfb4c7bf-z9lqd
age
223940
x-cache
HIT, HIT
content-length
681
x-served-by
cache-chi-klot8100143-CHI, cache-maa10221-MAA
last-modified
Fri, 27 Oct 2023 21:00:29 GMT
server
nginx
x-timer
S1698732803.873554,VS0,VE1
etag
W/"653c24ed-4b4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
31f6dfe1-75ab-11ee-aa81-f636afd66674
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
9, 1
css_bw_48veapHDtGDHNNQMyLTdGjFGhrFu6nxTg85LeCV8.css
biv.com/sites/default/files/css/ 		293 B
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://biv.com/sites/default/files/css/css_bw_48veapHDtGDHNNQMyLTdGjFGhrFu6nxTg85LeCV8.css?s38xtf
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6f0ff8f2f79aa470ed1831cd3503322d37468c51a1ac5bba9f14e0f392de095f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Mon, 28 Oct 2024 16:01:03 GMT
date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-a-b566db499-drgrc
age
223940
x-cache
HIT, HIT
content-length
172
x-served-by
cache-chi-kigq8000035-CHI, cache-maa10221-MAA
last-modified
Tue, 03 Oct 2023 14:33:06 GMT
server
nginx
x-timer
S1698732803.338450,VS0,VE1
etag
W/"651c2622-125"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
31e4dd5c-75ab-11ee-a160-72fc6003273f
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
5, 1
biv-resources-agriculture.svg
biv.com/sites/default/files/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biv.com/sites/default/files/biv-resources-agriculture.svg
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
45068adc3a9729e99f5950563f014d5060ac2bea681966e90ffc3ac5022ed1c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Fri, 20 Sep 2024 14:03:05 GMT
date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-b-65f885485-62cmk
age
223701
x-cache
HIT, HIT
content-length
1435
x-served-by
cache-chi-klot8100077-CHI, cache-maa10221-MAA
last-modified
Fri, 20 Dec 2019 00:41:11 GMT
server
nginx
x-timer
S1698732803.337928,VS0,VE2
etag
W/"5dfc18a7-cd2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
6b53d696-57be-11ee-b066-1e8ef206825b
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
farmfarmersfarmhandcarlosbezz-moment-gettyimages.jpg
biv.com/sites/default/files/styles/image_footer/public/2023-05/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biv.com/sites/default/files/styles/image_footer/public/2023-05/farmfarmersfarmhandcarlosbezz-moment-gettyimages.jpg?h=ea06172a&itok=3VhVQrML
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7fd4cdb4acdd216cd89f8adde02bf0efb9b0c19de093c6da893abbd92c30385f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-b-b855dbfb-vzqwq
date
Tue, 31 Oct 2023 06:13:22 GMT
via
1.1 varnish, 1.1 varnish
expires
Wed, 16 Oct 2024 21:37:43 GMT
age
4379
x-cache
HIT, HIT
content-length
45457
x-served-by
cache-chi-klot8100149-CHI, cache-maa10221-MAA
last-modified
Mon, 08 May 2023 17:15:19 GMT
server
nginx
x-timer
S1698732803.893416,VS0,VE2
etag
"64592e27-b191"
content-type
image/jpeg
x-styx-req-id
3d457591-6c6c-11ee-bd88-962b8604e781
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
9, 1
village-farms-pure-sunfarms-cannabis-grower-delta-bccreditdeltaoptimistfilephoto.jpg
biv.com/sites/default/files/styles/image_footer/public/2023-10/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biv.com/sites/default/files/styles/image_footer/public/2023-10/village-farms-pure-sunfarms-cannabis-grower-delta-bccreditdeltaoptimistfilephoto.jpg?h=00640a3b&itok=ZC9MAQql
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
22158f5f86795d3ab0527e1791309efef988a86a57c16daf548fb1a81cc5ef2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-b-5ddfb4c7bf-qxtch
date
Tue, 31 Oct 2023 06:13:23 GMT
via
1.1 varnish, 1.1 varnish
expires
Wed, 30 Oct 2024 23:30:59 GMT
age
24143
x-cache
HIT, HIT
content-length
36677
x-served-by
cache-chi-klot8100160-CHI, cache-maa10221-MAA
last-modified
Mon, 30 Oct 2023 23:30:51 GMT
server
nginx
x-timer
S1698732803.322256,VS0,VE12
etag
"65403cab-8f45"
content-type
image/jpeg
x-styx-req-id
6206c32e-777c-11ee-906c-de28c096e1c1
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
12, 1
donnie-creek-5creditbcwildfireservice.jpg
biv.com/sites/default/files/styles/image_footer/public/2023-07/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biv.com/sites/default/files/styles/image_footer/public/2023-07/donnie-creek-5creditbcwildfireservice.jpg?h=560b4702&itok=LtkpBhod
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
92d8e836e51c4440c1cd1cd705467344e5a515233385daa34972a00be9149ea4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-b-5ddfb4c7bf-wfchp
date
Tue, 31 Oct 2023 06:13:23 GMT
via
1.1 varnish, 1.1 varnish
expires
Wed, 30 Oct 2024 23:10:12 GMT
age
25391
x-cache
HIT, HIT
content-length
47199
x-served-by
cache-chi-kigq8000067-CHI, cache-maa10221-MAA
last-modified
Thu, 06 Jul 2023 20:30:34 GMT
server
nginx
x-timer
S1698732803.337489,VS0,VE2
etag
"64a7246a-b85f"
content-type
image/jpeg
x-styx-req-id
7a9fbbfe-7779-11ee-a133-a2148ff1a959
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
12, 1
san-jose-silver-mine-creditfortunasilver.jpg
biv.com/sites/default/files/styles/image_footer/public/2023-10/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biv.com/sites/default/files/styles/image_footer/public/2023-10/san-jose-silver-mine-creditfortunasilver.jpg?h=73036c1c&itok=qfhPeofq
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f1fcae3d8db5f251766244e1bae58a5eceedb7ed01db4ed8a36382524c5b8f40

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-b-5ddfb4c7bf-wfchp
date
Tue, 31 Oct 2023 06:13:23 GMT
via
1.1 varnish, 1.1 varnish
expires
Wed, 30 Oct 2024 23:00:24 GMT
age
25979
x-cache
HIT, HIT
content-length
41329
x-served-by
cache-chi-kigq8000067-CHI, cache-maa10221-MAA
last-modified
Mon, 30 Oct 2023 23:00:08 GMT
server
nginx
x-timer
S1698732803.337976,VS0,VE3
etag
"65403578-a171"
content-type
image/jpeg
x-styx-req-id
1bfe3454-7778-11ee-a133-a2148ff1a959
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
18, 1
tiffmacklem2creditchungchow.jpg
biv.com/sites/default/files/styles/image_footer/public/2023-09/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biv.com/sites/default/files/styles/image_footer/public/2023-09/tiffmacklem2creditchungchow.jpg?h=8de098cb&itok=uK_DW_D5
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c622c12e8824623770bcd32322a451ca6a2f3ca8322c587ad878a97a1f7f4a31

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-b-5ddfb4c7bf-x5gbq
date
Tue, 31 Oct 2023 06:13:23 GMT
via
1.1 varnish, 1.1 varnish
expires
Wed, 30 Oct 2024 19:03:23 GMT
age
40199
x-cache
HIT, HIT
content-length
20218
x-served-by
cache-chi-klot8100097-CHI, cache-maa10221-MAA
last-modified
Wed, 20 Sep 2023 18:30:20 GMT
server
nginx
x-timer
S1698732803.338689,VS0,VE2
etag
"650b3a3c-4efa"
content-type
image/jpeg
x-styx-req-id
ffe87546-7756-11ee-b8a1-ce38f14dafbc
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
28, 1
190123-bchydrobldg-038.jpg
biv.com/sites/default/files/styles/image_footer/public/2019-02/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biv.com/sites/default/files/styles/image_footer/public/2019-02/190123-bchydrobldg-038.jpg?h=e81cc236&itok=OKGWiWGK
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
80c010622fb0f81dc3f3b1e7d3f9f662c4502e0d1c0c9440b1bc0336c314fb0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-a-74d4fcf988-n7mf7
date
Tue, 31 Oct 2023 06:13:23 GMT
via
1.1 varnish, 1.1 varnish
expires
Fri, 18 Oct 2024 12:00:14 GMT
age
29592
x-cache
HIT, HIT
content-length
26204
x-served-by
cache-chi-klot8100095-CHI, cache-maa10221-MAA
last-modified
Fri, 20 Dec 2019 00:41:20 GMT
server
nginx
x-timer
S1698732803.338780,VS0,VE2
etag
"5dfc18b0-665c"
content-type
image/jpeg
x-styx-req-id
e5dc3023-6dad-11ee-9c65-be9e5649fd7b
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
4, 1
vacancyrentrentalvictoriacreditdarrenstonetimescolonist.jpg
biv.com/sites/default/files/styles/image_footer/public/2023-10/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biv.com/sites/default/files/styles/image_footer/public/2023-10/vacancyrentrentalvictoriacreditdarrenstonetimescolonist.jpg?h=5ad91f01&itok=KBdczFD9
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b200c3dadfbd0d6a2a92f00221ee0a4ed958b56cbd0f6cb671fb7da9b967dc64

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-a-74d4fcf988-789km
date
Tue, 31 Oct 2023 06:13:23 GMT
via
1.1 varnish, 1.1 varnish
expires
Sat, 12 Oct 2024 15:45:09 GMT
age
31030
x-cache
HIT, HIT
content-length
59282
x-served-by
cache-chi-klot8100097-CHI, cache-maa10221-MAA
last-modified
Thu, 12 Oct 2023 15:45:07 GMT
server
nginx
x-timer
S1698732803.338587,VS0,VE2
etag
"65281483-e792"
content-type
image/jpeg
x-styx-req-id
52fae7b5-6916-11ee-ba43-1e59a77309de
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
47, 1
childcarelourdesbalduque-moment-gettyimages_0.jpg
biv.com/sites/default/files/styles/image_footer/public/2023-04/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biv.com/sites/default/files/styles/image_footer/public/2023-04/childcarelourdesbalduque-moment-gettyimages_0.jpg?h=ea06172a&itok=z_JqYP40
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
92c1f992ddb36e99d52dc8c5555a21f1200d7bbc400dd10819c1758bbcc31f78

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-b-5ddfb4c7bf-q4sps
date
Tue, 31 Oct 2023 06:13:23 GMT
via
1.1 varnish, 1.1 varnish
expires
Wed, 30 Oct 2024 20:30:06 GMT
age
34997
x-cache
HIT, HIT
content-length
24797
x-served-by
cache-chi-kigq8000031-CHI, cache-maa10221-MAA
last-modified
Thu, 13 Jul 2023 23:00:06 GMT
server
nginx
x-timer
S1698732803.338435,VS0,VE2
etag
"64b081f6-60dd"
content-type
image/jpeg
x-styx-req-id
1cb1ed96-7763-11ee-8de3-b27325ed2062
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
26, 1
k4ydk9r4.js
l.getsitecontrol.com/ 		433 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/k4ydk9r4.js
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a01::999:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-LA1-999 /
Resource Hash
86d3ad61a152ba18ac3f576c8d24b0415a59337380d159bb1da2a283ff4971d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
br
cdn-edgestorageid
1108
x-amz-request-id
0TQ5YTVAB239V08A
x-amz-server-side-encryption
AES256
cdn-cachedat
06/19/2023 21:15:20
cdn-pullzone
89704
cross-origin-resource-policy
cross-origin
x-amz-id-2
ZnTYaWwDqqJJ5fXKtXurn+SfmxAYbqG4BuTnmrGjf+1aXYUBJgsw2YRdQAwrPrV5VsU9S7VTag0=
last-modified
Wed, 05 Apr 2023 19:51:57 GMT
server
BunnyCDN-LA1-999
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"85c4459c63f369856237e319dafeadc3"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
cdn-requestid
cc9041c702616aab786f1eef7b0f2d94
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
js_GrjRLjDvyYr9DF6H2Gaopp9sH9TerEP6lMfd578-C60.js
biv.com/sites/default/files/js/ 		176 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biv.com/sites/default/files/js/js_GrjRLjDvyYr9DF6H2Gaopp9sH9TerEP6lMfd578-C60.js
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1ab8d12e30efc98afd0c5e87d866a8a69f6c1fd4deac43fa94c7dde7bf3e0bad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Wed, 23 Oct 2024 14:20:59 GMT
date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-b-5ddfb4c7bf-xjw5d
age
223940
x-cache
HIT, HIT
content-length
62997
x-served-by
cache-chi-kigq8000156-CHI, cache-maa10221-MAA
last-modified
Mon, 23 Oct 2023 14:20:30 GMT
server
nginx
x-timer
S1698732803.337962,VS0,VE2
etag
W/"6536812e-2be2a"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
637cb4cd-71af-11ee-8152-2ab7e83c5d08
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
36, 1
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Hind+Madurai:300,400,600,700|Cormorant+Garamond:300,400,600,700
Requested by
Host: biv.com
URL: https://biv.com/sites/default/files/css/css_2B3x-a0JU0wEDVNOOCG3a1FrKwjonzb_ARDpQUNqskc.css?s38xtf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ff0c75ed984f7214d12d0fe9512fd05809317909f0eb3394c15f0ed385c8a24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 06:13:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 06:13:23 GMT
gtm.js
www.googletagmanager.com/ 		252 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MZHN5X
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2a4a48f182cfbb414b7fed8f9ab781c6744640d7e730955c835661b5640f82f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87921
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 31 Oct 2023 06:13:23 GMT
fbevents.js
connect.facebook.net/en_US/ 		199 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 31 Oct 2023 06:13:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53588
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
RFyJz6QjmWHgzZHifdNtYLN/iPTiNxmdGfW6MFrerPHDuRYwxRl7DKHpTr+22SLNtjT+9ttXkmMr81u4oWc6/g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
51f361716f7032e7456f1032326fdc3881a9462a0e8539ee3b02ad3f8316e0c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Oct 2023 07:29:34 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=64872
accept-ranges
bytes
content-length
3855
events.js
tags.srv.stackadapt.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.192.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-192-247.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
49ede87f12c94c6ca43185c9cae029160f5c8e2031e6f89610c2426960bdc9a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 31 Oct 2023 06:13:23 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
chevron-down.svg
biv.com/themes/custom/biv/images/ 		887 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biv.com/themes/custom/biv/images/chevron-down.svg
Requested by
Host: biv.com
URL: https://biv.com/sites/default/files/css/css_2B3x-a0JU0wEDVNOOCG3a1FrKwjonzb_ARDpQUNqskc.css?s38xtf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d7d87d116a990bbeb69232de9bc7b3a1aa6e1ba045757e1507ed14ed0ff1d3a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biv.com/sites/default/files/css/css_2B3x-a0JU0wEDVNOOCG3a1FrKwjonzb_ARDpQUNqskc.css?s38xtf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Mon, 28 Oct 2024 16:01:03 GMT
date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-b-5ddfb4c7bf-g479b
age
223939
x-cache
HIT, HIT
content-length
539
x-served-by
cache-chi-klot8100067-CHI, cache-maa10221-MAA
last-modified
Sat, 28 Oct 2023 01:39:10 GMT
server
nginx
x-timer
S1698732804.504486,VS0,VE1
etag
W/"653c663e-377"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
3217ef3a-75ab-11ee-890a-e6d4e3da3918
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
8, 1
FranklinGothic-Book-webfont.woff
biv.com/themes/custom/biv/css/fonts/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://biv.com/themes/custom/biv/css/fonts/FranklinGothic-Book-webfont.woff
Requested by
Host: biv.com
URL: https://biv.com/sites/default/files/css/css_2B3x-a0JU0wEDVNOOCG3a1FrKwjonzb_ARDpQUNqskc.css?s38xtf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8e7b87cb5543acb4be16bb91434272def2f32a66d8b41004d85e127eb6c048cf

Request headers

Referer
https://biv.com/sites/default/files/css/css_2B3x-a0JU0wEDVNOOCG3a1FrKwjonzb_ARDpQUNqskc.css?s38xtf
Origin
https://biv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Mon, 28 Oct 2024 16:01:03 GMT
date
Tue, 31 Oct 2023 06:13:23 GMT
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-b-5ddfb4c7bf-j4crj
age
223940
x-cache
HIT, HIT
content-length
29972
x-served-by
cache-chi-klot8100165-CHI, cache-maa10221-MAA
last-modified
Fri, 27 Oct 2023 21:00:29 GMT
server
nginx
x-timer
S1698732804.504448,VS0,VE2
etag
"653c24ed-7514"
content-type
font/woff
access-control-allow-origin
*
x-styx-req-id
320cb117-75ab-11ee-aef7-b2c49ea2098e
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
10, 1
FranklinGothic-Demi-webfont.woff
biv.com/themes/custom/biv/css/fonts/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://biv.com/themes/custom/biv/css/fonts/FranklinGothic-Demi-webfont.woff
Requested by
Host: biv.com
URL: https://biv.com/sites/default/files/css/css_2B3x-a0JU0wEDVNOOCG3a1FrKwjonzb_ARDpQUNqskc.css?s38xtf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4e3aee4232b44aacbd9dd0ca2721ddabd2dba90ab40aa8faa9f3b4854a826a2d

Request headers

Referer
https://biv.com/sites/default/files/css/css_2B3x-a0JU0wEDVNOOCG3a1FrKwjonzb_ARDpQUNqskc.css?s38xtf
Origin
https://biv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Mon, 28 Oct 2024 16:01:03 GMT
date
Tue, 31 Oct 2023 06:13:23 GMT
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-a-b566db499-w998v
age
223940
x-cache
HIT, HIT
content-length
29148
x-served-by
cache-chi-kigq8000077-CHI, cache-maa10221-MAA
last-modified
Sat, 28 Oct 2023 01:39:10 GMT
server
nginx
x-timer
S1698732804.504421,VS0,VE1
etag
"653c663e-71dc"
content-type
font/woff
access-control-allow-origin
*
x-styx-req-id
3208f585-75ab-11ee-add3-9abff781c08d
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
11, 1
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 15 Oct 2023 08:32:45 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=35209
accept-ranges
bytes
content-length
3272
1892893427457069
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1892893427457069?v=2.9.135&r=stable&domain=biv.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
33eef166f8e6c053dcceb061fbb3070df9a3efa298c23d7c4cc74a4d82f8df09
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 31 Oct 2023 06:13:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
FLaGJ1djdZyE5A2fvcPviVXu843R5ble1vq8+m7lwa7HIcRa3pXIt0Jk7zJoMATbC/N5GRMjRXdSNiedrVGM2w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4249324&time=1698732803288&url=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4249324&time=1698732803288&url=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&e_ipv6=AQKc9qgrnO8howAAA...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4249324&time=1698732803288&url=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&e_ipv6=AQKc9qgrnO8howAAAYuEXYU9b00aX_8Mbj0jJcufMY0UWVnLHSVKjIpNCjNhMDEP
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:23 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 8C4E3058A17D4D8A93AB7DBF9FDC13C2 Ref B: FRAEDGE1913 Ref C: 2023-10-31T06:13:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYI/Q1TT/oVUykdNSypkw==

Redirect headers

date
Tue, 31 Oct 2023 06:13:23 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B21B732889104FAC8D2AD5167D903498 Ref B: FRAEDGE2010 Ref C: 2023-10-31T06:13:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4249324&time=1698732803288&url=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&e_ipv6=AQKc9qgrnO8howAAAYuEXYU9b00aX_8Mbj0jJcufMY0UWVnLHSVKjIpNCjNhMDEP
x-li-proto
http/2
content-length
0
x-li-uuid
AAYI/Q1QZvVXXWA9gq12Wg==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MZHN5X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 31 Oct 2023 05:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1311
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 31 Oct 2023 07:51:32 GMT
embedder
adserver.pressboard.ca/v3/ 		350 B
788 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adserver.pressboard.ca/v3/embedder?media=20074
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
853025403b31a8a58b01f17aafc8e6bb487ca624b9713ad81df38437df05fc2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Date
Tue, 31 Oct 2023 06:13:23 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
350
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
hotjar-3397.js
static.hotjar.com/c/ 		0
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3397.js?sv=6
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-10.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
date
Tue, 31 Oct 2023 06:13:23 GMT
x-content-type-options
nosniff
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/d41d8cd98f00b204e9800998ecf8427e
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
content-length
0
x-amz-cf-id
YwvGiZZvJB81um2YIApbhdR66mUIksVWD5JM8bR4SrdNSk6IuMSZ9g==
nativeai.js
cdn.native.ai/js/current/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.native.ai/js/current/nativeai.js?1698278400000
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bc4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:14:44 GMT
content-encoding
gzip
via
1.1 f192553c835240a9b5df520fb7ffd876.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
3520
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
0sluU2G1u94zTmY6NsxQWOv_P5zohG1G04zIieDuYaopGDHhpt0ECg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/ 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 16:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
48377
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134989
x-xss-protection
0
server
cafe
etag
2612702921649259081
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 29 Oct 2024 16:47:06 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=biv.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a3e4cb2b1a6aa9f6d109d500b563f64a2d41d45890d5cf85de9b52283571eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
435
x-xss-protection
0
expires
Tue, 31 Oct 2023 06:13:23 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://biv.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
b
sb.scorecardresearch.com/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=12982857&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1698732803374&ns_c=UTF-8&c7=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&c8=Ivanhoe%20responds%20to%20allegations%20of%20corruption%20in%20DRC%20-%20Resources%20%26%20Agriculture%20%7C%20Business%20in%20Vancouver&c9=
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:23 GMT
via
1.1 f192553c835240a9b5df520fb7ffd876.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-amz-cf-id
J3IMPg_jfrUfHgPyjGNwZYWW6kOodx2XLQqrUxSuIQ1PKLDRAIF2HQ==
x-cache
Miss from cloudfront
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.192.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-192-247.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
df2db24627d3ae386f88ca9b731b1eb2c7ada1a09223a8a5c9fce2636be9efbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 31 Oct 2023 06:13:23 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.192.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-192-247.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 31 Oct 2023 06:13:23 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1892893427457069&ev=PageView&dl=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&rl=&if=false&ts=1698732803396&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.1.1698732803395.702735178&ler=empty&it=1698732803285&coo=false&rqm=GET
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 31 Oct 2023 06:13:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
publisher:getClientId
ampcid.google.de/v1/ 		3 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://biv.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
sidebarv2.js
www.bugherd.com/ 		18 B
886 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bugherd.com/sidebarv2.js?apikey=sp0zxfszdu63miatgmigxa
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4761 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dd2e54a09b38c31cfc153f973ede5db1e36de8090b1f8841fd264be362ec0ce
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:23 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
via
1.1 vegur
content-encoding
br
p3p
CP="NOI ADM DEV COM NAV OUR STP"
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1698732803&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=hPNXsREU1Xnglkt3Qux3VTkKlZybyxLpg%2FO5eojy7Cs%3D
x-request-id
213a9503-28c4-4bd1-ad3f-08783e8ada2a
x-runtime
0.006387
referrer-policy
origin
server
cloudflare
etag
W/"ffbfa23c39bcb9bb1a5ac13018b962bf"
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1698732803&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=hPNXsREU1Xnglkt3Qux3VTkKlZybyxLpg%2FO5eojy7Cs%3D"}]}
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, private, must-revalidate
cf-ray
81e9c075fd543672-FRA
videos
www.googleapis.com/youtube/v3/ 		465 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.googleapis.com/youtube/v3/videos?id=&key=AIzaSyB8V0FBEYtu_-zvN97RX5nOxbclKwD-BPA&part=contentDetails
Requested by
Host: biv.com
URL: https://biv.com/sites/default/files/js/js_K3PGwmvNJ8jmCtWJSouGlZo57Nj5cHBFq11XCRe_eWo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
07818b0854bb53af39ec11ca7338e0b047cc403bc96549e73f9617f6f8a2a527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://biv.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
212
x-xss-protection
0
count.js
biv.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biv.disqus.com/count.js?_=1698732803223
Requested by
Host: biv.com
URL: https://biv.com/sites/default/files/js/js_K3PGwmvNJ8jmCtWJSouGlZo57Nj5cHBFq11XCRe_eWo.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 06:13:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
286
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 30 Oct 2023 14:29:34 GMT
Server
nginx
ETag
"653fbdce-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
7HNQ0ZcdP_r37woz_YcUhTm0HPPcc9sHG9UAajLtOwt9Am_p5LR2Mg==
robertfriedland-amescreengrab.jpg
biv.com/sites/default/files/styles/media_image/public/2021-01/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biv.com/sites/default/files/styles/media_image/public/2021-01/robertfriedland-amescreengrab.jpg?h=30e6e3a4&itok=SGX9rP2M
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
df104fb622f5998b3646168d246d9a03c36c8e2490340ea1c9735f7a416d461d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-b-b855dbfb-4jjdc
date
Tue, 31 Oct 2023 06:13:23 GMT
via
1.1 varnish, 1.1 varnish
expires
Sun, 06 Oct 2024 00:38:31 GMT
age
55204
x-cache
HIT, MISS
content-length
69477
x-served-by
cache-chi-kigq8000084-CHI, cache-maa10221-MAA
last-modified
Mon, 18 Jan 2021 21:40:40 GMT
server
nginx
x-timer
S1698732804.592967,VS0,VE244
etag
"60060058-10f65"
content-type
image/jpeg
x-styx-req-id
aca9f0cb-63e0-11ee-a56f-5a8f6dfe4341
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
2, 0
check_ip
biv.com/biv_access/ 		67 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://biv.com/biv_access/check_ip
Requested by
Host: biv.com
URL: https://biv.com/sites/default/files/js/js_K3PGwmvNJ8jmCtWJSouGlZo57Nj5cHBFq11XCRe_eWo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a900bbafdbf24d1ed04101ae70430450b4310b733802b784f507055781486268
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Sun, 19 Nov 1978 05:00:00 GMT
date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-pantheon-styx-hostname
styx-fe2-b-5ddfb4c7bf-rptsg
via
1.1 varnish, 1.1 varnish
age
0
x-cache
MISS, MISS
content-length
85
x-ua-compatible
IE=edge
x-served-by
cache-chi-kigq8000060-CHI, cache-maa10221-MAA
server
nginx
x-timer
S1698732804.593538,VS0,VE310
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,
content-language
en
content-type
application/json
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
must-revalidate, no-cache, private
x-styx-req-id
98d6742f-77b4-11ee-a67f-c6b1778acb41
accept-ranges
bytes
x-cache-hits
0, 0
api.js
w.soundcloud.com/player/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.soundcloud.com/player/api.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MZHN5X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-123.fra56.r.cloudfront.net
Software
am/2 /
Resource Hash
fe7be71169532a67a19a2178113658e2cf55413a21635fcd0a89060c839a5be6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:12:26 GMT
via
sssr, 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
content-encoding
gzip
strict-transport-security
max-age=63072000
x-amz-cf-pop
FRA56-P5
age
57
x-cache
Hit from cloudfront
p3p
policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
last-modified
Fri, 20 Oct 2023 10:43:57 GMT
server
am/2
etag
W/"15a4-18b4caf45c8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=300
accept-ranges
bytes
x-amz-cf-id
Zcsa0k0Ld_9lHynNWQBlo9NA-c_KjquSO9fXjvEcmBEnHxy39ruT7w==
collect
www.google-analytics.com/j/ 		4 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2062450249&t=pageview&_s=1&dl=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&ul=en-us&de=UTF-8&dt=Ivanhoe%20responds%20to%20allegations%20of%20corruption%20in%20DRC%20-%20Resources%20%26%20Agriculture%20%7C%20Business%20in%20Vancouver&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAQCACAAI~&jid=1679681255&gjid=1026986311&cid=951541586.1698732804&tid=UA-5729930-2&_gid=1723497024.1698732804&_r=1&_slc=1&gtm=45He3ap0n815MZHN5X&cg1=Resources%20%26%20Agriculture&cg2=Article%20-%20Resources%20%26%20Agriculture&cg3=Article&cd3=Signed%20Out&cd4=0&gcd=11l1l1l1l1&z=434279486
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 06:13:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://biv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2062450249&t=pageview&_s=1&dl=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&ul=en-us&de=UTF-8&dt=Ivanhoe%20responds%20to%20allegations%20of%20corruption%20in%20DRC%20-%20Resources%20%26%20Agriculture%20%7C%20Business%20in%20Vancouver&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAQCACAAI~&jid=460283885&gjid=821080993&cid=951541586.1698732804&tid=UA-35358600-39&_gid=1723497024.1698732804&_r=1&_slc=1&gtm=45He3ap0n815MZHN5X&gcd=11l1l1l1l1&z=271187026
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
71b2a21fd2a1f7bd09569eac4f00ebbf3b5c27a17d36763670ca22feadd53854
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 06:13:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://biv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
services
sr.studiostack.com/v3/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/v3/services
Requested by
Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=20074
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ce3f7b0bf2fd397249802815468553a2be4f18f0ebcceba59ee624fa6d679582

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Date
Tue, 31 Oct 2023 06:13:23 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
26237
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
saq_pxl
tags.srv.stackadapt.com/ 		116 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=ZP9avK-bhZxlYLtmu5r12A&is_js=true&landing_url=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&t=Ivanhoe%20responds%20to%20allegations%20of%20corruption%20in%20DRC%20-%20Resources%20%26%20Agriculture%20%7C%20Business%20in%20Vancouver&tip=PYAs7y1syUzb_-1eSjB086g9uk2Pqmh_1362Vz5yHvM&host=https%3A%2F%2Fbiv.com&sa_conv_data_css_value=%270-4e11f466-dc9a-503d-6999-403c73b9f118%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd94e11f466dc9a503d6999403c73b9f11850ff0ac8&sa-user-id-v3=s%253AAQAKIB5l54eUYrGYsJRW4AE78HULlJ0d3daJdwbnWkW5SdiZEHwYBCCDtoKqBjABOgSSgrqOQgRMWjZk.yZhRFmzAEVfC4k7YKwPw5dghJbG2Y11cYX9S0HqOjcI&sa-user-id-v2=s%253AThH0ZtyaUD1pmUA8c7nxGFD_Csg.Lbo2ajNzhtmrceoC6TXFYcV2QqYTqakD3tAvrbrCCFY&sa-user-id=s%253A0-4e11f466-dc9a-503d-6999-403c73b9f118.nonJxxzM2aWZHfZDCqAJjYl8PmigGAisHVshIf6GRyc
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.192.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-192-247.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0ed7c8e62284263f69eb5a559dffdf11cf1be68465d3df1ed5be13a658165990

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
https://biv.com
date
Tue, 31 Oct 2023 06:13:23 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
116
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
collect
stats.g.doubleclick.net/j/ 		1 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-5729930-2&cid=951541586.1698732804&jid=1679681255&gjid=1026986311&_gid=1723497024.1698732804&_u=YGBACEAABAQCACAAI~&z=382508192
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 31 Oct 2023 06:13:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://biv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-35358600-39&cid=951541586.1698732804&jid=460283885&gjid=821080993&_gid=1723497024.1698732804&_u=YGDACEABBAQCACAAI~&z=1526474210
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 31 Oct 2023 06:13:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://biv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F6YGN0M67Q&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3cd905e2f0b0883410d0a7796099be7fa14456a7d14ec102c29f2bc3c52abaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83152
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 31 Oct 2023 06:13:23 GMT
collect
region1.analytics.google.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-F6YGN0M67Q&gtm=45je3ap0v9125840167&_p=2062450249&_gaz=1&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=951541586.1698732804&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&dt=Ivanhoe%20responds%20to%20allegations%20of%20corruption%20in%20DRC%20-%20Resources%20%26%20Agriculture%20%7C%20Business%20in%20Vancouver&sid=1698732803&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F6YGN0M67Q&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 06:13:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://biv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-F6YGN0M67Q&cid=951541586.1698732804&gtm=45je3ap0v9125840167&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F6YGN0M67Q&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 06:13:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://biv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F6YGN0M67Q&cid=951541586.1698732804&gtm=45je3ap0v9125840167&aip=1&z=320559596
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 06:13:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-35358600-39&cid=951541586.1698732804&jid=460283885&_u=YGDACEABBAQCACAAI~&z=665858459
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 06:13:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-35358600-39&cid=951541586.1698732804&jid=460283885&_u=YGDACEABBAQCACAAI~&z=665858459
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 06:13:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://biv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Allow
POST
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
4
Content-Type
text/html; charset=utf-8
Date
Tue, 31 Oct 2023 06:13:23 GMT
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires
0
Pragma
no-cache
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Expires
0
Pragma
no-cache
Date
Tue, 31 Oct 2023 06:13:23 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
attention-data
sr.studiostack.com/track/ 		119 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-data?media=20074&ref=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a4cb54b3ee32f23a1753b976144fab6d68c8773cdcff20866899799177bd6548

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Date
Tue, 31 Oct 2023 06:13:24 GMT
ETag
W/"77-ZhW6AfmJS1PhXFCkhsCrGCxwcWo"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
119
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
k4ydk9r4.json
l.getsitecontrol.com/ 		26 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/k4ydk9r4.json
Requested by
Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/k4ydk9r4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a01::999:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-LA1-999 /
Resource Hash
2388df780f154980d5f334830101f63540ae55f3601ed8a2d3eb4053a6a9f4e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:24 GMT
content-encoding
br
cdn-edgestorageid
997
x-amz-request-id
XPE5JMQSPFGQX7PF
x-amz-server-side-encryption
AES256
cdn-cachedat
07/27/2023 21:49:23
cdn-pullzone
89704
cross-origin-resource-policy
cross-origin
x-amz-id-2
UB6p/iGXplf+wAG39RYPeBrLTnkXakSm9KEuVeThmwrR/NapIbJcC3VYnYbIcHpyL5EpHJEsVPK0tho4S0VxkiP12uUcnTfouHLdenKgfH8=
last-modified
Thu, 27 Jul 2023 21:43:20 GMT
server
BunnyCDN-LA1-999
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6e9a34083e4bb4d0c07e854e09a9f76d"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
access-control-max-age
3000
cdn-requestid
7d951a0561d6d0858dc3a6e0c553e01f
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2062450249&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&ul=en-us&de=UTF-8&dt=Ivanhoe%20responds%20to%20allegations%20of%20corruption%20in%20DRC%20-%20Resources%20%26%20Agriculture%20%7C%20Business%20in%20Vancouver&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page&ea=scroll&el=25%25&_u=aGDACEABBAQCACAAI~&jid=&gjid=&cid=951541586.1698732804&tid=UA-5729930-2&_gid=1723497024.1698732804&gtm=45He3ap0n815MZHN5X&gcd=11l1l1l1l1&z=596538932
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 07:43:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81003
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2062450249&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&ul=en-us&de=UTF-8&dt=Ivanhoe%20responds%20to%20allegations%20of%20corruption%20in%20DRC%20-%20Resources%20%26%20Agriculture%20%7C%20Business%20in%20Vancouver&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page&ea=scroll&el=50%25&_u=aGDACEABBAQCACAAI~&jid=&gjid=&cid=951541586.1698732804&tid=UA-5729930-2&_gid=1723497024.1698732804&gtm=45He3ap0n815MZHN5X&gcd=11l1l1l1l1&z=1936783949
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 07:43:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81003
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 10:00:03 GMT
x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Via
1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
72802
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
8lWKw6Hu7kBMGicG9sQSFhZ9bCeizRHFIuOQkX9EE-6fCEJVSLje2g==
esp.js
cdn.id5-sync.com/api/1.0/ 		143 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 08:11:43 GMT
server
cloudflare
x-amz-request-id
AZKHMN3J5641D79A
age
2509
etag
W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
81e9c07c6c8b18cb-FRA
x-amz-id-2
YY4ezUb+Muw1VQU1aI5EgLP88wpJNBo+MUdVwQr7NiV/iORInFjKJJUHg1PFn8mGwE0HwKVkR34=
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:49:30 GMT
content-encoding
gzip
via
1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1435
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
AtAN9sjfWsbgZFBbQuAh_1mZbDJJprmM1JCtrOFbfr3gUTIBCyZpUg==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:24 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
11bbca71a26890f59632855e06d56fdc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42686
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90LtiogNUlK6LadfDynKYQx5OhxlMHot0MUgVyMLtzmx4A9INoXJG%2Bap6XGsqLMIg%2FTs4ITtHnUVlaT4jpr9EBXDdPG7k13x9RxFMlO6OfbO1WfnUbCBP0diVA9ascL3tPS0Iha9ucmEKA2V2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81e9c07c5fda9b3f-FRA
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 18:17:52 GMT
content-encoding
gzip
age
561332
x-guploader-uploadid
ADPycdsxLlKLCVb5W3Djj1V0MEZiayMLPqEhV9H3fgXZaELS3ccW0PQo2-GKz1rWI_UNhL9w3-cScigVqDHesSZuOcxycA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 23 Oct 2024 18:17:52 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
29639
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81e9c07c6e6091fc-FRA
expires
Fri, 03 Nov 2023 06:13:24 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 01 Nov 2023 06:13:24 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		192 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1502456488087103&correlator=2864938390795969&eid=31079298%2C31079180%2C21065724&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fifs&iu_parts=4326737%2CSAX_sax-publisher_sax-site_sax-sec_sax-subsection_1to4_S1_RON_BIV-network%2CSAX_sax-publisher_sax-site_sax-sec_sax-subsection_1to1_S1_RON_BIV-network%2CSAX_sax-publisher_sax-site_sax-sec_sax-subsection_6to1_S1_RON_BIV-network%2CSAX_sax-publisher_sax-site_sax-sec_sax-subsection_6to1_S2_RON_BIV-network%2CSAX_sax-publisher_sax-site_sax-sec_sax-subsection_1x1_RON_BIV-network&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F5&prev_iu_szs=240x960%7C160x640%2C300x300%7C300x250%2C1170x150%7C728x90%2C1170x150%7C728x90%2C1x1%2C1x2&ifi=1&didk=1218297180~3068546127~64825111~64825110~790231272~2354443763&sfv=1-0-40&ists=2&sc=1&cookie_enabled=1&abxe=1&dt=1698732804508&lmt=1698728470&adxs=1115%2C525%2C200%2C200%2C800%2C800&adys=185%2C1212%2C85%2C1323%2C1988%2C1988&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&vis=1&psz=285x0%7C550x-1%7C1200x0%7C1200x0%7C1600x1988%7C1600x1988&msz=285x0%7C550x-1%7C1200x0%7C1200x0%7C1600x0%7C1600x0&fws=4%2C4%2C4%2C4%2C0%2C0&ohw=285%2C550%2C1200%2C1200%2C0%2C0&ga_vid=951541586.1698732804&ga_sid=1698732805&ga_hid=2062450249&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmZP2orgxSABSAghkEhkKCnB1YmNpZC5vcmcYmZP2orgxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJmT9qK4MUgAUgIIZBIZCgp1aWRhcGkuY29tGJmT9qK4MUgAUgIIZBIUCgVvcGVueBiZk_aiuDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJmT9qK4MUgAUgIIZA..&dlt=1698732802764&idt=603&cust_params=site%3DBIV%26section%3Dresources-agriculture%26keywords%3D46604&adks=586390771%2C1436647080%2C1931892802%2C126006519%2C3606003534%2C4145020997&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2eed4917c82d820cd44152e1c4ee84c9d7a3217b729e7f758e48dcbb22a7a395
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25730
x-xss-protection
0
google-lineitem-id
6298150499,6406706296,6396339825,6298150499,-2,4689971751
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138433500355,138452027547,138451580941,138433500373,-2,138235403634
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://biv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
799207b8984fae58620fa7269a3cc9e5de76a1a75607f885fdea578584898aa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12124
x-xss-protection
0
container.html
643c8a8a6bb56185da3dc31c62083bc6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8B18 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://643c8a8a6bb56185da3dc31c62083bc6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 06:13:24 GMT
expires
Wed, 30 Oct 2024 06:13:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
map
bcp.crwdcntrl.net/6/ 		60 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.8.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
06f8f014f0eda2eb9892080edf626d0f4791f663339636265de72a02a8e8894a

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 06:13:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://biv.com
cache-control
no-cache
x-server
10.45.4.115
access-control-allow-credentials
true
content-length
60
expires
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
7babf487f2bb478a8e32cc48676d96a89b26204978a7c9e673693d38e26d6d9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:24 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-eAqJX5IgknZrIeq4d9PUNbhAOH4"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://biv.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 31 Oct 2023 06:13:24 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://biv.com
location
/esp?url=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncframe
gum.criteo.com/ Frame 1F41 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=biv.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 06:13:23 GMT
server
Kestrel
server-processing-duration-in-ticks
288730
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 31 Oct 2023 06:13:24 GMT
increment
id5-sync.com/api/esp/ 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://biv.com
date
Tue, 31 Oct 2023 06:13:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
sid
mug.criteo.com/ Frame 1F41
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=biv.com&sn=ChromeSyncframe&so=0&topUrl=biv.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=MgdPu3x5bmRkb3VRZGhKdngrTm4xSzdRYnd6NmE1ZVFHaWpadGorSjJ4Rjc5T01lMVBvbTdKZWpSSXRacGR0QnFScklpcmZDbTdWQXlKeVFDZ1dRS3BIVCtoY08zUXdjbllrQmtKSDZ3TXR1SVNaamFWbDljbWJXUXFrbj...
428 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=MgdPu3x5bmRkb3VRZGhKdngrTm4xSzdRYnd6NmE1ZVFHaWpadGorSjJ4Rjc5T01lMVBvbTdKZWpSSXRacGR0QnFScklpcmZDbTdWQXlKeVFDZ1dRS3BIVCtoY08zUXdjbllrQmtKSDZ3TXR1SVNaamFWbDljbWJXUXFrbjJHbmx3OUQ5UUpWWlhoeTlRdHcyWHFkbzJmS3VVdnRNSXBKMmRDck9wZDBjdEhYdWllRzJzVkUycXMwaU53d3pwbGxvTjQvRzJQNHNpcmVETFdkRC9jNWQ1WTZpZkNYMzZMeTdtVjd5ZTZXckRKVjhBRWF3U0hIMjQwM2pnL21vRmtSdmZYTG1ZRU54TmhRT0RSajhtMFpsN09GcTRpdz09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b5611fb536b06b52803a09242886d58b9a453e8a64ee96a34240191b2e089e33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 06:13:23 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1024017
expires
0

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 06:13:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=MgdPu3x5bmRkb3VRZGhKdngrTm4xSzdRYnd6NmE1ZVFHaWpadGorSjJ4Rjc5T01lMVBvbTdKZWpSSXRacGR0QnFScklpcmZDbTdWQXlKeVFDZ1dRS3BIVCtoY08zUXdjbllrQmtKSDZ3TXR1SVNaamFWbDljbWJXUXFrbjJHbmx3OUQ5UUpWWlhoeTlRdHcyWHFkbzJmS3VVdnRNSXBKMmRDck9wZDBjdEhYdWllRzJzVkUycXMwaU53d3pwbGxvTjQvRzJQNHNpcmVETFdkRC9jNWQ1WTZpZkNYMzZMeTdtVjd5ZTZXckRKVjhBRWF3U0hIMjQwM2pnL21vRmtSdmZYTG1ZRU54TmhRT0RSajhtMFpsN09GcTRpdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
242393
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1FA3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
46955
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 17:10:49 GMT
expires
Tue, 29 Oct 2024 17:10:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D70B 		829 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
04e4729204c0627e881f8f11b82a706077d63bfce5aff13dd22606e0db153482
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GJMca9O5d3KJJlQuEEm7Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-GJMca9O5d3KJJlQuEEm7Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 06:13:24 GMT
expires
Tue, 31 Oct 2023 06:13:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 1FA3 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 17:10:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
46953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Oct 2024 17:10:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D70B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310240101&jk=1502456488087103&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 1FA3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?AZsajA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 738F 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 31 Oct 2023 06:13:24 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame B6F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9ClLkWaYwHGEAhGIJtMBOqNVaW5sJbgJuD0iQJlHHP6T5emEOCWHklH2v7xkTxkPqKHr3FgemdmO6Ws6ip_y5lC91GsOqSyYlRSqMMQ5rytp6AeDYRC7162MM1YMK9IToKzcAHusPokAqHydpd7EFBcL12H0pzAMcaZGmzna0Eoo55t6TyRslecqeC5xuY9P9xxrmP0_Ar5T9p_fNZXG79ctuKzpvDR6mF0TesgzbiR27U2-DU2ENolVNHTpRVS9NeltkIw1TgUkqnLiePrV6nnx350Q5QyH_1WvQ92ynswy5jgjhCnHvtPmoYNu0ohJriBrT0J99cKrN1dymcPBn9rLKe8OW8wDrD6GOzU-D9HFQEW7bHNW_KYeEElURUmiEBdetF14GkeAK9wOe&sai=AMfl-YS4ES1omBQ0qxpcmhyKKHYVM7KJasrjaIj7UkhS807tm6_wc_n42xfUxYtUBcXRjlgr5QM9o6y1_JjbYZ9sQyHRiKkh0a4oxJQ-Uku7opkTW7RTtTmOLyQzqXQkSwpy9Lr8WvVfNzZ4Eu3CKY8r&sig=Cg0ArKJSzA5CjjK5K2AcEAE&uach_m=[UACH]&adurl=
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 06:13:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame B6F8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
39290
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:18:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B6F8 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 06:13:24 GMT
1072082568621591736
tpc.googlesyndication.com/simgad/ Frame B6F8 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1072082568621591736
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3269f0b174d0c675f8b46f8d5ca2286c7a16d148e8f1e8628d7bcaabe92d3097
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21288
x-xss-protection
0
last-modified
Sat, 13 May 2023 00:02:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Oct 2024 06:13:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F533 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst47YfaA4J1ZrqcLU5lfr4i3kwIlvM5l7Up42bbZJ3zSZvc27vVsev90_c1NjLQZPSlwL1Ul8iyqJREhZgliLzI3trGlQ3jdBi4pmOiO6YJN6azGt1O2jxGDvHtEccAqFEjkwSfNpCDbDBOGntFRY_I6_mlSrq3Zl52ZZ3OM_x1vE61tTBuGL67v21M-2fOSlTcf8Rg0OUg86qgnkxfx00ga5Ej3m0C4iCPOsgAbVGo11-TIwc8Dd50Piho7h7WiHdRe2rxq_2e0F7B5eJFhjxKfIwP0fckhvrauHWwLFprBcF99HiSUNVoz17KshP32JnGdFm1DelVbRYlSU1JoJ660TT1-4UcGYzrSR5rFCc6UyFwUZotk3uIEFUrzCqkO92RrezFpKIYzzQ&sai=AMfl-YRTqzDysb02VaNdWABlCfLePitRFzI9mMn1Ems16vd2RPMgF-1DacbgKixr7kYRVLv6GjQVQAM27ouWT_PYhyqCgK_PqPAcBSPYAzAC_M-fjeNheHLjIKyqVJ_695Uc3XFeOb5a8pbiykSIFxms&sig=Cg0ArKJSzKLsh46BtXx0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 06:13:25 GMT
launcher-1.0.0.js
tj6w5.flx10.com/libs/ Frame F533 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tj6w5.flx10.com/libs/launcher-1.0.0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
35d3560abefdd86f4994b166ac3ba59f4ebf264b78310a63c7faf4c0e2d1c824

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 06:13:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Oct 2023 14:16:24 GMT
Server
nginx
ETag
W/"653a74b8-42ae"
X-HW
1698732805.cds128.fr8.hn,1698732805.cds122.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5584
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F533 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 06:13:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4C21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOrR8Aw_8ne3l3ghK03TW8msQZxye6_U7L3nhladBmM2Jxkz3i7ebZCr-hqe7YuHMqi2TzlgHBv0JXinFtmabT2DI8R7PJWh35IHBoBftsvb-PgCqMyiIgRrdso4v5V1yUXyzSbb6IFvFXuBBINErWHueQ4SDJFTbrvijnARRS09YvW_pzAuno0izz7QCRbD4oy_ANOvVYxX5BeeYy9b1lneX3Xu7RChYBBUIP4tyJwKpA1fq-STkU7Z3eBmHrwM9oQu1u_iaR64rSzYbvYyfZo5L1_xfJJNM28mgSuuu15vZf10fROgo5UuVUR0L6wrCLMxKENBEkPxArMoGEjLT4NrEAVXMPictjYjkQEExjkaA9LIW9JV86UMzZf64RtWSzH5GmuLZTbj_f0zict57u1oD2CHPU-k8TT_kuusxJSio_Qw&sai=AMfl-YT6SWMNgDczAqC3aKq85oRcaQsJ_KgJY8l3wvOJvo8O3jKmK6R2krLEaaxdKwq4EUXfQMbC8-_8smILk-ulcnGQWu2-Fp2hrscy-vDY7nb1fRyWf-q4teerOcIyxRJr-DnZSHJEgiAxWwhoDm2t&sig=Cg0ArKJSzA22sXm1eMmuEAE&uach_m=[UACH]&adurl=
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 06:13:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 4C21 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
39290
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:18:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4C21 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 06:13:25 GMT
12173691692961663658
tpc.googlesyndication.com/simgad/ Frame 4C21 		259 KB
260 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12173691692961663658
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87a3e2faf6eefa30cc675c72bc852a2d38bf364e1c682d04443bd9b7f2be06a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
265697
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 14:59:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Oct 2024 06:13:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5042 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAMf655wy60xODKdujI4Gl7rJJikiH2h5223J9jBC7Oqhnc_dQwT_s0MximMc41-4OGQDSlszavJrLiUQ4QuO-VGimQVej0pAeZepnE89R7mbpKhby6x9RVmg_oF3IqOZI85l4PxhGzptNA4Uhw3hVuWpC_FVhgq331lqkp0_dI_s7S6mod4pqgGRcJGQBdFm9WNiMX2COItBua-y4bqw3bKbCl66u0hUlWWVg8r6Mag2XuWWPwiZJMrhUo6jbiumIqhcliZD_xlUq-iysgz6SsUxxREjJqLg0Y4YKO2EkHzENWf0ZyPxg86KYPK-czb7hDi-mz8dZ6gApmG8XZbKvtnoM7b6NtENnDhmYdYGlFai60Pyr8RDmkjentApVeKcv5XOkELs197ryOjkQlFCGyMxQG_ypWh7C7o_leiIcqnrKdw&sai=AMfl-YQ2SUGIsn34QBlyBcjzshLCQgVFN4uaH8jYXwV7Bu0-HI4lyBMBqvVXqJV2lgVO8nK9WrVwWpck4fwKVsB5bSgV_9DVZjoQ2xWKhmiEmHZcEk_vtBwJVMep7z4opct1fWameHSY41cTwjOsUCMw&sig=Cg0ArKJSzBGyZWir6tKPEAE&uach_m=[UACH]&adurl=
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 06:13:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 5042 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
39291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:18:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5042 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 06:13:25 GMT
6437084768113009355
tpc.googlesyndication.com/simgad/ Frame 5042 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6437084768113009355
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd3c6f058f50ccc3ab108c7288bbd38f6cdf062549d5fee2b32960ca4a8c917f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31303
x-xss-protection
0
last-modified
Sat, 13 May 2023 00:02:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Oct 2024 06:13:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 56E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswnAal1bdSOhhckutudbJrZ9yuvaJ-X6K_6_KK2neDVxMI-rE0la4DuBloYJ7cb2kPncmVkkKNJ1oCUnmqLz52ywknB_EbGw6TWIABTu0yedtBzf1yv8VEG_PEyxJMPKbEVNllnf6x0RpPpunwSPdjNbSxWlxazsqW-2SsgKS8eic4in_HdY3fZW39NnUr-GTsxp47IG-OULFoppVZzT-DiPOrmgDTGSNA43cbOnkcUK-fu6L7G92fOaIJ6A5k_GTu1R6YNP5WbC4fYaDuQ6aGSR6NEKzNQ5F1YLJgeUEPZAFv7ONKX4t7EEbtnm9DLZnkVfQntmAYWdqW9npnktNpy_vUX7NYlNnfwXxqlNsIbU99Xj9UD-W0XG08lhFAqhFgaX_voQ&sai=AMfl-YT6pdkHvKpX2VDXYIhWkUlG-BiKWJ2OjGxGGSsw9CS5SwcKlCtRNk-I7SpRHMK9YM1yK17ixRrwVDRYQwe-_r3Bjgb-ZLMrc_V8PeMNEGQKmzsibTxJJTi96XY9ClN0ImFAfm9REr6eWEMm2WSh&sig=Cg0ArKJSzGRDVilpUtX6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: biv.com
URL: https://biv.com/article/2022/12/ivanhoe-responds-allegations-corruption-drc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 06:13:25 GMT
adplus.js
cdn.ad.plus/player/ Frame 56E2 		346 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad.plus/player/adplus.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.31 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
1c2-10-d2774-31.webazilla.com
Software
nginx /
Resource Hash
7c9e71cd7d6f70a7d7c0d0b25d3327a02d1245567b39963090bb40f25f8796ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 09:33:38 GMT
server
nginx
etag
W/"6527bd72-5670f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 56E2 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 06:13:25 GMT
truncated
/ Frame B6F8 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c9686d01f7bd6a704170509bcf4ae7620f7101c8d4daeba4efbc59d3645c73a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4C21 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c830c704d5f23fe054b5f5e91363ae2a4c5b2287d8363fe0dac52ac79588c3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5042 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc578513e2464763c0daa60422fe99174dca4bf47c0fa9321c1a7a728af68ffb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 56E2 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc6f2880a6de2d5f9e0a2c7b78b66a21bc8c1a269b91b6d9cae7e5c30580a336

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 5042 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuq2iYWpAqWp92ss3bt2RIDkn65Oz7qH_C7Ppk1UHAfgwCa_Yaxw4iz0pW3qD0nA0ZrLRQArax1taKLcsW7TGk4M1fEu3A24I0coQpi5pUpSiSNNx7VQ2AbmGOWt6pKE6-Yyo249db0TenrkSbh4eqGOe6Mxt5oXGTDSFhzfiT983FmdgXtQV4pgrrVvAmcscv98uqnnhMgl86gj60Cl_8pPxzeT6h22pX95w2vVagg6TVIztzLljaNYp1WFSN_0oPjPFlD9ZQ4mxJlMp6rEEw_Hz11fd2wQeOSU0UfLjyGPwUz5AmrWij_qxg8BOfDviE6dlM-A3-IhmqTaGICbufzzY1WCFjEOsm66-XxAROKLHx22N_vbg8Ys1XuQGTEWG7RjLiB4va0i3ZOWLy-6hOKDtf5blDfrBTZ9rTvoxRQwOGITogq&sai=AMfl-YS_9EopqodzjjzoJXHGbup0z3c6ex_uIvudh9_a8n6cgbC6D4jfvkW1Vhvygg06nauh4DQ8QtaM__QAm7EPVE0L9Dksok1_-lQLUl1iQ8eQunm3aWVFkOQ4fEMy-p6CyNyQfY0xeJQ4FEngK-sT&sig=Cg0ArKJSzPlE8QHSHRb4EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 06:13:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B6F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4votdpcCHuAwFToxqkqv9xC8m_xxbqqTHnF5Y7w1Wabvdndkd5AJxKAHkNZYEsnlVu1M1vvWXG3IQm2Ke4Y6ykaaJrwIUJVehMOjHN85RtRQvebenFLd1aLthHhtHiz-1qxZuaiy0eCbTOLubAn7zLHZVjNj48_yxxUuW2rG-hvEXP_EjWGrNjrNbjo3OgtcI8x1Zzt3XNHQ40X3K0Ksgn7PG8hlxyBuTJPIeulXxYJuyP7_RousKQwHt2hy_kEDPGUYoDk65mZqXK2QRhGUiBrt3wLULXYAPWiDMNc0_PhzCnb7r0d_zGtwOZ70Vzms7cVxxnbpGKeH4CCULxteEfPWEhsT4sLeYG97ZqVgQN26TbzEIVwwqKLAQil5VSO83ZHv9_1Df5IvJdvbHua8&sai=AMfl-YR4rLxUuZ8MWATJhjNpbE2yxqmRuO6_Aaht9KPCrC4WzSmlit6NbhMnzBsyCr3fcabhFr5e4S6YKEd5C31e9nERtLKVAfl4Fpd2ZbFrriG3xJspcifkQ1ydCi9Of2Aghq-TGRudVNajQcVcOuHy&sig=Cg0ArKJSzLg8soGhxP28EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 06:13:25 GMT
truncated
/ Frame F533 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1ab288523d4d1b074658538cdf720f6324827194c51f2b91ef1358468e641c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
/
tj6w5.flx10.com/v2/ewxbvib8Fpi/ Frame 48B7 		68 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tj6w5.flx10.com/v2/ewxbvib8Fpi/?cacheBuster=1467374737&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstY7tidpUqjNZJnebCtoGX_oWOIbIffajLz23nILl4ZvhneM9SOsKC1CDXfoalEf0IeGXXKjET53dEIrEDrcz6dblk9-gXyRwQSavcOyrlLPRpY7UEzpfJPklB1VKqv1Lf6Fb_csI5L543vzEuwMzFWG6VuyzXlJUCWyaUAyYCb4j77Zkr2rGnkXJZ-q0Hf0XtcvTM9Db2fWV3G0JcohBwvICWx3qIfxCHANu-5fQLIF09fCp7K63mszssx_eW52l0n-t51aVRWX_I3gm1wtcPTtFA-y_sykaqdahvRySKRo07YUu1dROb5jjkFCiQJlZwZvtKNN8nOCV1YCUdTFRKfovQ1pXzspa81iUpdOpe12AbU-5YQEuR1xvJny6sBive-2L3ySNg%26sai%3DAMfl-YQ7KUHG_aCh8_d9lfDzqAJq7SwLxwFIiDReBRM0Xx9Hqyc2m65NIkx0PT2xXKSD6x5cXAY57w8laoYkZf2NgObSi0r8FihnqNU2rQtzDThTf-3iIDBWg3rwNBlELiAfaHvMgRKg_5EcyX90Y0yj%26sig%3DCg0ArKJSzDIeOMAcQexxEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/libs/launcher-1.0.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
aa176d5d956aef8f7f286b765c96ae219e0889cc2ae424fec2c4a942e2a6163f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
18993
Content-Type
text/html
Date
Tue, 31 Oct 2023 06:13:25 GMT
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-HW
1698732805.cds128.fr8.hn,1698732805.cds256.fr8.c
view
securepubads.g.doubleclick.net/pcs/ Frame F533 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfY3zm1XHZAmQD9YsdhDX4ONdBZhQcjCx2U5y2LteDW4c0Mvhebug0CA8OYPzfxdOZhi0wq16oRACcPZy9i9PFMl2rH7Lzz1JBWOOgEWpOFaqmer5CKHHTtK5pdl8oS8FcZKpu1GEm-AgLGvYWnfRgAE50LQxNRqm_jSKIdi1RcsGh_ZHXKWjA04SnL7Sax_b99wMHoUxd5vn50G-F-C8irBSe_BK_f-AN28iYjHiJ8aQICFY7vXVLThwrb3vLlKEP2ehLKBZ-8fDeTS3Vv_dDkHQXm_mVBDCoDVc1DyQlPZcn0VVDlYSIFhtklOpL-ehRZsRkQeCwpfwdqfLKjh079SxW8IHCLcUYNnuGdPkpTc-ejgvm0_5NnifLasIsPvakyHRao2eR-o0ZvA&sai=AMfl-YSNtZd368IXRymBT8CZPipJnYJWuGFba2VpA8R36Vw7NejFOWSdEQQzoFBxyABIwA_4canCC1Rj3eC8jMyZk3d-DB0xf7e1rwviLJBSs6x76aOwhGDbGM2ACbt8M-hAScL6VCIJDs36PrmKXbqW&sig=Cg0ArKJSzKqoAkKEpqmgEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 06:13:25 GMT
css
fonts.googleapis.com/ Frame 48B7 		221 B
335 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT%20Serif:700&text=Sponsred%20Ct
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/ewxbvib8Fpi/?cacheBuster=1467374737&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstY7tidpUqjNZJnebCtoGX_oWOIbIffajLz23nILl4ZvhneM9SOsKC1CDXfoalEf0IeGXXKjET53dEIrEDrcz6dblk9-gXyRwQSavcOyrlLPRpY7UEzpfJPklB1VKqv1Lf6Fb_csI5L543vzEuwMzFWG6VuyzXlJUCWyaUAyYCb4j77Zkr2rGnkXJZ-q0Hf0XtcvTM9Db2fWV3G0JcohBwvICWx3qIfxCHANu-5fQLIF09fCp7K63mszssx_eW52l0n-t51aVRWX_I3gm1wtcPTtFA-y_sykaqdahvRySKRo07YUu1dROb5jjkFCiQJlZwZvtKNN8nOCV1YCUdTFRKfovQ1pXzspa81iUpdOpe12AbU-5YQEuR1xvJny6sBive-2L3ySNg%26sai%3DAMfl-YQ7KUHG_aCh8_d9lfDzqAJq7SwLxwFIiDReBRM0Xx9Hqyc2m65NIkx0PT2xXKSD6x5cXAY57w8laoYkZf2NgObSi0r8FihnqNU2rQtzDThTf-3iIDBWg3rwNBlELiAfaHvMgRKg_5EcyX90Y0yj%26sig%3DCg0ArKJSzDIeOMAcQexxEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5d80d2e60d2648206522f221fbf7f369583edf5e87ae3582edd6ee34fce675d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 06:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 06:13:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 06:13:25 GMT
css
fonts.googleapis.com/ Frame 48B7 		231 B
300 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Forum:regular&text=From%20Chiletand%2CJVg%E2%80%99sycupv
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/ewxbvib8Fpi/?cacheBuster=1467374737&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstY7tidpUqjNZJnebCtoGX_oWOIbIffajLz23nILl4ZvhneM9SOsKC1CDXfoalEf0IeGXXKjET53dEIrEDrcz6dblk9-gXyRwQSavcOyrlLPRpY7UEzpfJPklB1VKqv1Lf6Fb_csI5L543vzEuwMzFWG6VuyzXlJUCWyaUAyYCb4j77Zkr2rGnkXJZ-q0Hf0XtcvTM9Db2fWV3G0JcohBwvICWx3qIfxCHANu-5fQLIF09fCp7K63mszssx_eW52l0n-t51aVRWX_I3gm1wtcPTtFA-y_sykaqdahvRySKRo07YUu1dROb5jjkFCiQJlZwZvtKNN8nOCV1YCUdTFRKfovQ1pXzspa81iUpdOpe12AbU-5YQEuR1xvJny6sBive-2L3ySNg%26sai%3DAMfl-YQ7KUHG_aCh8_d9lfDzqAJq7SwLxwFIiDReBRM0Xx9Hqyc2m65NIkx0PT2xXKSD6x5cXAY57w8laoYkZf2NgObSi0r8FihnqNU2rQtzDThTf-3iIDBWg3rwNBlELiAfaHvMgRKg_5EcyX90Y0yj%26sig%3DCg0ArKJSzDIeOMAcQexxEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
73b051041b42ab2f88f29ed3de66ca45c82f2201b17010ca2bb255be24c9081a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 06:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 06:13:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 06:13:25 GMT
OeEeJwXZuILJXXW5osWCKGU5GaNe8XN7.svg.js
k3vzn.flx10.com/ Frame 48B7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k3vzn.flx10.com/OeEeJwXZuILJXXW5osWCKGU5GaNe8XN7.svg.js
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/ewxbvib8Fpi/?cacheBuster=1467374737&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstY7tidpUqjNZJnebCtoGX_oWOIbIffajLz23nILl4ZvhneM9SOsKC1CDXfoalEf0IeGXXKjET53dEIrEDrcz6dblk9-gXyRwQSavcOyrlLPRpY7UEzpfJPklB1VKqv1Lf6Fb_csI5L543vzEuwMzFWG6VuyzXlJUCWyaUAyYCb4j77Zkr2rGnkXJZ-q0Hf0XtcvTM9Db2fWV3G0JcohBwvICWx3qIfxCHANu-5fQLIF09fCp7K63mszssx_eW52l0n-t51aVRWX_I3gm1wtcPTtFA-y_sykaqdahvRySKRo07YUu1dROb5jjkFCiQJlZwZvtKNN8nOCV1YCUdTFRKfovQ1pXzspa81iUpdOpe12AbU-5YQEuR1xvJny6sBive-2L3ySNg%26sai%3DAMfl-YQ7KUHG_aCh8_d9lfDzqAJq7SwLxwFIiDReBRM0Xx9Hqyc2m65NIkx0PT2xXKSD6x5cXAY57w8laoYkZf2NgObSi0r8FihnqNU2rQtzDThTf-3iIDBWg3rwNBlELiAfaHvMgRKg_5EcyX90Y0yj%26sig%3DCg0ArKJSzDIeOMAcQexxEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
a1a81247ebdf0caf0770e03bab0a93537bcd743b092c3236b55d53b0067545ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 06:13:25 GMT
Content-Encoding
gzip
Server
nginx
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
X-HW
1698732805.cds344.fr8.hn,1698732805.cds277.fr8.c
Cache-Control
public, max-age=864000
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
Content-Length
1077
font
fonts.gstatic.com/l/ Frame 48B7 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=EJRSQgYoZZY2vCFuvAnt65qQRSXf5pgkleP13l7Oag&skey=f3f4fc2f289c7d5b&v=v18
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT%20Serif:700&text=Sponsred%20Ct
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df50731bf02e32aa53a4b423e21206ccd94858e884e2ebca1e63f426f0763930
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tj6w5.flx10.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 10:39:50 GMT
x-content-type-options
nosniff
age
70415
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4308
x-xss-protection
0
last-modified
Tue, 02 May 2023 23:59:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Mon, 30 Oct 2023 10:39:50 GMT
font
fonts.gstatic.com/l/ Frame 48B7 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=6aey4Ky-Vb8Ew_ITKIwy8zKUd2RJwyuJ-N8K36afcNBcwJzlhA7jTsk&skey=85e1828a547f7984&v=v18
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Forum:regular&text=From%20Chiletand%2CJVg%E2%80%99sycupv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e1ba4e00442936b986a864e8214f99001c9c935365066ac6e7f87a28469c4a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tj6w5.flx10.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:43:01 GMT
x-content-type-options
nosniff
age
27024
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5504
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 17:51:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 31 Oct 2023 22:43:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4C21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhkfhiedfh7nhyToNrtdSObtyC-Nkc7ZHOMO_OC3rxGf20PgS40y4HsMgYTwcQVsiJF66fNxMVF6fk7VIu11cAPjvUoW-7kZYGJUxCDFl2pBku8OLKRl2Yv9gbaBBrlQSYyH5-V2PX6fnHY0aN8XxOgiwtjgik13IVdMOPGPWiaLHQJMkw9dqVwACvxtoRr4vmCQ7v5yCXFOr8jU4mOXKTfVx9bQw7brJ8eC7C0CcdkTJzTdRR7daVoGhfIUUDzMr8P7YPqHm5-PFX3QEo4Qr5mcIYTck6pEUT_x9JESWAIY-uKaVfX39pByBSlmeQeYp6ejy8paCYq7-5c0rDizPIiO4gYA8sblbWNCkihGsWKWwTAgTmWR4ux3T66giBT9u-7xuAN38sfqUePMdihfvss7hJUbp-6WurGuwK4cvmmqZNO9H0&sai=AMfl-YTZkDCSikjCJG1wj29In4M8i8_ih14DAycYZxl0R_8spoBSuwUa8wl5Vlsw_izlGmai9fAGBa412xDwwh2kxLcOBVKLehZJlrpd6qwI5Ki88a900lkBvGIB1ZtOG2ws3ZrXzbmZTRxuM7A87xb0&sig=Cg0ArKJSzMcAN-7UVr8dEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 06:13:25 GMT
truncated
/ Frame 48B7 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b57f3eff9d069623b6f0f0fd2c3f60453a99aa078dade7f7d980da2a5a2ce542

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
jflS8eV1kVQ9VQ7Dgpz3cLXPrwWnNe0x.jpg
k3vzn.flx10.com/ Frame 48B7 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k3vzn.flx10.com/jflS8eV1kVQ9VQ7Dgpz3cLXPrwWnNe0x.jpg?width=medium&height=medium
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
4201c7f627f9ecde1a72b8a87cf521454ef9faba294773ded2588eecba069162

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 06:13:25 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1698732805.cds344.fr8.hn,1698732805.cds017.fr8.c
Cache-Control
public, max-age=864000
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
Content-Length
46180
jflS8eV1kVQ9VQ7Dgpz3cLXPrwWnNe0x.jpg
k3vzn.flx10.com/ Frame 48B7 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k3vzn.flx10.com/jflS8eV1kVQ9VQ7Dgpz3cLXPrwWnNe0x.jpg?width=medium&height=medium
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/ewxbvib8Fpi/?cacheBuster=1467374737&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstY7tidpUqjNZJnebCtoGX_oWOIbIffajLz23nILl4ZvhneM9SOsKC1CDXfoalEf0IeGXXKjET53dEIrEDrcz6dblk9-gXyRwQSavcOyrlLPRpY7UEzpfJPklB1VKqv1Lf6Fb_csI5L543vzEuwMzFWG6VuyzXlJUCWyaUAyYCb4j77Zkr2rGnkXJZ-q0Hf0XtcvTM9Db2fWV3G0JcohBwvICWx3qIfxCHANu-5fQLIF09fCp7K63mszssx_eW52l0n-t51aVRWX_I3gm1wtcPTtFA-y_sykaqdahvRySKRo07YUu1dROb5jjkFCiQJlZwZvtKNN8nOCV1YCUdTFRKfovQ1pXzspa81iUpdOpe12AbU-5YQEuR1xvJny6sBive-2L3ySNg%26sai%3DAMfl-YQ7KUHG_aCh8_d9lfDzqAJq7SwLxwFIiDReBRM0Xx9Hqyc2m65NIkx0PT2xXKSD6x5cXAY57w8laoYkZf2NgObSi0r8FihnqNU2rQtzDThTf-3iIDBWg3rwNBlELiAfaHvMgRKg_5EcyX90Y0yj%26sig%3DCg0ArKJSzDIeOMAcQexxEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
4201c7f627f9ecde1a72b8a87cf521454ef9faba294773ded2588eecba069162

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 06:13:25 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1698732805.cds344.fr8.hn,1698732805.cds017.fr8.c
Cache-Control
public, max-age=864000
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
Content-Length
46180
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310240101&jk=1502456488087103&bg=!YWKlYi3NAAbo5yKYyOc7ADQBe5WfOMCFMyfaW0xnfeWH7ZHaQsj26C-uuhnmKhw5zL6W126qIGSuIOMlReEQ87f-Q_kBAgAAAEJSAAAAA2gBBwoAsOrHOZ0KRt-llmkYLteK5Grjov1xQlzYZ5XB3iC77NiRstp2H2O4lHJUZxcr681jYNRbPBaUR9ChYyTATAb4J9RHxdkiTxvHFtDskH74z2hrrBTqa-zbc-72culkhgOOoU7fMH8LRGz6i5n4lcaZsB8A3Ofkd_Aiuzl_E_p6WEbDWXxbXCX9hhxaWqwIfmFGqyKI694j7lJ43XZ3cRVVudw5Z-wdiEvco8kWi5U6QxRxmQKuulBxfVBd30RWygtwIxu7SqQ_gjvsxWD3t8nSJEkc-40lE9NTsGkibIQIJFyC6kPE6NCO1kIB9mFS-4TEbU5YhprXGmdoQbW55_6JYVC-4dvSpqyaO6Fu0ynF271-l_W8ZOlMQjAh68x2a1OhchT3bMgrEUxh0VFP5z-jPSbLU-5jz48ucUmlf_Kr1t_yWtsjKhj-Jx0z9DMfSgh4-sazge7mNa4ipdZnOSZgF8XTmiLlmCpZ3MVufakmWz5xuLQdqqfkoWV6OO_cfltwKUyFLvsfEC77r__lvlSyOyIjo5L-I5bOkcPEaYzRac_gXGfWySboJ3QthWSytmK8wvDcbugyAyUBTRPCUjpRtECiFHkTEloEVV7gGDpKX1Xksg84UNsxEDK1W-s_sl0A6owiz40Y1DpB06zme5qPTTb6zvFFuKEyXHoPd3rqwUFKGpt7vHjJgETJ1mJ9DO5zJFromQRUr0_S53dijrqd7yVelFtzXi086M81NRVH8og7EadHs7BxMRHR9sB75MiMzb5MlRNBhXdd-Vn6mDbQ1BIv7zVn95_LYvtzqCKuJFe3DdtVnYBaCvmO3Jy7ShekUZYUPYKslnfMXQUet73yucPgSMm87AisMx3srubzWotN-_zGI5LnDNHKr44R1C-BPQ6pbti_1zIpmsX0zop-tXV6eONHw0bKOp12dgv6xWz0YHQ-kVLUgo5D8DKR9GXlK5Y4Zg7BldGqcRO_eI_dMOiAA9KgIvY2EGGby3qbLAqCnIALW80GR0R52mlaUOIV5YF_ePhbGMV-K44YRtqf2xscLYmXrSlmNAnHtyKlBbp9fJ1jRQdpIyDFerwhhJUq44eJVPS7O91vOiwU4DA7KVNMMmyGvaVKsbSFOYMd9vrFbCgdoygn3rwnAu05VwiD3-I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
1
serving.stat-rock.com/v1/placements/HWhwZn6jALe8FSaABfQgtx_FYR1ocjo0fHGd3FTZsdWj0sYb8uBI/code/js/ Frame 56E2 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/v1/placements/HWhwZn6jALe8FSaABfQgtx_FYR1ocjo0fHGd3FTZsdWj0sYb8uBI/code/js/1?url=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&b=0.5856441805267196
Requested by
Host: cdn.ad.plus
URL: https://cdn.ad.plus/player/adplus.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.251.58.217.95.clients.your-server.de
Software
nginx /
Resource Hash
27ec310064e4a013b2e248dbfc667f7b2490a88cd2c47e856e5837ab57add1b1

Request headers

Accept
*/*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 06:13:25 GMT
content-encoding
gzip
server
nginx
srvb
127.0.0.1:8082
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
https://biv.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
srvf
95.217.58.251
view
securepubads.g.doubleclick.net/pcs/ Frame 56E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZT-OrtItI1TGHLsMxetbkc-P-pq9vDOsu9FTBv59ZxjVRioiC_XQ14PLMCHlmyVCpkq5ppg5XKFpB7vKJr2nfgDLXlzX_5SFpBDofIfcI81mDyk3wg6SDRrWt85KzMsKAS4ht8LrICVYhZJ-TKSARXyr7tTQ6kX9mPnB3srtk5qOTFX13NQ7atPF8OemjzDG6_xqpPuvvPU_sFX_6pQ6SK_3qwHGz__G6fCqoMncPlgy8-mWqbHr_buNUZMh4K9i5sAWiNWxuD5YDpn0QOPKwKjaaSYRhN4ZiqK88378eNYfQvHntiKI8EXGso94aNkKV-wkLWfWBo0xmjM-HJuEKSpsMpprL-wW0t6uH1Zn3C3HBeiWphZPqr7CbyQ6SuJd97ca7kQtS&sai=AMfl-YTdnlVOmdJ4-S7jboUfse1_AFBTSWTcTGcokrhPQ3G3B3J1PGVRSqBiiTwO0_aw-Ogx5tZHxEz_YY_Qwh-B9KJW2k1CYU77LLmmSz_sRzPzPMayQpr0E-PSGH4nygCis-1D2K-o5frVcdcNR7Sd&sig=Cg0ArKJSzPMpRjyXU18AEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 06:13:25 GMT
truncated
/ 		630 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
video.png
ad.plus/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.plus/video.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b386b9f941431d7d28d044f6203a5d50854f6c051b593988207b0ad145d5589f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Oct 2019 21:49:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
712
etag
"6c4-5941cabf561c3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyaT0PxvWigjBLQPnJgQiqTsgyk9SI5k0ihj0w3mQfLnSjrwQSmItamrSGxozUK51uVvgWXf4auS5%2FWV9qQcLRqsEOHgFrXk7T3x4yyD4JHif1trGryRo1xxwR6mAcBgUASY%2FAKC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
81e9c084ce943cb0-CDG
alt-svc
h3=":443"; ma=86400
content-length
1732
1
serving.stat-rock.com/v1/log/js/ Frame 56E2 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1698732805798.8196&type=INIT&placementId=HWhwZn6jALe8FSaABfQgtx_FYR1ocjo0fHGd3FTZsdWj0sYb8uBI&tagId=UlaANKPgNZbvObR2qRWMD49MuVJWg8fpOQTHhawGvFRge21PygEK&vtId=gXl1WpgOWS8zfDVgCRCnGZXh5H6GjpSxOHzlUfRv_ZKmnvPUSX9B&message=&u=https%3A%2F%2Fbiv.com%2Farticle%2F2022%2F12%2Fivanhoe-responds-allegations-corruption-drc&t=206&v=114.1&p=2PkkHyMBMFIJuatuqVu0-GLeptj5JeNCA1N-kpuwKH9rZ-dT6f-r&width=550&z=p%3Apl%3Bv%3AinPage%3B&r=0.6247536967638834
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.251.58.217.95.clients.your-server.de
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
Origin
https://biv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
https://biv.com
date
Tue, 31 Oct 2023 06:13:25 GMT
srvf
95.217.58.251
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 56E2 		362 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.ad.plus
URL: https://cdn.ad.plus/player/adplus.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08111d73cf694f4b8b7339301e9bb8f18326ff8e5bead87bbd8d7a9ead6e74c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127417
x-xss-protection
0
expires
Tue, 31 Oct 2023 06:13:25 GMT
t.mp4
serving.stat-rock.com/player/video/ Frame 56E2 		3 KB
3 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/video/t.mp4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.251.58.217.95.clients.your-server.de
Software
nginx /
Resource Hash
e80d56ecb1bf6466f69023c1aeda99091de79f7e74b2dba9737c46e7ae9dc900

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 31 Oct 2023 06:13:25 GMT
last-modified
Thu, 20 Sep 2018 14:11:16 GMT
server
nginx
etag
"5ba3aa84-afd"
content-type
video/mp4
Content-Range
bytes 0-2812/2813
cache-control
public, max-age=31536000
Content-Length
2813
activeview
pagead2.googlesyndication.com/pcs/ Frame B6F8 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTWOEGgUfTzoalhqv7N-cSk3dXLIBGyC59kaj2_wu2jlQFI_o41PQKQcminMeNOJgUDW-7JRBcsWLzD21V898x9lQSDbEz0PHFcQLuBmPBsjEfur-KcSK5jW-Wnp4AAHSTJPQky4Q3Pg&sig=Cg0ArKJSzIGT1VdbecA-EAE&id=lidar2&mcvt=1000&p=335,1177,975,1337&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231030&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=586390771&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698732804959&rpt=145&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 06:13:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4C21 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8-3gIhAceJx2lfUklWsY9FZhZdtINN-jnTZac5mz1D5NXU5WTYrrihMPKfMh0iX8yrwWj_597CRbzbEwEBqY6-XrD_oJbrTP4pmU96Bf6fJ-GAdFTv2u7VN-4IqupjoEghjpSXszP1w&sig=Cg0ArKJSzL3ly9fReGA-EAE&id=lidar2&mcvt=1000&p=85,215,235,1385&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231030&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1931892802&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698732804982&rpt=217&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 06:13:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Expires
0
Pragma
no-cache
Date
Tue, 31 Oct 2023 06:13:28 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://biv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Allow
POST
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
4
Content-Type
text/html; charset=utf-8
Date
Tue, 31 Oct 2023 06:13:28 GMT
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires
0
Pragma
no-cache
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture object| bivAccess function| bivAccessGetCookie function| bivAccessSetCookie function| loadFullData function| sendAnalytics function| domready undefined| $ function| jQuery object| drupalSettings object| Drupal function| Blazy object| dataLayer function| fbq function| _fbq string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk function| saq function| _saq object| process boolean| _already_called_lintrk object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings string| NativeAIObject function| nativeAI object| _comscore object| googletag object| ggeac object| google_js_reporting_queue object| gaplugins undefined| google_measure_js_timing object| COMSCORE object| ns_p function| _toConsumableArray function| DateFormatter function| datetimepickerFactory string| disqus_shortname string| disqus_url string| disqus_title string| disqus_identifier number| disqus_disable_mobile string| disqus_def_name string| disqus_def_email function| disqus_config object| picturefillCFG function| picturefill object| dBlazy function| countWords function| Shariff string| tmp function| onYouTubeIframeAPIReady object| gaGlobal object| gaData function| pbq object| res object| saCookies string| current_window_url_param object| DISQUSWIDGETS undefined| disqus_domain object| SC object| pbProcessor function| gsc number| google_unique_id object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| regeneratorRuntime object| ox_esp object| _33across object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| GoogleGcLKhOms object| __uid2SecureSignalProvider object| __uid2 object| google_image_requests number| google_global_correlator

28 Cookies

Domain/Path Name / Value
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4e11f466-dc9a-503d-6999-403c73b9f118.nonJxxzM2aWZHfZDCqAJjYl8PmigGAisHVshIf6GRyc
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4e11f466-dc9a-503d-6999-403c73b9f118.nonJxxzM2aWZHfZDCqAJjYl8PmigGAisHVshIf6GRyc
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AThH0ZtyaUD1pmUA8c7nxGFD_Csg.Lbo2ajNzhtmrceoC6TXFYcV2QqYTqakD3tAvrbrCCFY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AThH0ZtyaUD1pmUA8c7nxGFD_Csg.Lbo2ajNzhtmrceoC6TXFYcV2QqYTqakD3tAvrbrCCFY
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIB5l54eUYrGYsJRW4AE78HULlJ0d3daJdwbnWkW5SdiZEHwYBCCDtoKqBjABOgSSgrqOQgRMWjZk.yZhRFmzAEVfC4k7YKwPw5dghJbG2Y11cYX9S0HqOjcI
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIB5l54eUYrGYsJRW4AE78HULlJ0d3daJdwbnWkW5SdiZEHwYBCCDtoKqBjABOgSSgrqOQgRMWjZk.yZhRFmzAEVfC4k7YKwPw5dghJbG2Y11cYX9S0HqOjcI
biv.com/ Name: sa-user-id
Value: s%253A0-4e11f466-dc9a-503d-6999-403c73b9f118.nonJxxzM2aWZHfZDCqAJjYl8PmigGAisHVshIf6GRyc
biv.com/ Name: sa-user-id-v2
Value: s%253AThH0ZtyaUD1pmUA8c7nxGFD_Csg.Lbo2ajNzhtmrceoC6TXFYcV2QqYTqakD3tAvrbrCCFY
biv.com/ Name: sa-user-id-v3
Value: s%253AAQAKIB5l54eUYrGYsJRW4AE78HULlJ0d3daJdwbnWkW5SdiZEHwYBCCDtoKqBjABOgSSgrqOQgRMWjZk.yZhRFmzAEVfC4k7YKwPw5dghJbG2Y11cYX9S0HqOjcI
.biv.com/ Name: _fbp
Value: fb.1.1698732803395.702735178
.linkedin.com/ Name: bcookie
Value: "v=2&e7791f60-9d3c-4491-8686-99b4ad0d4d47"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTg3MzI4MDM7MjswMjGIda5NO8cDFapfXGKFCwUIOnbJBfujMlCuKizj12bEaw==
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3106:u=1:x=1:i=1698732803:t=1698819203:v=2:sig=AQEe4oO3Ls2ayNNpl6CaNp6mYCbXxA2z"
.biv.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.biv.com/ Name: _ga
Value: GA1.2.951541586.1698732804
.biv.com/ Name: _gid
Value: GA1.2.1723497024.1698732804
.biv.com/ Name: _gat_UA-5729930-2
Value: 1
.biv.com/ Name: _gat_UA-35358600-39
Value: 1
.biv.com/ Name: _ga_F6YGN0M67Q
Value: GS1.2.1698732803.1.0.1698732803.60.0.0
.biv.com/ Name: __psid
Value: 1698732803679
biv.com/ Name: bivAccess
Value: false
biv.com/ Name: bivAccessSponsor
Value:
.criteo.com/ Name: uid
Value: 3b5b2dca-25df-4d38-9fe1-3897cdb4e7fa
.biv.com/ Name: cto_bundle
Value: cqSKU19CQTJaM0FheTJPQWFDakdaNzRiaGliYXhXUCUyQnF5S0RsOWszR1NmWDBqcnZQJTJCZFk4N2p2RHVxSTZRVU9hRGQwWGF3YXBpcDdzSyUyQnpaZWxkN0FEWGRDNmw1QkRteGh1UVh4eDVkWHhyWXl3bzRLcXg5V21aQUVTSlFxcTMlMkZ1R2NiMXpSZ3lvaWVPc3lKVWg0NkRQeElyZyUzRCUzRA
.openx.net/ Name: i
Value: cb34ec00-b442-44ea-b95c-9d802cbb81b1|1698732804
.biv.com/ Name: __gads
Value: ID=f4d16a3270076535:T=1698732804:RT=1698732804:S=ALNI_MYdfwJi8KM87SmkeiZpT83dJVPNXg
.biv.com/ Name: __gpi
Value: UID=00000caf5f046c62:T=1698732804:RT=1698732804:S=ALNI_MbP2MBIcvSD6pVvnMZ9bI_BJnEdCg
.doubleclick.net/ Name: IDE
Value: AHWqTUnwnlBZJP2LQoMik2wOptcn2kLdvpxxCB-L0fsKK0cA_-S2IwqU9F1ATXIUBCU

3 Console Messages

Source Level URL
Text
network error URL: https://www.googleapis.com/youtube/v3/videos?id=&key=AIzaSyB8V0FBEYtu_-zvN97RX5nOxbclKwD-BPA&part=contentDetails
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.native.ai/js/current/nativeai.js?1698278400000
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://tj6w5.flx10.com/libs/launcher-1.0.0.js
Message:
Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

643c8a8a6bb56185da3dc31c62083bc6.safeframe.googlesyndication.com
ad.plus
adserver.pressboard.ca
ampcid.google.com
ampcid.google.de
bcp.crwdcntrl.net
biv.com
biv.disqus.com
cdn-ima.33across.com
cdn.ad.plus
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.native.ai
cdn.prod.uidapi.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
gum.criteo.com
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
k3vzn.flx10.com
l.getsitecontrol.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
serving.stat-rock.com
snap.licdn.com
sr.studiostack.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
tags.crwdcntrl.net
tags.srv.stackadapt.com
tj6w5.flx10.com
tpc.googlesyndication.com
w.soundcloud.com
www.bugherd.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
13.107.42.14
141.95.33.111
151.139.128.10
172.64.152.89
18.245.60.76
18.66.112.123
18.66.97.10
199.232.192.134
2001:4860:4802:32::36
2400:52e0:1a01::999:1
2600:9000:2250:a000:a:e047:753:6381
2606:4700:10::6816:3456
2606:4700:20::ac43:4761
2606:4700:4400::ac40:9bc4
2606:4700::6810:5714
2620:12a:8001::2
2620:1ec:21::14
2a00:1450:4001:800::200a
2a00:1450:4001:801::2001
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c07::9a
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:480:f::213:7edd
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3121::3
34.102.146.192
34.120.135.53
34.96.70.87
35.157.192.247
35.244.159.8
51.104.28.77
52.19.8.73
65.9.66.97
78.140.185.31
95.217.58.251
0309254a2d5955ce2037d5d8981beb0d1e28a06b50a28a1d192fea2b54a5909a
04e4729204c0627e881f8f11b82a706077d63bfce5aff13dd22606e0db153482
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
06f8f014f0eda2eb9892080edf626d0f4791f663339636265de72a02a8e8894a
07818b0854bb53af39ec11ca7338e0b047cc403bc96549e73f9617f6f8a2a527
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08111d73cf694f4b8b7339301e9bb8f18326ff8e5bead87bbd8d7a9ead6e74c6
0c9686d01f7bd6a704170509bcf4ae7620f7101c8d4daeba4efbc59d3645c73a
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
0ed7c8e62284263f69eb5a559dffdf11cf1be68465d3df1ed5be13a658165990
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
1a9be378a51fcb7bb802582961aa770941118e013ac030acc22345c20533fd47
1ab8d12e30efc98afd0c5e87d866a8a69f6c1fd4deac43fa94c7dde7bf3e0bad
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
22158f5f86795d3ab0527e1791309efef988a86a57c16daf548fb1a81cc5ef2c
2388df780f154980d5f334830101f63540ae55f3601ed8a2d3eb4053a6a9f4e3
27ec310064e4a013b2e248dbfc667f7b2490a88cd2c47e856e5837ab57add1b1
2b73c6c26bcd27c8e60ad5894a8b86959a39ecd8f9707045ab5d570917bf796a
2eed4917c82d820cd44152e1c4ee84c9d7a3217b729e7f758e48dcbb22a7a395
2ff0c75ed984f7214d12d0fe9512fd05809317909f0eb3394c15f0ed385c8a24
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3269f0b174d0c675f8b46f8d5ca2286c7a16d148e8f1e8628d7bcaabe92d3097
33eef166f8e6c053dcceb061fbb3070df9a3efa298c23d7c4cc74a4d82f8df09
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35d3560abefdd86f4994b166ac3ba59f4ebf264b78310a63c7faf4c0e2d1c824
4201c7f627f9ecde1a72b8a87cf521454ef9faba294773ded2588eecba069162
45068adc3a9729e99f5950563f014d5060ac2bea681966e90ffc3ac5022ed1c0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49ede87f12c94c6ca43185c9cae029160f5c8e2031e6f89610c2426960bdc9a2
4e3aee4232b44aacbd9dd0ca2721ddabd2dba90ab40aa8faa9f3b4854a826a2d
51f361716f7032e7456f1032326fdc3881a9462a0e8539ee3b02ad3f8316e0c5
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594395406053a257cc775041fab878f00a41873f1c0027f9f1b88c8384044dee
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5c830c704d5f23fe054b5f5e91363ae2a4c5b2287d8363fe0dac52ac79588c3c
5d80d2e60d2648206522f221fbf7f369583edf5e87ae3582edd6ee34fce675d2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f0ff8f2f79aa470ed1831cd3503322d37468c51a1ac5bba9f14e0f392de095f
71b2a21fd2a1f7bd09569eac4f00ebbf3b5c27a17d36763670ca22feadd53854
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73b051041b42ab2f88f29ed3de66ca45c82f2201b17010ca2bb255be24c9081a
799207b8984fae58620fa7269a3cc9e5de76a1a75607f885fdea578584898aa4
7babf487f2bb478a8e32cc48676d96a89b26204978a7c9e673693d38e26d6d9b
7c9e71cd7d6f70a7d7c0d0b25d3327a02d1245567b39963090bb40f25f8796ee
7fd4cdb4acdd216cd89f8adde02bf0efb9b0c19de093c6da893abbd92c30385f
80c010622fb0f81dc3f3b1e7d3f9f662c4502e0d1c0c9440b1bc0336c314fb0f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853025403b31a8a58b01f17aafc8e6bb487ca624b9713ad81df38437df05fc2a
86d3ad61a152ba18ac3f576c8d24b0415a59337380d159bb1da2a283ff4971d6
87a3e2faf6eefa30cc675c72bc852a2d38bf364e1c682d04443bd9b7f2be06a7
8a3e4cb2b1a6aa9f6d109d500b563f64a2d41d45890d5cf85de9b52283571eed
8dd2e54a09b38c31cfc153f973ede5db1e36de8090b1f8841fd264be362ec0ce
8e7b87cb5543acb4be16bb91434272def2f32a66d8b41004d85e127eb6c048cf
92c1f992ddb36e99d52dc8c5555a21f1200d7bbc400dd10819c1758bbcc31f78
92d8e836e51c4440c1cd1cd705467344e5a515233385daa34972a00be9149ea4
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9f8941100e59e300852f66c9a22e7eaf02e42fae8b37ae45de4dbc766af7cd2b
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1a81247ebdf0caf0770e03bab0a93537bcd743b092c3236b55d53b0067545ad
a4cb54b3ee32f23a1753b976144fab6d68c8773cdcff20866899799177bd6548
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a900bbafdbf24d1ed04101ae70430450b4310b733802b784f507055781486268
aa176d5d956aef8f7f286b765c96ae219e0889cc2ae424fec2c4a942e2a6163f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b200c3dadfbd0d6a2a92f00221ee0a4ed958b56cbd0f6cb671fb7da9b967dc64
b2a4a48f182cfbb414b7fed8f9ab781c6744640d7e730955c835661b5640f82f
b386b9f941431d7d28d044f6203a5d50854f6c051b593988207b0ad145d5589f
b5611fb536b06b52803a09242886d58b9a453e8a64ee96a34240191b2e089e33
b57f3eff9d069623b6f0f0fd2c3f60453a99aa078dade7f7d980da2a5a2ce542
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
c3cd905e2f0b0883410d0a7796099be7fa14456a7d14ec102c29f2bc3c52abaa
c622c12e8824623770bcd32322a451ca6a2f3ca8322c587ad878a97a1f7f4a31
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce3f7b0bf2fd397249802815468553a2be4f18f0ebcceba59ee624fa6d679582
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
d7d87d116a990bbeb69232de9bc7b3a1aa6e1ba045757e1507ed14ed0ff1d3a5
d81df1f9ad09534c040d534e3821b76b516b2b08e89f36ff0110e941436ab247
dd3c6f058f50ccc3ab108c7288bbd38f6cdf062549d5fee2b32960ca4a8c917f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df104fb622f5998b3646168d246d9a03c36c8e2490340ea1c9735f7a416d461d
df2db24627d3ae386f88ca9b731b1eb2c7ada1a09223a8a5c9fce2636be9efbb
df50731bf02e32aa53a4b423e21206ccd94858e884e2ebca1e63f426f0763930
df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a
e1ab288523d4d1b074658538cdf720f6324827194c51f2b91ef1358468e641c4
e1ba4e00442936b986a864e8214f99001c9c935365066ac6e7f87a28469c4a5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6422c0cd2896da46b01bf3d520b634e2277d7393b1916aa19c143fa1fe42164
e80d56ecb1bf6466f69023c1aeda99091de79f7e74b2dba9737c46e7ae9dc900
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1fcae3d8db5f251766244e1bae58a5eceedb7ed01db4ed8a36382524c5b8f40
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
fc578513e2464763c0daa60422fe99174dca4bf47c0fa9321c1a7a728af68ffb
fc6f2880a6de2d5f9e0a2c7b78b66a21bc8c1a269b91b6d9cae7e5c30580a336
fe7be71169532a67a19a2178113658e2cf55413a21635fcd0a89060c839a5be6