urlscan.io logo urlscan.io
SecurityTrails logo

www.themoscowtimes.com Open in urlscan Pro
95.215.189.12  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Submission: On April 15 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 105 IPs in 10 countries across 98 domains to perform 476 HTTP transactions. The main IP is 95.215.189.12, located in Netherlands and belongs to PROCOLIX, NL. The main domain is www.themoscowtimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 21st 2021. Valid for: a year.
This is the only time www.themoscowtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 95.215.189.12 51758 (PROCOLIX)
21 95.215.189.11 51758 (PROCOLIX)
1 99.84.156.3 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:20e... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
4 23.111.9.35 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
5 99.84.156.117 16509 (AMAZON-02)
1 99.84.156.48 16509 (AMAZON-02)
14 142.250.185.66 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 23.32.243.206 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.206.143.246 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 99.84.156.122 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2.16.107.18 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 23.55.110.204 20940 (AKAMAI-ASN1)
4 35.166.225.195 16509 (AMAZON-02)
16 65.9.66.84 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
2 18 216.52.2.30 30282 (AS-INAPCD...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:26f0:120... 20940 (AKAMAI-ASN1)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 52.37.176.195 16509 (AMAZON-02)
2 69.173.144.140 26667 (RUBICONPR...)
4 185.64.189.112 62713 (AS-PUBMATIC)
7 21 37.252.172.38 29990 (ASN-APPNEX)
5 54.214.163.233 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.111.233.227 16625 (AKAMAI-AS)
3 7 35.227.248.159 15169 (GOOGLE)
2 3.127.178.105 16509 (AMAZON-02)
4 4 34.253.109.165 16509 (AMAZON-02)
1 18 216.52.2.19 29791 (VOXEL-DOT...)
12 12 54.154.158.183 16509 (AMAZON-02)
3 3 213.19.147.150 26120 (RHYTHMONE)
5 5 185.29.133.199 30419 (MEDIAMATH...)
2 2 193.0.160.128 54312 (ROCKETFUEL)
17 22 142.250.74.194 15169 (GOOGLE)
3 69.173.144.139 26667 (RUBICONPR...)
5 5 18.185.197.81 16509 (AMAZON-02)
10 13 35.158.172.137 16509 (AMAZON-02)
3 3 66.155.71.149 13768 (COGECO-PEER1)
5 6 37.252.173.27 29990 (ASN-APPNEX)
7 10 52.215.237.248 16509 (AMAZON-02)
1 1 52.72.174.10 14618 (AMAZON-AES)
4 4 185.184.8.30 204995 (RTB-HOUSE...)
1 4 159.253.128.183 36351 (SOFTLAYER)
8 10 198.148.27.140 19189 (PULSEPOINT)
1 2 52.95.118.60 16509 (AMAZON-02)
4 4 2620:116:800d... 16509 (AMAZON-02)
11 2.18.233.180 16625 (AKAMAI-AS)
2 16 52.209.7.203 16509 (AMAZON-02)
3 10 35.244.159.8 15169 (GOOGLE)
1 1 46.228.164.13 56396 (TURN)
3 2606:4700:e0:... 13335 (CLOUDFLAR...)
2 178.250.2.131 44788 (ASN-CRITE...)
3 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 3.225.15.51 14618 (AMAZON-AES)
1 3 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 35.174.135.52 14618 (AMAZON-AES)
1 193.122.130.38 31898 (ORACLE-BM...)
3 169.197.150.7 398989 (DEEPINTENT)
1 1 64.202.112.159 23352 (SERVERCEN...)
2 2 18.158.182.200 16509 (AMAZON-02)
1 1 213.19.147.151 26120 (RHYTHMONE)
6 6 151.101.114.49 54113 (FASTLY)
3 18.195.155.181 16509 (AMAZON-02)
1 1 124.146.215.44 2514 (INFOSPHER...)
5 5 37.157.2.236 198622 (ADFORM)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 185.64.190.78 62713 (AS-PUBMATIC)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 35.168.104.13 14618 (AMAZON-AES)
1 3.219.93.236 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:2638:1::3 44788 (ASN-CRITE...)
2 2a02:2638::1c 44788 (ASN-CRITE...)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
2 108.129.18.26 16509 (AMAZON-02)
2 40 199.232.137.44 54113 (FASTLY)
1 54.234.118.98 14618 (AMAZON-AES)
2 18.192.15.110 16509 (AMAZON-02)
2 213.19.147.210 26120 (RHYTHMONE)
2 185.94.180.124 35220 (SPOTX-AMS)
3 6 3.126.56.137 16509 (AMAZON-02)
5 5 52.28.254.214 16509 (AMAZON-02)
2 151.101.113.108 54113 (FASTLY)
3 4 178.250.2.151 44788 (ASN-CRITE...)
2 213.155.156.185 1299 (TELIANET ...)
2 4 185.86.137.131 201081 (SMARTADSE...)
5 42 185.64.190.80 62713 (AS-PUBMATIC)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 2 94.23.171.206 16276 (OVH)
2 63.251.232.170 29791 (VOXEL-DOT...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3 77.243.60.138 42697 (NETIC-AS)
4 4 35.201.96.126 15169 (GOOGLE)
2 185.64.189.249 62713 (AS-PUBMATIC)
2 2 35.210.53.219 19527 (GOOGLE-2)
4 185.64.189.114 62713 (AS-PUBMATIC)
2 2 2001:678:cb4:... 56396 (TURN)
2 2 178.62.202.251 14061 (DIGITALOC...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 34.98.107.212 15169 (GOOGLE)
4 14 141.226.228.48 200478 (TABOOLA-AS)
10 12 51.89.20.87 16276 (OVH)
4 4 52.57.243.4 16509 (AMAZON-02)
8 8 51.75.15.106 16276 (OVH)
4 4 34.251.130.56 16509 (AMAZON-02)
4 4 18.185.0.221 16509 (AMAZON-02)
2 2 172.105.221.29 63949 (LINODE-AP...)
2 192.132.33.46 18568 (BIDTELLECT)
1 1 35.210.239.72 19527 (GOOGLE-2)
2 5 185.64.189.216 62713 (AS-PUBMATIC)
1 1 13.225.87.28 16509 (AMAZON-02)
2 2 18.185.192.106 16509 (AMAZON-02)
1 1 154.59.122.79 174 (COGENT-174)
2 99.83.181.31 16509 (AMAZON-02)
476 105
1    95.215.189.12 (Netherlands)

ASN51758 (PROCOLIX, NL)
PTR: host880.procolix.com
www.themoscowtimes.com
21    95.215.189.11 (Netherlands)

ASN51758 (PROCOLIX, NL)
PTR: host879.procolix.com
static.themoscowtimes.com
1    99.84.156.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-3.txl52.r.cloudfront.net
get.s-onetag.com
1    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
2    2600:9000:20e8:6600:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
4    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
4    23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.google.de
5    99.84.156.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-117.txl52.r.cloudfront.net
onetag-geo.s-onetag.com
1    99.84.156.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-48.txl52.r.cloudfront.net
signal-beacon.s-onetag.com
14    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a04:4e42:1b::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
4    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f013:d:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    23.32.243.206 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-243-206.deploy.static.akamaitechnologies.com
chimpstatic.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    18.206.143.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-143-246.compute-1.amazonaws.com
ping.chartbeat.net
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    99.84.156.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-122.txl52.r.cloudfront.net
onetag-geo-grouping.s-onetag.com
2    2a03:2880:f113:81:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2.16.107.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-18.deploy.static.akamaitechnologies.com
cdn.avantisvideo.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
977a1f8f642d509cb92dda88d9e161c6.safeframe.googlesyndication.com
02fe63a02ac48c7c2ed21fbd1088323d.safeframe.googlesyndication.com
2835a58e821ed6e5b685ccc18ed52a30.safeframe.googlesyndication.com
25    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
3    2a02:26f0:6c00::210:ba12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static.avantisvideo.com
1    23.55.110.204 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-110-204.deploy.static.akamaitechnologies.com
cdn1.avantisvideo.com
4    35.166.225.195 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-225-195.us-west-2.compute.amazonaws.com
avm.avantisvideo.com
16    65.9.66.84 (United States)

ASN16509 (AMAZON-02, US)
likevertising.com
12    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
18    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
gslbeacon.lijit.com
vap6ams1.lijit.com
6    2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
2    2a02:26f0:120::211:78e9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ads.projectagoraservices.com
6    2606:4700:10::ac43:607 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adtrue.com
2    2607:f8b0:4004:807::2002 (Washington, United States)

ASN15169 (GOOGLE, US)
adservice.google.pl
2    2606:4700:3035::6815:2f1c (United States)

ASN13335 (CLOUDFLARENET, US)
projectagora.net
4    52.37.176.195 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-176-195.us-west-2.compute.amazonaws.com
exchange.adtrue.com
2    69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
21    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
5    54.214.163.233 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-214-163-233.us-west-2.compute.amazonaws.com
events.avantisvideo.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    104.111.233.227 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-227.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
7    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
ps.eyeota.net
4    34.253.109.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
18    216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
12    54.154.158.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
3    213.19.147.150 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
5    185.29.133.199 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
22    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
5    18.185.197.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
13    35.158.172.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
3    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
6    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
10    52.215.237.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
data.adsrvr.org
match.adsrvr.org
1    52.72.174.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-174-10.compute-1.amazonaws.com
aorta.clickagy.com
4    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
creativecdn.com
4    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
10    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    52.95.118.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
11    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
16    52.209.7.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-7-203.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
10    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
us-u.openx.net
eu-u.openx.net
u.openx.net
1    46.228.164.13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
3    2606:4700:e0::ac40:6e08 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-adtrue.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
3    2a02:26f0:7100:1b6::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
play.aniview.com
player.aniview.com
1    3.225.15.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
3    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    35.174.135.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
1    193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    18.158.182.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-182-200.eu-central-1.compute.amazonaws.com
ad.360yield.com
1    213.19.147.151 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.targeting.unrulymedia.com
6    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
e1.emxdgt.com
1    124.146.215.44 (Setagaya-ku, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
5    37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2a02:26f0:6c00::210:bb91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
content.avantisvideo.com
4    35.168.104.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
1    3.219.93.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
go1.aniview.com
1    2606:4700::6811:70bc (United States)

ASN13335 (CLOUDFLARENET, US)
www.who.int
4    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2606:4700:e0::ac40:6f04 (United States)

ASN13335 (CLOUDFLARENET, US)
projectagoralibs.com
2    108.129.18.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
projectagora-483829-hdb.adomik.com
40    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
match.taboola.com
1    54.234.118.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.aniview.com
2    18.192.15.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-15-110.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
2    213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
2    185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
6    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
5    52.28.254.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
2    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.185 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
4    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
42    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    94.23.171.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-94-23-171.eu
green.erne.co
2    63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-mon-1.sys.adgear.com
cm.adgrx.com
2    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
4    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
3    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
2    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
pool.admedo.com
4    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
2    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
14    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
sync-t1.taboola.com
12    51.89.20.87 (London, United Kingdom)

ASN16276 (OVH, FR)
id5-sync.com
4    52.57.243.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
8    51.75.15.106 (France)

ASN16276 (OVH, FR)
cookie-matching.mediarithmics.com
4    34.251.130.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
4    18.185.0.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
2    172.105.221.29 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
s.c.appier.net
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
u.ipw.metadsp.co.uk
5    185.64.189.216 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    13.225.87.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-28.fra2.r.cloudfront.net
cm.smadex.com
2    18.185.192.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
2    99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
Apex Domain
Subdomains		 Transfer
71 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
simage4.pubmatic.com
164 KB
54 taboola.com
cdn.taboola.com
trc.taboola.com
images.taboola.com
match.taboola.com
sync.taboola.com
sync-t1.taboola.com
348 KB
39 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
409 KB
38 lijit.com
ap.lijit.com
gslbeacon.lijit.com
vap6ams1.lijit.com
pxdrop.lijit.com
ce.lijit.com
99 KB
30 googlesyndication.com
977a1f8f642d509cb92dda88d9e161c6.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
02fe63a02ac48c7c2ed21fbd1088323d.safeframe.googlesyndication.com
2835a58e821ed6e5b685ccc18ed52a30.safeframe.googlesyndication.com
139 KB
29 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
61 KB
22 themoscowtimes.com
www.themoscowtimes.com
static.themoscowtimes.com
1 MB
18 avantisvideo.com
cdn.avantisvideo.com
static.avantisvideo.com
cdn1.avantisvideo.com
avm.avantisvideo.com
events.avantisvideo.com
content.avantisvideo.com
630 KB
16 gumgum.com
rtb.gumgum.com
5 KB
16 likevertising.com
likevertising.com
103 KB
13 bidswitch.net
x.bidswitch.net
4 KB
12 id5-sync.com
id5-sync.com
18 KB
12 bidr.io
match.prod.bidr.io
6 KB
11 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
signal-beacon.s-onetag.com
onetag-geo-grouping.s-onetag.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
25 KB
10 openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net
2 KB
10 contextweb.com
bh.contextweb.com
4 KB
10 adsrvr.org
data.adsrvr.org
match.adsrvr.org
4 KB
10 ampproject.org
cdn.ampproject.org
215 KB
10 adtrue.com
cdn.adtrue.com
exchange.adtrue.com
180 KB
9 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
7 KB
9 aniview.com
play.aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
sync.aniview.com
184 KB
8 mediarithmics.com
cookie-matching.mediarithmics.com
4 KB
8 criteo.com
bidder.criteo.com
gum.criteo.com
dis.criteo.com
2 KB
8 crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
4 KB
8 google.com
ampcid.google.com
www.google.com
adservice.google.com
2 KB
8 gstatic.com
fonts.gstatic.com
134 KB
7 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
2 KB
7 tapad.com
pixel.tapad.com
2 KB
6 everesttech.net
sync-tm.everesttech.net
2 KB
6 360yield.com
ad.360yield.com
ice.360yield.com
3 KB
6 adpone.com
hb.adpone.com
530 KB
5 adform.net
c1.adform.net
2 KB
5 mfadsrvr.com
rtb.mfadsrvr.com
3 KB
5 mathtag.com
sync.mathtag.com
3 KB
5 1rx.io
sync.1rx.io
tag.1rx.io
2 KB
5 rubiconproject.com
fastlane.rubiconproject.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com Failed
pixel.rubiconproject.com
4 KB
5 googletagmanager.com
www.googletagmanager.com
195 KB
4 creative-serving.com
ads.creative-serving.com
3 KB
4 fiftyt.com
visitor.fiftyt.com
2 KB
4 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
4 criteo.net
static.criteo.net
103 KB
4 quantserve.com
pixel.quantserve.com
2 KB
4 simpli.fi
um.simpli.fi
2 KB
4 creativecdn.com
creativecdn.com
1 KB
4 smartadserver.com
prg.smartadserver.com Failed
rtb-csync.smartadserver.com
3 KB
4 google-analytics.com
www.google-analytics.com
58 KB
4 fontawesome.com
use.fontawesome.com
173 KB
4 googletagservices.com
www.googletagservices.com
120 KB
3 semasio.net
uipglob.semasio.net
2 KB
3 emxdgt.com
cs.emxdgt.com
e1.emxdgt.com
67 B
3 deepintent.com
match.deepintent.com
99 B
3 cdn-adtrue.com
cdn-adtrue.com
28 KB
3 turn.com
d.turn.com
ad.turn.com
1 KB
3 sitescout.com
pixel-sync.sitescout.com
944 B
3 google.de
ampcid.google.de
www.google.de
adservice.google.de
2 KB
3 chartbeat.com
static.chartbeat.com
mab.chartbeat.com
25 KB
2 w55c.net
pm.w55c.net
2 KB
2 bttrack.com
bttrack.com
760 B
2 appier.net
s.c.appier.net
722 B
2 playground.xyz
ads.playground.xyz
724 B
2 dotomi.com
pubmatic-match.dotomi.com
207 B
2 bidtheatre.com
match.adsby.bidtheatre.com
1 KB
2 admedo.com
pool.admedo.com
783 B
2 zeotap.com
mwzeom.zeotap.com
984 B
2 ad4m.at
ad4m.at
1 KB
2 adgrx.com
cm.adgrx.com
816 B
2 erne.co
green.erne.co
525 B
2 adition.com
dsp.adfarm1.adition.com
1002 B
2 de17a.com
d5p.de17a.com
268 B
2 spotxchange.com
search.spotxchange.com
2 KB
2 adomik.com
projectagora-483829-hdb.adomik.com
206 B
2 projectagoralibs.com
projectagoralibs.com
3 KB
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com
474 B
2 rfihub.com
p.rfihub.com
1 KB
2 eyeota.net
ps.eyeota.net
688 B
2 projectagora.net
projectagora.net
207 KB
2 google.pl
adservice.google.pl
964 B
2 projectagoraservices.com
ads.projectagoraservices.com
10 KB
2 facebook.com
www.facebook.com
242 B
2 facebook.net
connect.facebook.net
97 KB
1 smadex.com
cm.smadex.com
524 B
1 metadsp.co.uk
u.ipw.metadsp.co.uk
189 B
1 who.int
www.who.int
116 KB
1 avplayer.com
player.avplayer.com
54 KB
1 socdm.com
tg.socdm.com
697 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
585 B
1 zemanta.com
b1sync.zemanta.com
288 B
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 stackadapt.com
sync.srv.stackadapt.com
168 B
1 clickagy.com
aorta.clickagy.com
665 B
1 acuityplatform.com
ums.acuityplatform.com Failed
706 B
1 chartbeat.net
ping.chartbeat.net
169 B
1 chimpstatic.com
chimpstatic.com
579 B
1 googleapis.com
fonts.googleapis.com
1 KB
1 jquery.com
code.jquery.com
29 KB
1 onesignal.com
cdn.onesignal.com
3 KB
0 outbrain.com Failed
sync.outbrain.com Failed
476 98
Domain Requested by
27 simage2.pubmatic.com 3 redirects image6.pubmatic.com
ads.pubmatic.com
22 cm.g.doubleclick.net 17 redirects gslbeacon.lijit.com
rtb.gumgum.com
us-u.openx.net
21 ib.adnxs.com 7 redirects projectagora.net
cdn.adtrue.com
player.aniview.com
acdn.adnxs.com
21 static.themoscowtimes.com www.themoscowtimes.com
static.themoscowtimes.com
18 ce.lijit.com 1 redirects likevertising.com
gslbeacon.lijit.com
rtb.gumgum.com
us-u.openx.net
16 cdn.taboola.com likevertising.com
cdn.taboola.com
16 rtb.gumgum.com 2 redirects gslbeacon.lijit.com
rtb.gumgum.com
16 likevertising.com www.themoscowtimes.com
likevertising.com
15 image2.pubmatic.com 2 redirects image6.pubmatic.com
ads.pubmatic.com
15 ap.lijit.com 2 redirects likevertising.com
ap.lijit.com
gslbeacon.lijit.com
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.themoscowtimes.com
14 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.themoscowtimes.com
likevertising.com
13 x.bidswitch.net 10 redirects gslbeacon.lijit.com
rtb.gumgum.com
ads.pubmatic.com
12 id5-sync.com 10 redirects
12 trc.taboola.com 2 redirects cdn.taboola.com
12 match.prod.bidr.io 12 redirects
12 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
www.themoscowtimes.com
11 ads.pubmatic.com gslbeacon.lijit.com
ads.pubmatic.com
rtb.gumgum.com
cdn.adtrue.com
10 sync.taboola.com 4 redirects
10 bh.contextweb.com 8 redirects
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 match.adsrvr.org 7 redirects rtb.gumgum.com
us-u.openx.net
8 cookie-matching.mediarithmics.com 8 redirects
8 images.taboola.com likevertising.com
8 fonts.gstatic.com fonts.googleapis.com
7 pixel.tapad.com 3 redirects likevertising.com
image6.pubmatic.com
6 ups.analytics.yahoo.com 3 redirects
6 sync-tm.everesttech.net 6 redirects
6 secure.adnxs.com 5 redirects gslbeacon.lijit.com
6 cdn.adtrue.com likevertising.com
exchange.adtrue.com
www.themoscowtimes.com
6 hb.adpone.com likevertising.com
5 image8.pubmatic.com 2 redirects
5 pixel.advertising.com 5 redirects
5 c1.adform.net 5 redirects
5 us-u.openx.net 2 redirects gslbeacon.lijit.com
us-u.openx.net
5 rtb.mfadsrvr.com 5 redirects
5 sync.mathtag.com 5 redirects
5 events.avantisvideo.com cdn.avantisvideo.com
5 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
5 www.googletagmanager.com www.themoscowtimes.com
cdn-adtrue.com
www.googletagmanager.com
4 ads.creative-serving.com 4 redirects
4 sync.crwdcntrl.net 4 redirects
4 ice.360yield.com 4 redirects
4 sync-t1.taboola.com
4 visitor.fiftyt.com 4 redirects
4 match.taboola.com image6.pubmatic.com
4 rtb-csync.smartadserver.com 2 redirects
4 dis.criteo.com 3 redirects image6.pubmatic.com
4 static.criteo.net cdn.adtrue.com
static.criteo.net
4 track1.aniview.com player.aniview.com
4 pixel.quantserve.com 4 redirects
4 um.simpli.fi 1 redirects gslbeacon.lijit.com
ads.pubmatic.com
image6.pubmatic.com
4 creativecdn.com 4 redirects
4 bcp.crwdcntrl.net 4 redirects
4 hbopenbid.pubmatic.com projectagora.net
cdn.adtrue.com
4 exchange.adtrue.com www.themoscowtimes.com
cdn.adtrue.com
4 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
4 www.google.com 2 redirects www.themoscowtimes.com
4 www.google-analytics.com www.googletagmanager.com
www.themoscowtimes.com
4 use.fontawesome.com static.themoscowtimes.com
use.fontawesome.com
4 www.googletagservices.com www.themoscowtimes.com
securepubads.g.doubleclick.net
3 u.openx.net 1 redirects
3 uipglob.semasio.net 1 redirects ads.pubmatic.com
3 content.avantisvideo.com
3 image6.pubmatic.com ads.pubmatic.com
3 match.deepintent.com rtb.gumgum.com
image6.pubmatic.com
3 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
3 cdn-adtrue.com exchange.adtrue.com
likevertising.com
3 pixel-sync.sitescout.com 3 redirects
3 sync.1rx.io 3 redirects
3 static.avantisvideo.com cdn.avantisvideo.com
www.themoscowtimes.com
3 adservice.google.com securepubads.g.doubleclick.net
2 pm.w55c.net 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 bttrack.com cdn.taboola.com
2 s.c.appier.net 2 redirects
2 e1.emxdgt.com
2 pixel.rubiconproject.com cdn.taboola.com
2 ads.playground.xyz 2 redirects
2 pubmatic-match.dotomi.com ads.pubmatic.com
2 match.adsby.bidtheatre.com 2 redirects
2 ad.turn.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pool.admedo.com 2 redirects
2 aud.pubmatic.com ads.pubmatic.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 s.tribalfusion.com image6.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 ad4m.at image6.pubmatic.com
2 cm.adgrx.com image6.pubmatic.com
2 green.erne.co 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 d5p.de17a.com image6.pubmatic.com
2 acdn.adnxs.com cdn.adtrue.com
2 search.spotxchange.com player.aniview.com
2 tag.1rx.io player.aniview.com
2 ads.adaptv.advertising.com player.aniview.com
2 projectagora-483829-hdb.adomik.com
2 projectagoralibs.com ads.projectagoraservices.com
2 gum.criteo.com static.criteo.net
2 player.aniview.com player.avplayer.com
player.aniview.com
2 eu-u.openx.net us-u.openx.net
2 ad.360yield.com 2 redirects
2 bidder.criteo.com cdn.adtrue.com
2 aax-eu.amazon-adsystem.com 1 redirects gslbeacon.lijit.com
2 p.rfihub.com 2 redirects
2 ps.eyeota.net likevertising.com
www.themoscowtimes.com
2 pxdrop.lijit.com www.themoscowtimes.com
2 googleads.g.doubleclick.net www.themoscowtimes.com
2 vap6ams1.lijit.com likevertising.com
2 fastlane.rubiconproject.com projectagora.net
2 projectagora.net ads.projectagoraservices.com
2 adservice.google.pl securepubads.g.doubleclick.net
2 ads.projectagoraservices.com likevertising.com
2 cdn.avantisvideo.com code.jquery.com
cdn.avantisvideo.com
2 www.facebook.com connect.facebook.net
2 onetag-geo-grouping.s-onetag.com signal-beacon.s-onetag.com
2 connect.facebook.net www.themoscowtimes.com
connect.facebook.net
2 static.chartbeat.com www.themoscowtimes.com
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 cm.smadex.com 1 redirects
1 u.ipw.metadsp.co.uk 1 redirects
1 sync.aniview.com player.aniview.com
1 www.who.int likevertising.com
1 go1.aniview.com player.aniview.com
1 player.avplayer.com cdn.avantisvideo.com
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com rtb.gumgum.com
1 sync.targeting.unrulymedia.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com rtb.gumgum.com
1 play.aniview.com cdn.avantisvideo.com
1 d.turn.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 data.adsrvr.org gslbeacon.lijit.com
1 pixel-eu.rubiconproject.com gslbeacon.lijit.com
1 ums.acuityplatform.com gslbeacon.lijit.com
1 gslbeacon.lijit.com ap.lijit.com
1 2835a58e821ed6e5b685ccc18ed52a30.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 02fe63a02ac48c7c2ed21fbd1088323d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn1.avantisvideo.com cdn.avantisvideo.com
1 977a1f8f642d509cb92dda88d9e161c6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.google.de www.themoscowtimes.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ampcid.google.de www.google-analytics.com
1 ping.chartbeat.net www.themoscowtimes.com
1 ampcid.google.com www.google-analytics.com
1 chimpstatic.com www.themoscowtimes.com
1 mab.chartbeat.com static.chartbeat.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 fonts.googleapis.com static.themoscowtimes.com
1 code.jquery.com www.themoscowtimes.com
1 cdn.onesignal.com www.themoscowtimes.com
1 get.s-onetag.com www.themoscowtimes.com
1 www.themoscowtimes.com
0 sync.outbrain.com Failed rtb.gumgum.com
0 pixel-us-east.rubiconproject.com Failed gslbeacon.lijit.com
0 prg.smartadserver.com Failed projectagora.net
476 162
Subject Issuer Validity Valid
themoscowtimes.com
Sectigo RSA Domain Validation Secure Server CA		 2021-01-21 -
2022-02-11		 a year crt.sh
static.themoscowtimes.com
R3		 2021-04-01 -
2021-06-30		 3 months crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2020-06-01 -
2021-06-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert SHA2 Secure Server CA		 2021-01-11 -
2022-01-17		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
content.avantisvideo.com
R3		 2021-02-22 -
2021-05-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.avantisvideo.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
likevertising.com
Amazon		 2020-09-24 -
2021-10-26		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
paadserver.projectagora.info
R3		 2021-02-25 -
2021-05-26		 3 months crt.sh
*.adtrue.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-08-14		 2 years crt.sh
*.google.pl
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
cert1.a2.atm.aqfer.net
R3		 2021-04-07 -
2021-07-06		 3 months crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.eyeota.net
R3		 2021-02-28 -
2021-05-29		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
*.srv.stackadapt.com
Amazon		 2020-12-09 -
2022-01-07		 a year crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
outstreamedia.com
R3		 2021-02-25 -
2021-05-26		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.adomik.com
Amazon		 2021-03-03 -
2022-04-01		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-12-26 -
2021-06-22		 6 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-16 -
2022-03-17		 a year crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.id5-sync.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh

This page contains 82 frames:

Primary Page: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Frame ID: D31315803C158A9537BCFEA3CA722B2A
Requests: 114 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: A178A11766EE9376237A65CD8B71C3C7
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYkI8k56CxfVzLQYUW3J7TXBwatHin3b0Pemz14syWWwuEbZFX7zlnUE-D_0lcxrUJv3nDLryRsuWmnA9fT41aKt3t-JYYIz1p-6zkERR56UqV8GWupX5ld_gboxyTv-Kg4-AZM3Ux81LHJwzKac44wTXm3js5F1Cp8eVr2gDZkkpviNsGJACwPtob62Q9XHa7oiAntLPQchtqrl7-QTkkaf_zF6C4PIX4x9PERExRHItXV3O2wl8crw_rJQxDk0hg9hN_bhfkCZq-I7lZYeZ_et5tX3_8q1DdmVIaXckhgtjd0dtLSMGbbruOKT7g0Q&sai=AMfl-YQ3-HYsUjKgbsvdaaY7HzsfcpvggTNHb9eBDCt-PZuwMPuXmx06cAd1DrU0GUhlqSSRKwH7E55079bO4dRbMxTso8S814rtOu6g7TBb8G8Gv0Dqb11eJF5OOh9zz5g&sig=Cg0ArKJSzONtVKcRq-VBEAE&urlfix=1&adurl=
Frame ID: B05F9E57310AA8E24C11903095281872
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_lFjtFB9NWEXGMGh5eSyJOnWhOe4g6pbjGsQx1u6-tcQFC15Kb66-UQiulO-7xyYMr_UKpI-K1R2rKlKcXfyjlXlIwFxu_dW3rJUkZROGgfIjLFuRFgxuF8BrlLbJfaIQ6fWFLXufsYKJTA9PlbKB0iADkQVoju4Qb4jB2dvG0YU5tziIAQ4jRTub5dCMFwNClRb5hQu6fP3osJ5ycnCtngWIHAMKpSYNChDUaEFKWOy6iQwfMBewGKv2ZEAB3EMvaaFTXv7OdOipUx75seUNcqIUDL9RooBovYNqBdtabtOsp64kXn4XOiTYbQ6zfrFa&sai=AMfl-YQCvC5cVQsvgSBSMwh-f0DfiOOkTb4FlWuI7Vr_I285xtDLlBOlfyjHpjcossOmh1aqZs3J034pDiJivYB0E5fHRB-0sBn74dd3xL1D4fvgLe8VQT8MUVdl08j_Wms&sig=Cg0ArKJSzGwaT3b0oBOKEAE&urlfix=1&adurl=
Frame ID: C27F061ED6952B818ABBAEC28490FA63
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 018F8BF70E0602486CA4D5F287C02A90
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 9FAD1C0A6A3654BDD73F736664A1A2AB
Requests: 10 HTTP requests in this frame

Frame: https://likevertising.com/counter?i=ozq8lklz3e1znpqig3c&a=212f87a9373ade82747a9703475edc401&cb=3377021618502858813
Frame ID: AF2082CC3230A9137949D95C07042400
Requests: 12 HTTP requests in this frame

Frame: https://likevertising.com/stat?i=ozq8lklz3e1znpqig3c&a=6edc5c89447c574ef4cea93f1f2f891a5&cb=4673201618502858814
Frame ID: 0B5DEA3F7099FF27009540E18D41E1DE
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/stats?i=ozq8lklz3e1znpqig3c&a=3f438269c50c900a489ac681b8b2a85d9&cb=6046781618502858815
Frame ID: 3024AED6EE65164E7B4768C9F24F7AEB
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/send?i=ozq8lklz3e1znpqig3c&a=0663c4e8643197170d2aea8d47191c277&cb=0823671618502858816
Frame ID: 4BE839995017D8EA6711FE1FF9AF6566
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/async_usersync?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=8239531618502858817
Frame ID: 985ED99F1E6B124FA466D0A0016DA089
Requests: 9 HTTP requests in this frame

Frame: https://likevertising.com/user?i=ozq8lklz3e1znpqig3c&a=4f4a4c72e5d91df7438c43d8a6ef40cd5&cb=3565061618502858819
Frame ID: DC6EBA5FDDE2EC7D0A0BC48C931FCA27
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 2BB231A548AE6BD9C6BC0E3362DFA6F5
Requests: 10 HTTP requests in this frame

Frame: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d61&cb=8973771618502858839
Frame ID: A27AFE8091BB8AE2467BA9641C03C127
Requests: 9 HTTP requests in this frame

Frame: https://likevertising.com/usersync?i=b2q9ssvr0rctu7elxrne&a=381b3593439a32d7eb976a934b5655d67&cb=9021261618502858840
Frame ID: 7E49CF01D2F6D64C41BB24CA0AB5E47B
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/sync?i=b2q9ssvr0rctu7elxrne&a=56a2b13f3aa682806e16e152c8c768699&cb=9590361618502858841
Frame ID: CBD6D504DC4BA726EBF09C27751CE72B
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/usync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2537&cb=8355001618502858842
Frame ID: 0FA820099A68064CCBD731029E365FB7
Requests: 12 HTTP requests in this frame

Frame: https://likevertising.com/usync?i=b2q9ssvr0rctu7elxrne&a=71fe11d01084140e99d087fe51ae4cfc3&cb=6273051618502858843
Frame ID: B0936FC2B286D2F76CB3E737E9959246
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/send?i=b2q9ssvr0rctu7elxrne&a=42995271e73e9db492ff35b40498d85b7&cb=9326051618502858844
Frame ID: F628E28E4E040BDAEE8ED0C23C0695BA
Requests: 2 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=17495&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=556710260&timeZone=2&adWidth=300&adHeight=250&loc=https://www.themoscowtimes.com/
Frame ID: 6466A4BC539A25A1B1684542BFC54BAF
Requests: 11 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=17496&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=3923687808&timeZone=2&adWidth=728&adHeight=90&loc=https://www.themoscowtimes.com/
Frame ID: 076B8D92A02E0032B045F1C0DADDFAE8
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 0B13400418080664CE0C42014D553097
Requests: 13 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Frame ID: 6160C84FEC386436C92F94BEE010A38A
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: E49F68BA382309FA1E3FE4A03FEF70AA
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 4953FB3E8153A7885D0B64E522C54EE9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 0B9DC2932710444B8ED8BD583C92B4D6
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Frame ID: C6B02591C1B5315C31E3CDF13A9EB0CD
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: EF3B63F257868902D730B4355F604836
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: CBD6D5BFC19AC4D36B66A5019866B8AF
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Frame ID: B3C21143D58DDCBD8FDFFC6DB3C5A805
Requests: 8 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=7717423280491194807&gdpr=1&gdpr_consent=
Frame ID: 9C397E871817D9F2A1FF9CA2DA78929C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E0D28BECF6C219BC573C3F175CA5A0A7
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 50F4ECF5D89F7E5DE59E5FF361E218C4
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=00ff6078-64cb-4100-85b9-f50803ea647b&gdpr=1&gdpr_consent=
Frame ID: F61A02D486F45C77A0554DDCB70615F5
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YHhkzQAAHM8Z2QAC&gdpr=1&gdpr_consent=&_test=YHhkzQAAHM8Z2QAC
Frame ID: 696348ACFF041DF8D38CB0B1A4F01208
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80YjNkZThmMS1iNDNhLTQ1NDctYWIyNy0yYTgzNTEyMjdiOTc=&gdpr=1&gdpr_consent=
Frame ID: 0DBA78DC2BACF5538A294F1EB23DDC26
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: 8839B96B104E880A0F06C97EA040BED0
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 03B7ABA9C36B251A887BECAAFF7B8C69
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 1EE83F466910519057DEC8BA62FE2D75
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YHhk0MCo8ZIAABtiirsAAAAA
Frame ID: C70C3CB445F0B4D3760CD3BF857A7EDF
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=875739025954424340
Frame ID: C125B92CED7829502CC5D11FD3F085AF
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=jzYATyA5oAbovpgI047v&pi=gumgum&tc=1
Frame ID: C669DBFAC0796BE72FFC1BF983FCB672
Requests: 1 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 20D2AC6FB4928502B2BE2FE3926B89D0
Requests: 3 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: E67BCD014F39C9C9F754A07F9812AE26
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FA8E397EFC44C04AE19906F931BFF060
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=604626c997bd7e08ad5db135
Frame ID: 0D37F4CE70FBD718B8DF3FAB5466E2FB
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.themoscowtimes.com
Frame ID: C4CEDEC9C17DBD5AD7130F843018FCD4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.themoscowtimes.com
Frame ID: 4F727CFC30BB0ED277C60A445C27E918
Requests: 1 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 439480304293227802F4A85533ADABF6
Requests: 18 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 10FE90C0693304B1EA504BE21EF8D9C0
Requests: 14 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1618502861963-956140594381-032059-009-006646&biddername=55&key=4462823264694872990
Frame ID: 919C0FA4A5B3F3F8C0A1683898140531
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6F80BD105E01E425727A3C1E212BB1D3
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 72B2E670B001D23DD1998E00A96D3401
Requests: 25 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4786C5222A4DB7C0D41E68463AA3FCFB
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 87135D1B7D31FE1D925C9B89349C3D9F
Requests: 25 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A413E811C58C3DB7BD641FBC1E4D0861
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: A184030C0CEC1EC9DD7EFE351E080928
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE2iU7A8MoAACpu2PriFQ
Frame ID: 1F614A19B6DE7E97737CCE3DAFC8159D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6951416869364627596
Frame ID: A75C7098199FB0E67C7B230E617C1662
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=90aJiChWHotz8CHBPo3SWpYH
Frame ID: 562F07D2BEEB008CCDDE49A53985FAAE
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: EB614712C1558AC245A9F0674AD3BF7B
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 2C98AD4C638DDBF3FFEA52B6EB21DC9C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: BCABD8B4765FD05FF7AE3DF9E0FF468D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=bsNtUEKgKG5N&pid=557219
Frame ID: 2BDA3898BA8CC07ED3D62BC94CA33D47
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: FE53B99AB8673AD2BF1A4BB68DFFB1E0
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Frame ID: 11A39F7C2352F707A5FAD0F0B1CC2630
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Frame ID: 968229C61E565C7160EE1D30E42FA570
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ac7e50ce-7b0a-497b-8b9f-34a47e9431dd&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3Dac7e50ce-7b0a-497b-8b9f-34a47e9431dd&isDirect=0
Frame ID: 1F57A73D33EA50F02C3A9B0AE931F300
Requests: 18 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Frame ID: 07C52492C38C4B108082860922893B78
Requests: 18 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: B4070AD2B60E058D95181712FB259BAC
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: C17B26A6EE940E11C0C6E8ED399A941E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADqK07A8MoAACrY0_5rMg
Frame ID: 3228A87ED8937E6DA2B6EF6FDFEDC54B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6951416869364627596
Frame ID: EF19B50FFA194A6388DF10CB67F062C5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=90aJiChWHotz8CHBPo3SWpYH
Frame ID: 5712F0A730EB3AD243BA0E49C90725DB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 16E930806D1AD4A1A0188D8581144256
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 955148E3A55632B4420794BDE525F7C5
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 04E4BEA250B88D3BFE831DC71CBF5063
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=acpcSAuIR0TY&pid=557219
Frame ID: 6DA05AF23E79094CDE41EE5A3319786F
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 327D6C6296583BB5D1BB8CB972043747
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Frame ID: 3BF1FF3CAD6B84B7AD0BC3A1979DCE61
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 4467433581DDBF80FC993EBE952641D6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qGMZEBpu1Lx4wW5&gdpr=0&gdpr_consent=
Frame ID: EC4E2740425F78499F0B544BCFA27B0B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

476
Requests

99 %
HTTPS

30 %
IPv6

98
Domains

162
Subdomains

105
IPs

10
Countries

5522 kB
Transfer

13285 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 181
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 185
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1512&partner_device_id=6e6204e5ca60dc41f216a9e2&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=6e6204e5ca60dc41f216a9e2&gdpr=1&gdpr_consent=
Request Chain 187
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=6e6204e5ca60dc41f216a9e2/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=6e6204e5ca60dc41f216a9e2/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=1a1a366ef5ecf2b209593665c91acd17&gdpr=1&gdpr_consent=
Request Chain 189
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 193
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1512&partner_device_id=0816e6ee7dd826d672704c5d&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=0816e6ee7dd826d672704c5d&gdpr=1&gdpr_consent=
Request Chain 194
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=0816e6ee7dd826d672704c5d/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=0816e6ee7dd826d672704c5d/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=1a1a366ef5ecf2b209593665c91acd17&gdpr=1&gdpr_consent=
Request Chain 197
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AABxQk7A8MoAACj4VVqJTg&gdpr=1
Request Chain 198
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Request Chain 199
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=6e6204e5ca60dc41f216a9e2&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=00ff6078-64cb-4100-85b9-f50803ea647b&gdpr=1&gdpr_consent=
Request Chain 200
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=875739025954424340
Request Chain 201
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NmU2MjA0ZTVjYTYwZGM0MWYyMTZhOWUy
Request Chain 204
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=ac7e50ce-7b0a-497b-8b9f-34a47e9431dd
Request Chain 205
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NmU2MjA0ZTVjYTYwZGM0MWYyMTZhOWUy HTTP 302
  • https://ap.lijit.com/dsp/google/reporting
Request Chain 207
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Request Chain 211
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=6e6204e5ca60dc41f216a9e2&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:42902b43772eb9b7f74fef86f8df35c0
Request Chain 212
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=jzYATyA5oAbovpgI047v&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Request Chain 213
  • https://um.simpli.fi/lj_match?r=1618502859718&gdpr=1&gdpr_consent= HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 214
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=o7fpAEjiu3X6&ev=1&pid=558511&gdpr_consent=&gdpr=1
Request Chain 215
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Request Chain 216
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=gQTOP4EAmmSaBs00j1LUP4ENzmSaAswxg1CEfmnH
Request Chain 220
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Request Chain 221
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=7717423280491194807&gdpr=1&gdpr_consent=
Request Chain 243
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=4462823264694872990
Request Chain 245
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Z1Fnu1hSrhW8g60fwFdQrMJg6z3mSQzXljiCviAjNOg_22YxzImEbUiHYVYGzmFn%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Z1Fnu1hSrhW8g60fwFdQrMJg6z3mSQzXljiCviAjNOg_22YxzImEbUiHYVYGzmFn%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_4b3de8f1-b43a-4547-ab27-2a8351227b97&obuid=ENC(Z1Fnu1hSrhW8g60fwFdQrMJg6z3mSQzXljiCviAjNOg_22YxzImEbUiHYVYGzmFn)
Request Chain 246
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=bae102f8-bf3c-085a-38f5-ee00dd0ab2a9
Request Chain 248
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-9uM5dMRE2pfVURt030aMHvd7.CSqsum_o9X_~A
Request Chain 249
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=b60ec0fe-9e04-11eb-bff9-b9567abcfdd5
Request Chain 252
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4b3de8f1-b43a-4547-ab27-2a8351227b97&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Request Chain 253
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=dc697243-71bb-4721-ba85-e57153494f64
Request Chain 254
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6195468802 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6195468802 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a6429d93-482e-44a2-98c9-d29478d6992a HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f7a6ffaf-c6b7-45ee-be3a-978378c8f112-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-f7a6ffaf-c6b7-45ee-be3a-978378c8f112-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-f7a6ffaf-c6b7-45ee-be3a-978378c8f112-003
Request Chain 255
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=pruvEd00HhIT&ev=1&pid=558355
Request Chain 257
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=00ff6078-64cb-4100-85b9-f50803ea647b&gdpr=1&gdpr_consent=
Request Chain 258
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YHhkzQAAHM8Z2QAC HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YHhkzQAAHM8Z2QAC&gdpr=1&gdpr_consent=&_test=YHhkzQAAHM8Z2QAC
Request Chain 263
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YHhk0MCo8ZIAABtiirsAAAAA
Request Chain 264
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=875739025954424340
Request Chain 265
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=jzYATyA5oAbovpgI047v&pi=gumgum&tc=1
Request Chain 267
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=00ff6078-64cb-4100-85b9-f50803ea647b
Request Chain 268
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=z8EUhM_FQN_UwxePwZcOhM_IFN_UxxaKzZW85EwU
Request Chain 269
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1095297685178457468
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIOOQS9UEH3OOu00HN4fhXg&google_cver=1
Request Chain 318
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1618502861963-956140594381-032059-009-006646%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1618502861963-956140594381-032059-009-006646&biddername=55&key=4462823264694872990
Request Chain 350
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a6429d93-482e-44a2-98c9-d29478d6992a&_origin=1&gdpr=1&gdpr_consent=
Request Chain 351
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPb5b88af4-9e04-11eb-a448-06ee44d609ba HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBiNWI4OGFmNC05ZTA0LTExZWItYTQ0OC0wNmVlNDRkNjA5YmE%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEInUOENjekigPGYnqyHIT1s&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEInUOENjekigPGYnqyHIT1s&google_cver=1&apid=UPb5b99c28-9e04-11eb-b2be-060b42c4039e
Request Chain 352
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YHhkzQAAHM8Z2QAC&_origin=0&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YHhkzQAAHM8Z2QAC&_origin=0&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YHhkzQAAHM8Z2QAC&_origin=0&gdpr=0&gdpr_consent=&apid=UPb5b99c28-9e04-11eb-b2be-060b42c4039e
Request Chain 368
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCeFFrN0E4TW9BQUNqNFZWcUpUZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABxQk7A8MoAACj4VVqJTg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABxQk7A8MoAACj4VVqJTg&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABxQk7A8MoAACj4VVqJTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4977431938741012291 HTTP 303
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4977431938741012291&_bee_ppp=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE2iU7A8MoAACpu2PriFQ
Request Chain 369
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6951416869364627596
Request Chain 370
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=90aJiChWHotz8CHBPo3SWpYH
Request Chain 373
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 374
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=bsNtUEKgKG5N&pid=557219
Request Chain 375
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 377
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=33F3FmUOT1y5aFXDf_Z48Q%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 380
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=DF717716-650E-4F5C-B968-55C37FF678F1&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DF717716-650E-4F5C-B968-55C37FF678F1&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 381
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DF717716-650E-4F5C-B968-55C37FF678F1&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DF717716-650E-4F5C-B968-55C37FF678F1&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DF717716-650E-4F5C-B968-55C37FF678F1&addseg=21
Request Chain 382
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REY3MTc3MTYtNjUwRS00RjVDLUI5NjgtNTVDMzdGRjY3OEYx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 383
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOtHYelNZzNgKpg2hqL4XL8&google_cver=1
Request Chain 385
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a6429d93-482e-44a2-98c9-d29478d6992a
Request Chain 386
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1095297685178457468
Request Chain 387
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:00ff6078-64cb-4100-85b9-f50803ea647b&gdpr=0&gdpr_consent=
Request Chain 388
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4462823264694872990&gdpr=0&gdpr_consent=
Request Chain 389
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0f091c0a-3530-4dd1-95fd-89ada1c252e2 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0f091c0a-3530-4dd1-95fd-89ada1c252e2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=43f23574-6b71-413a-8c0a-9ec7f6afaa75&user_group=1&ssp=pubmatic&bsw_param=0f091c0a-3530-4dd1-95fd-89ada1c252e2 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f091c0a-3530-4dd1-95fd-89ada1c252e2&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 391
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DF717716-650E-4F5C-B968-55C37FF678F1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kUmz3wlE2uXTqKuidzh1AIK1l4quW_0-~A&gdpr=0&gdpr_consent=
Request Chain 392
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W
Request Chain 393
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7717423280491194807&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 394
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHhkzQAAHM8Z2QAC&gdpr=0&gdpr_consent=
Request Chain 395
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:949b5f09-af4d-462e-9730-80b75558014e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 396
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 398
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4658588479070967429
Request Chain 399
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4b3de8f1-b43a-4547-ab27-2a8351227b97
Request Chain 400
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ac7e50ce-7b0a-497b-8b9f-34a47e9431dd HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ac7e50ce-7b0a-497b-8b9f-34a47e9431dd&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3Dac7e50ce-7b0a-497b-8b9f-34a47e9431dd&isDirect=0
Request Chain 403
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=x09m7GUqrmsz&ev=1&orig=trc&pid=562107
Request Chain 404
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4462823264694872990&orig=trc
Request Chain 405
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKrt2CrfNVd62QRMKIyCP_g&google_cver=1
Request Chain 407
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&google_tc=
Request Chain 408
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a6429d93-482e-44a2-98c9-d29478d6992a
Request Chain 413
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4767ea6b-8d68-4fbb-a000-adcc64286794
Request Chain 414
  • https://id5-sync.com/s/464/9.gif?puid=4ac0d072-9096-4cdc-972c-dd27c573c5b9-tuct771ea4d&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=4ac0d072-9096-4cdc-972c-dd27c573c5b9-tuct771ea4d&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO4zC1yvIqjpFCerq_Yi5t1fletNBMAE3izkgZ-w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO4zC1yvIqjpFCerq_Yi5t1fletNBMAE3izkgZ-w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=74e47178-c67d-473e-937b-183ef30943e9&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESENsQpj0O-13Zzcmc9P3nGIQ&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENsQpj0O-13Zzcmc9P3nGIQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4658588479070967429&opid=apx&ops=&utidl=tech:goo:CAESENsQpj0O-13Zzcmc9P3nGIQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A16927336776&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/4/4.gif?puid=1a1a366ef5ecf2b209593665c91acd17&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/3/5.gif?puid=297033f4-2e48-4578-95a9-cd4d4f17c728&gdpr=1&gdpr_consent=
Request Chain 415
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=KVszUAcZB26HWqeh0GR4YA
Request Chain 417
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=0f091c0a-3530-4dd1-95fd-89ada1c252e2&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=0f091c0a-3530-4dd1-95fd-89ada1c252e2 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fa59da56-e24a-42e1-89ef-befa1f2b7151
Request Chain 418
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTJDMUIxRDktQjA0MS00QTdGLTlBODktNDk5MTlCMzJCM0FE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 419
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0UzRENBQTItMjEyQi00MkU1LTg3NzMtQjlFMjQ2MEJGMkY4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 420
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 423
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f
Request Chain 424
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=_BKQoDEXDaW5rMrV0GR4YA
Request Chain 426
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=taboola&bds_param=fa59da56-e24a-42e1-89ef-befa1f2b7151 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=850b2d6e-20b5-4a69-a0a4-b4ad55d5ae0e&expires=10&ssp=taboola&bsw_param=fa59da56-e24a-42e1-89ef-befa1f2b7151 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fa59da56-e24a-42e1-89ef-befa1f2b7151
Request Chain 427
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1582a6a1-40a3-4078-8caa-5593100a009f HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1582a6a1-40a3-4078-8caa-5593100a009f&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1582a6a1-40a3-4078-8caa-5593100a009f&isDirect=0
Request Chain 428
  • https://u.openx.net/w/1.0/sd?id=543998486&val=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&gdpr=0&gdpr_consent=
Request Chain 429
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=gwfdQ2K3QvyF&ev=1&orig=trc&pid=562107
Request Chain 430
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4658588479070967429&orig=trc
Request Chain 431
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENhvI8cDpzVQe2gckvwGL2E&google_cver=1
Request Chain 432
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e:$UID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 433
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a6429d93-482e-44a2-98c9-d29478d6992a
Request Chain 434
  • https://ce.lijit.com/merge?pid=42&3pid=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 438
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7d4d1cda-7e1f-4b45-b32c-1065d30a6d87
Request Chain 439
  • https://id5-sync.com/s/464/9.gif?puid=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOE-4txmPIjGpoMa1URDbUd-Ox4Ob8p3HBIBaOFA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOE-4txmPIjGpoMa1URDbUd-Ox4Ob8p3HBIBaOFA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=74e47178-c67d-473e-937b-183ef30943e9&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESENsQpj0O-13Zzcmc9P3nGIQ&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENsQpj0O-13Zzcmc9P3nGIQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4658588479070967429&opid=apx&ops=&utidl=tech:goo:CAESENsQpj0O-13Zzcmc9P3nGIQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A16927336776&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/4/4.gif?puid=1a1a366ef5ecf2b209593665c91acd17&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/3/5.gif?puid=b9558095-2458-42ad-8c73-c5fbb77c248e&gdpr=1&gdpr_consent=
Request Chain 444
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJZ72zmsiULydp_pR8C5VsI&google_cver=1
Request Chain 446
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Request Chain 447
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a6429d93-482e-44a2-98c9-d29478d6992a
Request Chain 448
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4668053295650009157
Request Chain 449
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e6726078-64d2-4000-89c4-5c47b028dbcf&gdpr=0&gdpr_consent=
Request Chain 451
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4658588479070967429&gdpr=0&gdpr_consent=
Request Chain 452
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=89dK-PPTGfLo30yi8tRQ8_HWTvPo1x_38NfpwH4e
Request Chain 453
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFMmlVN0E4TW9BQUNwdTJQcmlGUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE2iU7A8MoAACpu2PriFQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8808815724829575093 HTTP 303
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8808815724829575093&_bee_ppp=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADqK07A8MoAACrY0_5rMg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D8808815724829575093%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=8808815724829575093&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADqK07A8MoAACrY0_5rMg&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADqK07A8MoAACrY0_5rMg
Request Chain 454
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6951416869364627596
Request Chain 455
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:949b5f09-af4d-462e-9730-80b75558014e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 456
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 457
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=90aJiChWHotz8CHBPo3SWpYH
Request Chain 458
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5872126167561975729
Request Chain 460
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c14cf062-5ea2-4bfa-a149-9b2e955390b6
Request Chain 462
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 463
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=acpcSAuIR0TY&pid=557219
Request Chain 464
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 466
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 467
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qGMZEBpu1Lx4wW5&gdpr=0&gdpr_consent=
Request Chain 468
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fj3KoiErQuWHc7niRgvy-A%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 471
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8&addseg=21
Request Chain 472
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=fa59da56-e24a-42e1-89ef-befa1f2b7151&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=573298112785&expires=30&user_group=1&ssp=Pubmatic HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=236&user_id=573298112785&expires=30&user_group=1&ssp=Pubmatic
Request Chain 474
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZiuAlrpE2uUscgm87819cH4cT2nrk2M-~A&gdpr=0&gdpr_consent=
Request Chain 475
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7882678080082226794&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 476
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YHhk0gAAHn9HMgBg HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHhk0gAAHn9HMgBg&gdpr=0&gdpr_consent=&_test=YHhk0gAAHn9HMgBg

476 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
www.themoscowtimes.com/2021/04/15/ 		58 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.215.189.12 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host880.procolix.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
b5e79dfc3cc2e6761bd48ef732edccaa93e64b3e67837499a4dfc0a833e1ae5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

Host
www.themoscowtimes.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Server
Apache/2.4.25 (Debian)
Strict-Transport-Security
max-age=15552000
X-Frame-Options
SAMEORIGIN
Cache-Control
no-cache, private
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
14523
Connection
close
Content-Type
text/html; charset=UTF-8
main.css
static.themoscowtimes.com/css/ 		187 KB
187 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.themoscowtimes.com/css/main.css?v=28
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
fcfb2967769ae00c7c9024bf6d7765adb7aa7bea15db5a9b3c3213ba45b92907
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 02 Apr 2021 15:18:39 GMT
Server
nginx/1.10.3
ETag
"606735cf-2ebf6"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
text/css
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
191478
X-Content-Type-Options
nosniff
tag.min.js
get.s-onetag.com/de8d3c3f-602a-4921-94f6-6c06fb8d9728/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/de8d3c3f-602a-4921-94f6-6c06fb8d9728/tag.min.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-3.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f6c910971dd5b42c99835ff5e3d6dcdba3eb9735368bfbefdeeab88c45d5abc

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1SkQP0orxGbWmBZos0.OQF658a_AEtgy
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 11:48:08 GMT
server
AmazonS3
age
38688
etag
W/"5e568e0b6202c88bdf9b2d5ec871ffe4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 df2b5b3f847bbe9ad7f475c0831bcc3a.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 15 Apr 2021 05:22:50 GMT
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
twuSfThA4vYU_op_fZz76hmEVaJ2f7RgZI-kvqq7FStqlkS-F5XuuA==
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b24cc75d726600ecd77219c27bcba8a1e4d100c3dd411a2ea30e0167b414ee

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:37 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3060
etag
W/"1462b90a76cb55e61497af0c736a3b3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
64066d8c9e3f97c0-FRA
cf-request-id
0977e2cbde000097c08e061000000001
expires
Sun, 18 Apr 2021 16:07:37 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:6600:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 15:50:20 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 01:43:44 GMT
server
nginx
age
1037
etag
W/"5fc6f150-5976"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 6c0a96db840a3c501e2558c2b46fd7ec.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
KpthfQ8dRMQj3i-k-lGsFUr7W9eeJHyx8orcMrkQ6u_IWZhiKa5d-A==
expires
Fri, 16 Apr 2021 15:50:20 GMT
gpt.js
www.googletagservices.com/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e20480a6db05edcb97721f4b34f3ab0f7d7ad532dedc10d3da60b2b7a29810b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"843 / 570 of 1000 / last-modified: 1618497091"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21043
x-xss-protection
0
expires
Thu, 15 Apr 2021 16:07:37 GMT
logo_1280.png
static.themoscowtimes.com/img/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/img/logo_1280.png
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
236ddfb4c7ba17cb430dd68df496bb75143ccfc0a178367056b35605ef0160a0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 02 Apr 2021 15:18:39 GMT
Server
nginx/1.10.3
ETag
"606735cf-d003"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/png
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
53251
X-Content-Type-Options
nosniff
Image-1-2.png
static.themoscowtimes.com/image/320/d1/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/320/d1/Image-1-2.png
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
706f2859ab8219f2253ca9574296d2797c3d63287b7786d861d71a2def8ab26a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Thu, 03 Oct 2019 14:50:52 GMT
Server
nginx/1.10.3
ETag
"5d960acc-1227d"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/png
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
74365
X-Content-Type-Options
nosniff
000_97Z9YX.jpg
static.themoscowtimes.com/image/article_1360/67/ 		256 KB
256 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_1360/67/000_97Z9YX.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
d04e1b523b6859a23df2b817c52f57807d168e5be2a36d4cf839f22483eadbb6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Thu, 15 Apr 2021 13:39:46 GMT
Server
nginx/1.10.3
ETag
"60784222-3fe53"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
261715
X-Content-Type-Options
nosniff
TASS40194474.jpg
static.themoscowtimes.com/image/article_640/0f/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/0f/TASS40194474.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
183b3328288a687248f1ac3a87bccec303b628997bec28100ef0034366a193ca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Thu, 15 Apr 2021 13:54:19 GMT
Server
nginx/1.10.3
ETag
"6078458b-472c"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
18220
X-Content-Type-Options
nosniff
CEC4709D-D924-4E7A-92A8-B57017E0A55F.jpeg
static.themoscowtimes.com/image/article_640/46/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/46/CEC4709D-D924-4E7A-92A8-B57017E0A55F.jpeg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
c3e5a368da9dac220bf51ddb67f4e274d114bb6071d8f9460901b991e9b0b8a6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Wed, 03 Mar 2021 07:05:14 GMT
Server
nginx/1.10.3
ETag
"603f352a-3b95"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
15253
X-Content-Type-Options
nosniff
234824b831ef4388a00df979ff97e649.jpg
static.themoscowtimes.com/image/article_640/bf/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/bf/234824b831ef4388a00df979ff97e649.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
29bdcf9b0e0ef668ecf8a3cace6a54c949a2a1ef20a93ea04b88728ed190a9f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Sun, 17 Feb 2019 14:28:47 GMT
Server
nginx/1.10.3
ETag
"5c696f9f-5948"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
22856
X-Content-Type-Options
nosniff
504b1c2056a54ff0bb369c95bbb7eee5.jpg
static.themoscowtimes.com/image/article_640/83/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/83/504b1c2056a54ff0bb369c95bbb7eee5.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
582f12576639581f59fe7f9348c7437a025b96f469ef18da0afcc89783a1cfc7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Feb 2019 09:53:31 GMT
Server
nginx/1.10.3
ETag
"5c62979b-5c0d"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
23565
X-Content-Type-Options
nosniff
GyfLy3HP_400x400.png
static.themoscowtimes.com/image/320/03/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/320/03/GyfLy3HP_400x400.png
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
a21374a3f8e02566ede77b6371937fcf2869587e01b38389552193a4ff9ef56c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Nov 2019 10:43:09 GMT
Server
nginx/1.10.3
ETag
"5dca8cbd-40bf"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/png
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
16575
X-Content-Type-Options
nosniff
CWJdLmXk_400x400.png
static.themoscowtimes.com/image/320/3f/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/320/3f/CWJdLmXk_400x400.png
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
1c4c5f95ac39592247ba98f6be4c5124d948da7e1ec8210c0e26ec1ad0b9c87f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Nov 2019 10:42:10 GMT
Server
nginx/1.10.3
ETag
"5dca8c82-3625"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/png
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
13861
X-Content-Type-Options
nosniff
LUWCANFI_400x400.jpg
static.themoscowtimes.com/image/320/36/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/320/36/LUWCANFI_400x400.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
fc8910a12a56baa8d399a29ea83ff9d09e9326cd7a38be03892a0333df79c931
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Nov 2019 10:43:20 GMT
Server
nginx/1.10.3
ETag
"5dca8cc8-212c"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
8492
X-Content-Type-Options
nosniff
apple-icon-180x180.png
static.themoscowtimes.com/image/320/b5/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/320/b5/apple-icon-180x180.png
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
cbcac3c98cf9658fbaa2ccbd75656668ed9338059ce94fac4b50c48c10f3e90e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Mon, 07 Sep 2020 14:43:37 GMT
Server
nginx/1.10.3
ETag
"5f564719-8272"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/png
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
33394
X-Content-Type-Options
nosniff
icon-180x180.png
static.themoscowtimes.com/image/320/0a/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/320/0a/icon-180x180.png
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
269eb85c158413a8e1c036fc2f3aa2360f35cdc4999234028be80b94e9ec2389
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Nov 2019 10:43:15 GMT
Server
nginx/1.10.3
ETag
"5dca8cc3-ac6c"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/png
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
44140
X-Content-Type-Options
nosniff
jquery-2.2.0.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.0.min.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:37 GMT
content-encoding
gzip
last-modified
Fri, 08 Jan 2016 20:03:15 GMT
server
nginx
etag
W/"56901603-14e55"
vary
Accept-Encoding
x-hw
1618502857.dop234.fr8.t,1618502857.cds203.fr8.hc,1618502857.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29875
Timeago.js
static.themoscowtimes.com/vendor/jquery/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.themoscowtimes.com/vendor/jquery/Timeago.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
51d2ca3e2554c558c0638095a604a4a3cdc1a914ca9a5f0ace149245b76804c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Mon, 20 Apr 2020 08:53:55 GMT
Server
nginx/1.10.3
ETag
"5e9d6323-1a99"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
6809
X-Content-Type-Options
nosniff
Lightbox.js
static.themoscowtimes.com/vendor/jquery/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.themoscowtimes.com/vendor/jquery/Lightbox.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
f8ca71efa8f9823626b975330f1cd7dde8163230fba36ba1ccf8bf9182ea46cb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 02 Dec 2016 06:20:54 GMT
Server
nginx/1.10.3
ETag
"584112c6-1597"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
5527
X-Content-Type-Options
nosniff
fitvids.js
static.themoscowtimes.com/vendor/jquery/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.themoscowtimes.com/vendor/jquery/fitvids.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
206bf243e0b1ba7ef7435675de712d76c920dc8b2f1c6799f1ba89d2986e2e20
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Thu, 17 Jan 2019 14:30:47 GMT
Server
nginx/1.10.3
ETag
"5c409197-a54"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
2644
X-Content-Type-Options
nosniff
2.029e1553.chunk.js
static.themoscowtimes.com/js/react/newsletters/ 		184 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.themoscowtimes.com/js/react/newsletters/2.029e1553.chunk.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
1cfee043979f75654901789b9c10ded17e85982acd6a66e21614c36949d85fc6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 02 Apr 2021 15:18:39 GMT
Server
nginx/1.10.3
ETag
"606735cf-2de41"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
187969
X-Content-Type-Options
nosniff
main.4cf539d3.chunk.js
static.themoscowtimes.com/js/react/newsletters/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.themoscowtimes.com/js/react/newsletters/main.4cf539d3.chunk.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
d5295c97529e9d7a0304c2e17eae16173ea2417661479ff80b35da151390fbbf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 02 Apr 2021 15:18:39 GMT
Server
nginx/1.10.3
ETag
"606735cf-2d47"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
11591
X-Content-Type-Options
nosniff
init.js
static.themoscowtimes.com/js/react/newsletters/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.themoscowtimes.com/js/react/newsletters/init.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
e2f8cd876768e15cdc9167bdff85d98e23c6e419c33df986cb91678613e542e7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 02 Apr 2021 15:18:39 GMT
Server
nginx/1.10.3
ETag
"606735cf-728"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
1832
X-Content-Type-Options
nosniff
Yellow.js
static.themoscowtimes.com/vendor/yellow/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.themoscowtimes.com/vendor/yellow/Yellow.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
c623e82418aeacccf4b6feed6c69d7aeab0f81ae791e91eb448b8f61a50671c7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Thu, 03 Jan 2019 16:54:46 GMT
Server
nginx/1.10.3
ETag
"5c2e3e56-6c05"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
27653
X-Content-Type-Options
nosniff
all.css
use.fontawesome.com/releases/v5.13.0/css/ 		57 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/css/all.css
Requested by
Host: static.themoscowtimes.com
URL: https://static.themoscowtimes.com/css/main.css?v=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:37 GMT
content-encoding
gzip
last-modified
Mon, 23 Mar 2020 16:09:20 GMT
server
NetDNA-cache/2.2
etag
W/"76cb46c10b6c0293433b371bae2414b2"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
v4-shims.css
use.fontawesome.com/releases/v5.13.0/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/css/v4-shims.css
Requested by
Host: static.themoscowtimes.com
URL: https://static.themoscowtimes.com/css/main.css?v=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c0ded025aa80c10d37920521c8de04536a6145d0e42eb4186c57b412fa50eb45

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:37 GMT
content-encoding
gzip
last-modified
Mon, 23 Mar 2020 16:09:22 GMT
server
NetDNA-cache/2.2
etag
W/"fb073a92592d70e5aa6e3cce1cf93a11"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Requested by
Host: static.themoscowtimes.com
URL: https://static.themoscowtimes.com/css/main.css?v=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b74fc3666be448b57191d1b21d896316748bd0b311eb01e344f2f90d8237954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 16:07:37 GMT
server
ESF
date
Thu, 15 Apr 2021 16:07:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Apr 2021 16:07:37 GMT
gtm.js
www.googletagmanager.com/ 		94 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TR8JKK
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e187dfd6bb0e777360c81c9b81bc219d946374a2d3ef4cf3568977e5b4fec08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35085
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 15:31:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Apr 2021 16:07:37 GMT
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:6600:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 15:16:06 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 00:04:46 GMT
server
nginx
age
3091
etag
W/"60665f9e-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 6c0a96db840a3c501e2558c2b46fd7ec.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
smsBRKA9z4fK_ooX2dPgccry3siEzSi1jVqdIXZ5U4WLK6QPlYTS_g==
expires
Fri, 16 Apr 2021 15:16:06 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:15:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
240708
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:15:49 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.13.0/webfonts/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://use.fontawesome.com/releases/v5.13.0/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:37 GMT
last-modified
Mon, 23 Mar 2020 16:08:17 GMT
server
NetDNA-cache/2.2
etag
"b15db15f746f29ffa02638cb455b8ec0"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
79444
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:15:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:50 GMT
server
sffe
age
240729
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:15:28 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v22/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 00:08:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:09:53 GMT
server
sffe
age
57577
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19300
x-xss-protection
0
expires
Fri, 15 Apr 2022 00:08:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 19:15:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
161532
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Wed, 13 Apr 2022 19:15:25 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.13.0/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://use.fontawesome.com/releases/v5.13.0/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:37 GMT
last-modified
Mon, 23 Mar 2020 16:10:04 GMT
server
NetDNA-cache/2.2
etag
"a06da7f0950f9dd366fc9db9d56d618a"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
76612
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:15:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
240708
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:15:49 GMT
u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v22/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de878ac09635910d6fdc776b259330509502e11a42aee1881a73a59d491e0000
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:41 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:07:17 GMT
server
sffe
age
367436
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19128
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:41 GMT
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v22/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5c9e4876832936836619c0b253bd8fd6c739560a6d5f287f51ac71b2edf7ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:10:05 GMT
server
sffe
age
367438
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19056
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:15:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
240737
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:15:20 GMT
/
onetag-geo.s-onetag.com/ 		24 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/de8d3c3f-602a-4921-94f6-6c06fb8d9728/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-117.txl52.r.cloudfront.net
Software
/
Resource Hash
a038ae2dc667c2b3d7964626a2289136579dec16c427521ed36247fb623f8c2d

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 12:34:16 GMT
via
1.1 04545073f97f94a6b7b4580892eff70d.cloudfront.net (CloudFront), 1.1 d5d4d284c2005ab214a2c9b6195c55c5.cloudfront.net (CloudFront)
age
12801
x-amzn-requestid
2e823267-a8f7-4939-bff3-484e3a01b4f5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1, TXL52-C1
x-amz-apigw-id
d0zfWHc8iYcFizw=
content-length
24
x-amz-cf-id
44-UlE5WJnMhr8i9yz4dGD3bczjzn2OpuVLEnbA_TeW0M4YGhQDB0w==
beacon.min.js
signal-beacon.s-onetag.com/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/de8d3c3f-602a-4921-94f6-6c06fb8d9728/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-48.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86fcf33dad06e2c94c8b6d0800075eeb09a286c01837329da371da7d859dabf8

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 14 Apr 2021 19:06:22 GMT
content-encoding
gzip
last-modified
Tue, 23 Mar 2021 13:58:10 GMT
server
AmazonS3
age
75676
etag
W/"213fdcebf159b76b249f26984c224a68"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
FxELgS0AF3DM.nbOOvZ9uVTuXEGtZU5d
via
1.1 b88825ad151091557d336c3519215162.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
TXL52-C1
content-type
application/javascript
x-amz-cf-id
FuikZ8GqmRtNjhKSCGKzGSv7XeYJdreDNHdUaChCmmwyA_l7tcxCig==
pubads_impl_2021041201.js
securepubads.g.doubleclick.net/gpt/ 		294 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
f9b0195ab22815c68db0b05e89abfc88fcb0b46b8b9a28d70ca731f17e07053e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 08:37:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106031
x-xss-protection
0
expires
Thu, 15 Apr 2021 16:07:37 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		259 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=themoscowtimes.com&domain=themoscowtimes.com&path=%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fae6da6065d3dc40129e76b38b29922e9f32cb683c1eea074dd004ae0c42329a

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:37 GMT
content-encoding
gzip
age
1212
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
expires
Tue, 13 Apr 2021 15:47:26 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
x-cache-hits
1
accept-ranges
bytes
x-timer
S1618502858.823259,VS0,VE1
content-length
193
via
1.1 varnish (Varnish/6.0), 1.1 varnish
x-served-by
cache-hhn4037-HHN
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR8JKK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
4463
date
Thu, 15 Apr 2021 14:53:14 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Thu, 15 Apr 2021 16:53:14 GMT
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9ddca568ff519cd935a816baec6f7bfce459656ec5022ec2ba6a6225891022eb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23960
x-fb-rlafr
0
pragma
public
x-fb-debug
haVRxHiranq3MkhgXMl3Zt0IMULzL2FKXv/wr5Sr0qVmobiLoZo5wRVb/jyPvUSvVfb91XJL90ndLqVgXhYBnA==
x-fb-trip-id
1679558926
x-frame-options
DENY
date
Thu, 15 Apr 2021 16:07:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
ede2b9c6411f6d0ebc48cb31e.js
chimpstatic.com/mcjs-connected/js/users/239926d40266233686ee429be/ 		50 B
579 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/239926d40266233686ee429be/ede2b9c6411f6d0ebc48cb31e.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.32.243.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-243-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
99
Date
Thu, 15 Apr 2021 16:07:37 GMT
Last-Modified
Mon, 28 Sep 2020 12:02:51 GMT
Server
AmazonS3
x-amz-request-id
A4606814F9780D65
X-EdgeConnect-MidMile-RTT
0
ETag
"104d46a3208b40e8ded389332f5a78a3"
Content-Type
application/javascript
Cache-Control
max-age=1635
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50
x-amz-id-2
QvHUUfFtnDQmdDj7epA/qBFLTlWY/vEEaLIZhMCUtzqBsQtiVZjqC0n1w/xss8u/1coxsOlg8zs=
Expires
Thu, 15 Apr 2021 16:34:52 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Apr 2021 16:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.themoscowtimes.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
main.js
static.themoscowtimes.com/js/ 		40 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.themoscowtimes.com/js/main.js?v=28
Requested by
Host: static.themoscowtimes.com
URL: https://static.themoscowtimes.com/vendor/yellow/Yellow.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
52b5333331d3d0a43ed43e779f2885d37d0ac62af22b15988a4fda90bee8a6ca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:37 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 02 Apr 2021 15:18:39 GMT
Server
nginx/1.10.3
ETag
"606735cf-9f96"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
40854
X-Content-Type-Options
nosniff
ping
ping.chartbeat.net/ 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=themoscowtimes.com&p=%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&u=4WgjD-Lsi2C8Y6VZ&d=themoscowtimes.com&g=66129&g0=News&g1=Jake%20Cordell&n=1&f=00001&c=0&x=0&m=0&y=6280&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=929&t=DIndnBB_opcaCK_XTBDdfmMFT38lg&V=126&i=Explainer%3A%20Why%20Is%20the%20U.S.%20Sanctioning%20Russia%20and%20What%20Impact%20Will%20it%20Have%3F%20-%20The%20Moscow%20Times&tz=-120&sn=1&sv=1hukIBc-WOhB8EGSZgCPWGBIyUF9&sd=1&im=067b3fff&_
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.143.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-143-246.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
publisher:getClientId
ampcid.google.de/v1/ 		3 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Apr 2021 16:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.themoscowtimes.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
/
onetag-geo.s-onetag.com/ 		24 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-117.txl52.r.cloudfront.net
Software
/
Resource Hash
a038ae2dc667c2b3d7964626a2289136579dec16c427521ed36247fb623f8c2d

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 12:34:16 GMT
via
1.1 04545073f97f94a6b7b4580892eff70d.cloudfront.net (CloudFront), 1.1 d5d4d284c2005ab214a2c9b6195c55c5.cloudfront.net (CloudFront)
age
12801
x-amzn-requestid
2e823267-a8f7-4939-bff3-484e3a01b4f5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1, TXL52-C1
x-amz-apigw-id
d0zfWHc8iYcFizw=
content-length
24
x-amz-cf-id
AaJvUKhRypbL1DYbjQTXl8N_0cAQ50SAQ6BEKb3gKZPybutwlkhC0Q==
collect
stats.g.doubleclick.net/j/ 		4 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-4186815-1&cid=2122645519.1618502858&jid=2100646348&gjid=47801903&_gid=2141527805.1618502858&_u=YGBAgAABAAQCAE~&z=1178551155
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 15 Apr 2021 16:07:37 GMT
content-type
text/plain
access-control-allow-origin
https://www.themoscowtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=1753489618&t=pageview&_s=1&dl=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&ul=en-us&de=UTF-8&dt=Explainer%3A%20Why%20Is%20the%20U.S.%20Sanctioning%20Russia%20and%20What%20Impact%20Will%20it%20Have%3F%20-%20The%20Moscow%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABAAQC~&jid=2100646348&gjid=47801903&cid=2122645519.1618502858&tid=UA-4186815-1&_gid=2141527805.1618502858&gtm=2wg472TR8JKK&z=938332012
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 04:57:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40229
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
342433566951762
connect.facebook.net/signals/config/ 		261 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/342433566951762?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
94f5cda81f68f1844062663655ea584aafcb3e86e5eb6c668220b9d1ed32e39c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
74900
x-fb-rlafr
0
pragma
public
x-fb-debug
ZU1/mVPL38USNeq+T6t0mX49i5oLSlfmVJRmCQ0FhKVQmezSpJ0oPQ5gQHtiTBBr1mYcFFwsBw3fZ84LSdM6mw==
x-frame-options
DENY
date
Thu, 15 Apr 2021 16:07:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-4186815-1&cid=2122645519.1618502858&jid=2100646348&_u=YGBAgAABAAQCAE~&z=1537955390
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-4186815-1&cid=2122645519.1618502858&jid=2100646348&_u=YGBAgAABAAQCAE~&z=1537955390
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ 		1 KB
835 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-122.txl52.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 04:46:19 GMT
content-encoding
gzip
server
restify
age
40879
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://www.themoscowtimes.com
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
fTJEENd-mVYgIvlFULgObnsuWVVeIblYSx5aYbdjyn7rELhwAQPSlQ==
via
1.1 a477b8537c9bc4c10a3c144386a7b5bf.cloudfront.net (CloudFront)
/
www.facebook.com/tr/ 		0
227 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryQTt5tgpMzQnmbATH

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 15 Apr 2021 16:07:38 GMT
content-type
text/plain
access-control-allow-origin
https://www.themoscowtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
video-loader.js
cdn.avantisvideo.com/avm/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=8425c313-03be-47a7-8c45-5277a8cb2563&tagId=1&_=1618502857746
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-18.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1be60b5a71bfa25af7110940b8d511410b158a723d455f72dd7c4ad89b674d68

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
i9Wy1fiAICJwzzbqWhnMuMEeESYpQpqF
Content-Encoding
gzip
Last-Modified
Tue, 16 Mar 2021 11:55:25 GMT
Server
AmazonS3
x-amz-request-id
ETZ6PZESD6ACKYK9
ETag
"75d58198b4bd6637fe901ffbb58c64bf"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Thu, 15 Apr 2021 16:07:38 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
21168
x-amz-id-2
LHlwJJgPLZmp2Igx50vmAgmznPJ8i65yteKWQIO0fk/neaoXKV8p2TmjA7HhUpceN3n9unUuWwc=
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.themoscowtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.themoscowtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		138 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2424379593714327&correlator=795746644969959&output=ldjh&impl=fifs&eid=31060830&vrg=2021041201&ptt=17&sc=1&sfv=1-0-38&ecs=20210415&iu_parts=21704504769%2CTMT%2Cbillboard_top%2Csidebar_home%2Csidebar_top%2Cbillboard_bottom%2Cbillboard_bottom_2%2Cvideo-in-article-content&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=728x90%7C970x90%7C980x120%7C970x250%2C300x250%7C336x280%2C300x250%7C336x280%7C300x600%2C728x90%7C970x90%7C980x120%7C970x250%2C728x90%7C970x90%7C980x120%7C970x250%2C728x90%7C970x90%7C980x120%7C970x250&cookie_enabled=1&bc=31&abxe=1&lmt=1618502858&dt=1618502858073&dlt=1618502857168&idt=883&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C-9%2C1158%2C-9%2C-9%2C-9&adys=12%2C-9%2C331%2C-9%2C-9%2C-9&adks=118446099%2C2416679599%2C236420964%2C1528615819%2C2558784702%2C3391782540&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90%7C0x-1%7C336x250%7C0x-1%7C0x-1%7C0x-1&msz=1600x90%7C0x-1%7C336x250%7C0x-1%7C0x-1%7C0x-1&ga_vid=2122645519.1618502858&ga_sid=1618502858&ga_hid=1753489618&ga_fc=false&fws=4%2C2%2C4%2C2%2C2%2C2&ohw=1600%2C0%2C336%2C0%2C0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
77624c129e78ead8e8729c795ddf069248873e6436881e4ce54372c842b90b9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32178
x-xss-protection
0
google-lineitem-id
5307164598,5307164598,5307164598,5307164598,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138304378621,138304378627,138304207033,138303854969,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.themoscowtimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
977a1f8f642d509cb92dda88d9e161c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://977a1f8f642d509cb92dda88d9e161c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
onetag-geo.s-onetag.com/ 		24 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-117.txl52.r.cloudfront.net
Software
/
Resource Hash
a038ae2dc667c2b3d7964626a2289136579dec16c427521ed36247fb623f8c2d

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 12:34:16 GMT
via
1.1 04545073f97f94a6b7b4580892eff70d.cloudfront.net (CloudFront), 1.1 d5d4d284c2005ab214a2c9b6195c55c5.cloudfront.net (CloudFront)
age
12802
x-amzn-requestid
2e823267-a8f7-4939-bff3-484e3a01b4f5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1, TXL52-C1
x-amz-apigw-id
d0zfWHc8iYcFizw=
content-length
24
x-amz-cf-id
qm2aEEjSehyCbf7dP2ot6rbAsLfLDpafYAqmbH1mZKlfKZV4xAs42g==
/
onetag-geo.s-onetag.com/ 		24 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-117.txl52.r.cloudfront.net
Software
/
Resource Hash
a038ae2dc667c2b3d7964626a2289136579dec16c427521ed36247fb623f8c2d

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 12:34:16 GMT
via
1.1 04545073f97f94a6b7b4580892eff70d.cloudfront.net (CloudFront), 1.1 d5d4d284c2005ab214a2c9b6195c55c5.cloudfront.net (CloudFront)
age
12802
x-amzn-requestid
2e823267-a8f7-4939-bff3-484e3a01b4f5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1, TXL52-C1
x-amz-apigw-id
d0zfWHc8iYcFizw=
content-length
24
x-amz-cf-id
HccLygjQP9YIWUnRjtxLoSoFyJkhGaaZLCZIeQ0-Ijj4NBcrI_cxWw==
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ 		1 KB
834 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-122.txl52.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 04:46:19 GMT
content-encoding
gzip
server
restify
age
40879
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://www.themoscowtimes.com
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
iY4KiNuE-YhkQ7yRZa-OcZ9ZSpH31eiPxiJKmL3ZEsWhlLx6NNAGpw==
via
1.1 a477b8537c9bc4c10a3c144386a7b5bf.cloudfront.net (CloudFront)
abc.txt
static.avantisvideo.com/data/ 		33 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=8425c313-03be-47a7-8c45-5277a8cb2563&tagId=1&_=1618502857746
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b54654d9006f14c2f336e72c56029a98c2eb6369c85a5aa0594d0b7c8dbc1a95

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Apr 2021 16:07:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Apr 2021 08:44:42 GMT
Server
AmazonS3
x-amz-request-id
VQ53XZ9KJM00FVKD
ETag
"ca87d2f970a804f0fe1b113f4fc2c8f2"
Vary
Accept-Encoding
Content-Type
text/plain
Access-Control-Allow-Origin
*
CDN-Origin-Protocol
HTTP
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
7204
x-amz-id-2
taMqkfJPpUV211bB0hnhlm1pki7Y4iWGldW84V8/HctFoKGSuMsZm3pePD+2hKITiAkRxSPLovo=
u_d.html
cdn1.avantisvideo.com/connect/ Frame A178 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=8425c313-03be-47a7-8c45-5277a8cb2563&tagId=1&_=1618502857746
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.204 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-204.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

Host
cdn1.avantisvideo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.themoscowtimes.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

x-amz-id-2
Vz5k+r1Dj31bXhQ47DO2m43ISuw2JqztkyxpqWW4LYrtN254dLE6bpKVE8MJ77EZA7/b3DafJ9Y=
x-amz-request-id
F1ZEQXTZPYD467XZ
Last-Modified
Tue, 30 Mar 2021 10:01:49 GMT
ETag
"f5694815436f3e426c35d9ae8274ad04"
x-amz-version-id
Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Thu, 15 Apr 2021 16:07:38 GMT
Content-Length
15098
Connection
keep-alive
X-Forward-Proto
http
CDN-Origin-Protocol
HTTP
/
onetag-geo.s-onetag.com/ 		24 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-117.txl52.r.cloudfront.net
Software
/
Resource Hash
a038ae2dc667c2b3d7964626a2289136579dec16c427521ed36247fb623f8c2d

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 12:34:16 GMT
via
1.1 04545073f97f94a6b7b4580892eff70d.cloudfront.net (CloudFront), 1.1 d5d4d284c2005ab214a2c9b6195c55c5.cloudfront.net (CloudFront)
age
12802
x-amzn-requestid
2e823267-a8f7-4939-bff3-484e3a01b4f5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1, TXL52-C1
x-amz-apigw-id
d0zfWHc8iYcFizw=
content-length
24
x-amz-cf-id
yDUyfqMU2K_Kf_9SHIDu5CuX4yT85XSBiywlb1MXxGYVexngp0JHvw==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Server
35.166.225.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-225-195.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://cdn1.avantisvideo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
geoip
avm.avantisvideo.com/api/v1/ Frame A178 		121 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.225.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-225-195.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
592e6151235c518829bb5f95476ef30fd3371e65513dd5142665dea292beb1dc
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
121
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Thu, 15 Apr 2021 16:07:39 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarywHGBXw1Gle3BGpgX

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 15 Apr 2021 16:07:38 GMT
content-type
text/plain
access-control-allow-origin
https://www.themoscowtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
view
securepubads.g.doubleclick.net/pcs/ Frame B05F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYkI8k56CxfVzLQYUW3J7TXBwatHin3b0Pemz14syWWwuEbZFX7zlnUE-D_0lcxrUJv3nDLryRsuWmnA9fT41aKt3t-JYYIz1p-6zkERR56UqV8GWupX5ld_gboxyTv-Kg4-AZM3Ux81LHJwzKac44wTXm3js5F1Cp8eVr2gDZkkpviNsGJACwPtob62Q9XHa7oiAntLPQchtqrl7-QTkkaf_zF6C4PIX4x9PERExRHItXV3O2wl8crw_rJQxDk0hg9hN_bhfkCZq-I7lZYeZ_et5tX3_8q1DdmVIaXckhgtjd0dtLSMGbbruOKT7g0Q&sai=AMfl-YQ3-HYsUjKgbsvdaaY7HzsfcpvggTNHb9eBDCt-PZuwMPuXmx06cAd1DrU0GUhlqSSRKwH7E55079bO4dRbMxTso8S814rtOu6g7TBb8G8Gv0Dqb11eJF5OOh9zz5g&sig=Cg0ArKJSzONtVKcRq-VBEAE&urlfix=1&adurl=
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 16:07:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 15 Apr 2021 16:07:38 GMT
t.js
likevertising.com/ Frame B05F 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9401371618502858550
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
42a2dfdd25e18def68333ed214a93ad8d514eb9de89064ee93b368f8d082d943

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
mn5qfsDjnZeBZ8MdQIBxnIjelmbGEoJL7Kkv2VUNctVWPX_4sppNrQ==
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B05F 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Thu, 15 Apr 2021 16:07:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C27F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_lFjtFB9NWEXGMGh5eSyJOnWhOe4g6pbjGsQx1u6-tcQFC15Kb66-UQiulO-7xyYMr_UKpI-K1R2rKlKcXfyjlXlIwFxu_dW3rJUkZROGgfIjLFuRFgxuF8BrlLbJfaIQ6fWFLXufsYKJTA9PlbKB0iADkQVoju4Qb4jB2dvG0YU5tziIAQ4jRTub5dCMFwNClRb5hQu6fP3osJ5ycnCtngWIHAMKpSYNChDUaEFKWOy6iQwfMBewGKv2ZEAB3EMvaaFTXv7OdOipUx75seUNcqIUDL9RooBovYNqBdtabtOsp64kXn4XOiTYbQ6zfrFa&sai=AMfl-YQCvC5cVQsvgSBSMwh-f0DfiOOkTb4FlWuI7Vr_I285xtDLlBOlfyjHpjcossOmh1aqZs3J034pDiJivYB0E5fHRB-0sBn74dd3xL1D4fvgLe8VQT8MUVdl08j_Wms&sig=Cg0ArKJSzGwaT3b0oBOKEAE&urlfix=1&adurl=
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 16:07:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 15 Apr 2021 16:07:38 GMT
t.js
likevertising.com/ Frame C27F 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=3028801618502858554
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9338eb6ad8a3545a6f38b86db25299e63ac8f1f9ba3f2ffa86d76d3f67abf76a

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
DRLVOfU6jBKFlwl175tFVH79BISK6xevHMCZ7P1WaFKSnvUrP1QhFw==
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C27F 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Thu, 15 Apr 2021 16:07:38 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423639646658"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Thu, 15 Apr 2021 16:07:38 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7556de5c323364dea5dd5fe782dddeb9fe1686dcb25ea6b2f00abd60d7f7368b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6599
x-xss-protection
0
truncated
/ Frame B05F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3570ae88476bb431d9f71bac86729278a3acc6eecdb7563b620203c43b4f632

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C27F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58d161230565c03be873118b031f8c71008ae636357dbf65c5bf2a0c95a0cf90

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 15 Apr 2021 16:07:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 018F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 15 Apr 2021 16:00:21 GMT
expires
Fri, 15 Apr 2022 16:00:21 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
437
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js
pagead2.googlesyndication.com/bg/ Frame 018F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 14:08:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:08:00 GMT
server
sffe
age
7164
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5721
x-xss-protection
0
expires
Fri, 15 Apr 2022 14:08:14 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9FAD 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=3028801618502858554
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
c8e578a150f241f400536783c6dae03df92f2f92776b8c87cbdef59144dcb0ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"843 / 345 of 1000 / last-modified: 1618497146"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21100
x-xss-protection
0
expires
Thu, 15 Apr 2021 16:07:38 GMT
counter
likevertising.com/ Frame AF20 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/counter?i=ozq8lklz3e1znpqig3c&a=212f87a9373ade82747a9703475edc401&cb=3377021618502858813
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=3028801618502858554
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ebb9ccd7e633b6add76b5839940681d91b486e8e37f8e9a4709f15904b768175

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/counter?i=ozq8lklz3e1znpqig3c&a=212f87a9373ade82747a9703475edc401&cb=3377021618502858813
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=3a41d341d57ec6e906ab90697cc6cf031a06ccfa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
vary
Accept-Encoding
date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
inVhIyTXL_OUlpM3q5W1vMX-nmZUJBB9SeWUAsUS5FCkDoauFHTDDg==
stat
likevertising.com/ Frame 0B5D 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/stat?i=ozq8lklz3e1znpqig3c&a=6edc5c89447c574ef4cea93f1f2f891a5&cb=4673201618502858814
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=3028801618502858554
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
435fce0c565a910b4c89789482dbd05452bd867bf5a497a253b4d74f65cc8793

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/stat?i=ozq8lklz3e1znpqig3c&a=6edc5c89447c574ef4cea93f1f2f891a5&cb=4673201618502858814
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=3a41d341d57ec6e906ab90697cc6cf031a06ccfa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Apr 2021 16:07:38 GMT
x-cache
Miss from cloudfront
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
h6mA_0zhzsP1obcACSeCAfu5fUoo5_bqUAM7uvylY9PqjwwBVMxXvg==
stats
likevertising.com/ Frame 3024 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/stats?i=ozq8lklz3e1znpqig3c&a=3f438269c50c900a489ac681b8b2a85d9&cb=6046781618502858815
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=3028801618502858554
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
435fce0c565a910b4c89789482dbd05452bd867bf5a497a253b4d74f65cc8793

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/stats?i=ozq8lklz3e1znpqig3c&a=3f438269c50c900a489ac681b8b2a85d9&cb=6046781618502858815
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=3a41d341d57ec6e906ab90697cc6cf031a06ccfa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Apr 2021 16:07:38 GMT
x-cache
Miss from cloudfront
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
CJv8iHmk8D06ti-Dt5d0VNYAkenHZ0gYi9cYAzVG-4ntYJ8-9i553A==
send
likevertising.com/ Frame 4BE8 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/send?i=ozq8lklz3e1znpqig3c&a=0663c4e8643197170d2aea8d47191c277&cb=0823671618502858816
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=3028801618502858554
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
435fce0c565a910b4c89789482dbd05452bd867bf5a497a253b4d74f65cc8793

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/send?i=ozq8lklz3e1znpqig3c&a=0663c4e8643197170d2aea8d47191c277&cb=0823671618502858816
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=3a41d341d57ec6e906ab90697cc6cf031a06ccfa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Apr 2021 16:07:38 GMT
x-cache
Miss from cloudfront
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
2j7-1gUXByqv3Q-6rj3JibQhlVna5ZTe99tbyQVcSFbhvHersyl8Qg==
async_usersync
likevertising.com/ Frame 985E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/async_usersync?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=8239531618502858817
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=3028801618502858554
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
234d48220a4763b35e1ad644dba7c68f5119ce179153535f60a20297f3558caa

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/async_usersync?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=8239531618502858817
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=3a41d341d57ec6e906ab90697cc6cf031a06ccfa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
vary
Accept-Encoding
date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
6wd6odj01I2xhlWNGk0UoP0iRwdXE64hSk5S-jKyW56kzZ2Xp3D-UA==
user
likevertising.com/ Frame DC6E 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/user?i=ozq8lklz3e1znpqig3c&a=4f4a4c72e5d91df7438c43d8a6ef40cd5&cb=3565061618502858819
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=3028801618502858554
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
faa29af882ddfc0fc714ab1287771fe2d94452b0ed1d6c5d8fc830312860f52e

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/user?i=ozq8lklz3e1znpqig3c&a=4f4a4c72e5d91df7438c43d8a6ef40cd5&cb=3565061618502858819
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=3a41d341d57ec6e906ab90697cc6cf031a06ccfa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1875
date
Thu, 15 Apr 2021 16:07:38 GMT
x-cache
Miss from cloudfront
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
25Rq_kjkwX-xbcUMbQgaMyXPO_iLHZNevYz4Y7WrMdDFmqIcG7mdzQ==
view
securepubads.g.doubleclick.net/pcs/ Frame C27F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuX60kVDgLk2iHjFke8WXaSeqUq-SGaJqKfzkPVlf54PRNI5EYgpmQav6BGXLsYwSI2slVVvUZf7u7JtMe6T-g4ChVtUfcKK9m6GQncu3gepoN7f1guebbsrGjg9EnGSNUYgszbYOz_uZFTyhUoiPOUfKpRkei4WKXCLlryLqgUSeNyytvunYXoTJkMxJf8K1BCExbCA4p80V-ccJQ7wkCBhV_z-VYLaYpP4jrjqHF-fy-DfsjM54ieOVOMy4lPsd_khvdN2FvHODE8gpLf34xfgCGvGOeeprMKSqMT1AIq5G7YPUZI5hQiI9RBneISmxg8lHs&sai=AMfl-YRw8XgO1oRJyNq9PmDjRKXXRwRSb-C2zQ8KACoyBklKjWh9YJHynBuZEsPibIDaUFtFB8O7iyqLYtL4xQoba8FSX0O5ZHN11o-pSD2KhJAYapyzrNEZSX4gYzrtwq0&sig=Cg0ArKJSzA4i_Mnwv6sBEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 16:07:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 15 Apr 2021 16:07:38 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2BB2 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9401371618502858550
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
7cbcd2ca3f23fb96debbd6ac83e3eb9a45bbe793d205b78c0c7d8b26ae8fc604
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"843 / 192 of 1000 / last-modified: 1618497146"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21044
x-xss-protection
0
expires
Thu, 15 Apr 2021 16:07:38 GMT
async_usersync
likevertising.com/ Frame A27A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d61&cb=8973771618502858839
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9401371618502858550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3fd54b4388f4d46c57f1ea0452307f0b54841d4e3ca1320a0408da973765acdc

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d61&cb=8973771618502858839
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=00c566c2bd360fa1717c583b11e113c4346fdf98
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1677
date
Thu, 15 Apr 2021 16:07:38 GMT
x-cache
Miss from cloudfront
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
0HhlVAZTVn8WmrQfpgDwYHaDaZ6pHMDxhLmF-lFz4bJNb8R6rkl-yw==
usersync
likevertising.com/ Frame 7E49 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/usersync?i=b2q9ssvr0rctu7elxrne&a=381b3593439a32d7eb976a934b5655d67&cb=9021261618502858840
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9401371618502858550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6ae86cd94a73128274286ed932f05602f19ee7ad9d1af92d4a3b58f9774a9bfc

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/usersync?i=b2q9ssvr0rctu7elxrne&a=381b3593439a32d7eb976a934b5655d67&cb=9021261618502858840
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=00c566c2bd360fa1717c583b11e113c4346fdf98
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Apr 2021 16:07:38 GMT
x-cache
Miss from cloudfront
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
Nfgs1DSYB7DPhSO8XuRFVcF9XFNjsNJy72mTiJqIBRn5r7YBMVvKjA==
sync
likevertising.com/ Frame CBD6 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/sync?i=b2q9ssvr0rctu7elxrne&a=56a2b13f3aa682806e16e152c8c768699&cb=9590361618502858841
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9401371618502858550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6ae86cd94a73128274286ed932f05602f19ee7ad9d1af92d4a3b58f9774a9bfc

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/sync?i=b2q9ssvr0rctu7elxrne&a=56a2b13f3aa682806e16e152c8c768699&cb=9590361618502858841
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=00c566c2bd360fa1717c583b11e113c4346fdf98
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Apr 2021 16:07:38 GMT
x-cache
Miss from cloudfront
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
nWRqcYn4rZmH2X5g8LtOvw4nYKzfIWQSLDzjFEwzKfbJhyly3zQDUQ==
usync
likevertising.com/ Frame 0FA8 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/usync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2537&cb=8355001618502858842
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9401371618502858550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d471fca96620458724db33f0271e221a6117003d4ffb473a472046cff5eae2b8

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/usync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2537&cb=8355001618502858842
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=00c566c2bd360fa1717c583b11e113c4346fdf98
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1632
date
Thu, 15 Apr 2021 16:07:38 GMT
x-cache
Miss from cloudfront
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
N6f7ItT4PolUvoBPbpmnGmyAVrxpDHRQdDPtMCyhA6ix2hi8aHjKcg==
usync
likevertising.com/ Frame B093 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/usync?i=b2q9ssvr0rctu7elxrne&a=71fe11d01084140e99d087fe51ae4cfc3&cb=6273051618502858843
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9401371618502858550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6ae86cd94a73128274286ed932f05602f19ee7ad9d1af92d4a3b58f9774a9bfc

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/usync?i=b2q9ssvr0rctu7elxrne&a=71fe11d01084140e99d087fe51ae4cfc3&cb=6273051618502858843
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=00c566c2bd360fa1717c583b11e113c4346fdf98
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Apr 2021 16:07:38 GMT
x-cache
Miss from cloudfront
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
7RBtAbC4P2hBdWkUcCcr6FaDfix6G_6SqSfPvRWRTw9nSC5TQ48Isw==
send
likevertising.com/ Frame F628 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/send?i=b2q9ssvr0rctu7elxrne&a=42995271e73e9db492ff35b40498d85b7&cb=9326051618502858844
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9401371618502858550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7032bca089ded934885262dd86ef3b6381b6a039f00f7644b8699864e995374

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/send?i=b2q9ssvr0rctu7elxrne&a=42995271e73e9db492ff35b40498d85b7&cb=9326051618502858844
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=00c566c2bd360fa1717c583b11e113c4346fdf98
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1874
date
Thu, 15 Apr 2021 16:07:38 GMT
x-cache
Miss from cloudfront
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
taZeXhaqklii9jhhNzeQiv0fp31Ucs5GsRaWyHhr9-N1SeR6V_tCVA==
view
securepubads.g.doubleclick.net/pcs/ Frame B05F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstR6nQ9x6h4kDgZATa6xPUTjDdpaXFja2_tCLHdRo5bc6wGEGWGdz1a4OtrJ6zyUGZbhO14PYKT4i5L2A5MU8gbYHc9jdQpt9U5HCKUC3qcN10A83y8ozbbt5HkBbSR32t9uwxPVD3ElIIiRiaotuOdtXPWu40BaC7vELoUhoC1ZCGYgcUJD1BNVEthh0vIvsAywnqKyhBYyZHXebJfCIzVRBJc4Z5KlQG3D7srCOtUqdn1MSN6IFRHyxvSRZq7qNedEQGeVCEN2HQp9WOAEcsZ8qqFdR4a1OU6HBe43Figtm23SldEVKLQOs6yH-UVLXpq&sai=AMfl-YTSSFmLS-O9bB8EfkJsln6VSrIM2obZp7Jbirzw9yxhNe0cYHtGRdAoiip4HFteZy_BTtRb13xID74-lSBMejLXEXVTWQY02c7bYoBjj3gxF8xdikIds6ETqJKRcxg&sig=Cg0ArKJSzJcLotNAenz-EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 16:07:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 15 Apr 2021 16:07:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041201&jk=2424379593714327&bg=!NDelN3PNAAb2K53n9is7ACkAdvg8WoR1oQjKcwjwWg0XnjDJu2UjBHQ9og5_8j_RwFmrZLhYRt4iDwIAAABaUgAAADRoAQcKAXek044BnIddSfgZ-A7A5n_q6Y9lOLd1wjLeFYURRR-ZSp_FAai_BQm8eCYjF0s1paIi6C2ZSgYeRh-lpArIHuAP_ZmRCfm3lma5chOIsPndHYs4kq87bWOulgCryzcA93Yk43xqdnzJL_ygFU-wvNlxAYOT5UinNpPVO1hXHuOIxoFEh0VaUuKhv20Yf1xhk4j3YaRDvuZUQjiyhQtLDOeFmTt5fCJvI1Vfppmc27gA7Zg_dQpw-WIpLJE660sxoAnxyjBihfgp3XUa3XbXcouZyDQ7-tKNokofog7XmQVDf2pzPLa_vG-OwO5EVPHgznf95FhhBxN7bGYPPsOCEBRQOoY8WHlN4nQrE0gB9mtAXbV2SXzCP-Za0YRHKiMfKY0Wa4FtwlV40RWxQdQQt8u784FiFHlnik4cg65Lw83pk9WDpzjX6Hb8HgmMrwF1_OVDcJpcuPQoo3GNTRFkn02RljcDutq-jt3BVeL56jIvP5ZFs1-rH2iZAeAoS25Gycfpy3_3nhZvwxaTvWjNOyL8SAElT4Z-IBNZS6RLn7rAC3r3jGuWP-NLtHGriZB5Tl53ip6t4Hqjo-cV8-7oURGkGJ49G2baklctZ_djHj8di2uUB5hyTQrJORvee_dOboNnZ5u3U8FdhuH0GIHkMmEsPt-lkHvH2HuV8go_9EIRDXIvdTqbISiEywJv7He4tYP5Yc-YgSTp2Kt0LKo3IWfCEnkARtfpmBYOd9Nyhsu-faEJPePEbnQi8r1ZUiHEzwP7QxuFcA0taPGvTXaVCd2qlj0p1FcKhzHlm7-YW24q1dd5kRG2gDOHQr6COuJ--8DlbQfb0GTiRqvTSM_mpEBDWrEuo7vF4u9dPPoE3Mn5lf3MJ3Ukin0CuOgGavwMu3xggAHYltaGBJn-6KF0UdaCLeGHDkO0ey5cpb3m3ljQjFd_6nkDumtaCWWD5hHWYl46YOIK7ekXf2P84ej_MUY1uGBdFc7ljOPJlsKNVvu6waOgBMnfa4eskZHJSNLzLmzkPL9NhzWoU3kGcxNKnJgKuCP_ZTHk4kpz7jgLUGETV75ATSPDmFxtPGXYgtZa2XXYcs-CHnWrx8MG3919KHvJ4tKm2Sf9hK50Ju5YcXESCKFozLnClu5D6p4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021041401.js
securepubads.g.doubleclick.net/gpt/ Frame 9FAD 		298 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
80d0a278e7a208ae2bd234aafcbdece69e63c9bf11e800d0ab5fa3c82176cf2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 08:43:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107268
x-xss-protection
0
expires
Thu, 15 Apr 2021 16:07:38 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame AF20 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=689163&width=300&height=250
Requested by
Host: likevertising.com
URL: https://likevertising.com/counter?i=ozq8lklz3e1znpqig3c&a=212f87a9373ade82747a9703475edc401&cb=3377021618502858813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:39 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"60468d89-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap6ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
pubads_impl_2021041201.js
securepubads.g.doubleclick.net/gpt/ Frame 2BB2 		294 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
f9b0195ab22815c68db0b05e89abfc88fcb0b46b8b9a28d70ca731f17e07053e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 08:37:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106031
x-xss-protection
0
expires
Thu, 15 Apr 2021 16:07:38 GMT
pxl.jpg
likevertising.com/ Frame C27F 		597 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://likevertising.com/pxl.jpg?i=ozq8lklz3e1znpqig3c&s=519&p=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&rstk=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&h=6321241618502858927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
content-length
597
x-amz-cf-id
3iEB-HSXsWg3CXnZHswMK9vHCeC_PyV6WZFwDYbYvyS7NPHq0uwnIQ==
x-cache
Miss from cloudfront
content-type
image/jpeg; charset=UTF-8
prebid_v4_21.js
hb.adpone.com/ Frame 0B5D 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/stat?i=ozq8lklz3e1znpqig3c&a=6edc5c89447c574ef4cea93f1f2f891a5&cb=4673201618502858814
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3733
content-type
application/javascript
x-amz-request-id
9Y8FFSFYNCFVKG4W
x-amz-id-2
ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=03icY3%2BfWuGGliztdTLuO2vWp%2FQBKDdXwrhoFyh7zL2LRqJCBgp%2F0C6zug%2BVW8rdBTKmNuGEHQGghL7gqV2vudCZvWplhjdWhUQDDEp3JkPNhvtFoVjAjmjq"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
public, max-age=14400
cf-request-id
0977e2d0c80000c272a0153000000001
cf-ray
64066d947f27c272-FRA
expires
Thu, 15 Apr 2021 20:07:38 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 4BE8 		302 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/send?i=ozq8lklz3e1znpqig3c&a=0663c4e8643197170d2aea8d47191c277&cb=0823671618502858816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3733
content-type
application/javascript
x-amz-request-id
9Y8FFSFYNCFVKG4W
x-amz-id-2
ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EUMkKheQb04%2FETdA3ytrNWaNkHLIWDU9xpXj9sClP60pZ19DfGzPJByTEv7cqylMd%2F2qNIOg7dsQT6pxxHZiARWvACvMRf%2F%2Fnz9vCCDoCs1RUMdnPq8D4jAa"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
public, max-age=14400
cf-request-id
0977e2d0c80000c2724880f000000001
cf-ray
64066d947f29c272-FRA
expires
Thu, 15 Apr 2021 20:07:38 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 3024 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/stats?i=ozq8lklz3e1znpqig3c&a=3f438269c50c900a489ac681b8b2a85d9&cb=6046781618502858815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3733
content-type
application/javascript
x-amz-request-id
9Y8FFSFYNCFVKG4W
x-amz-id-2
ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cUwdCqrnPuyDKtx2bkc8EzZyi7XQBWkY%2FyHMsS6PHoMIlKsdkiqVCiWbDP%2F5pdMWQZEKZEk51cME53YnkonVaBFs0cPqAM0j1PnnQVnKbZHS5sIN2vPpjAuT"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
public, max-age=14400
cf-request-id
0977e2d0c90000c2721e10f000000001
cf-ray
64066d947f2ac272-FRA
expires
Thu, 15 Apr 2021 20:07:38 GMT
/
ads.projectagoraservices.com/ Frame 985E 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=8135&uref=https%3A%2F%2Fwww.themoscowtimes.com%2F
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=8239531618502858817
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:120::211:78e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4d5e8667edc2c8b5f448fdd68f3305b070e34b7ef53bd3c2ae60c5c0d4d6985b

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
6324
expires
Thu, 15 Apr 2021 16:07:39 GMT
pxl.jpg
likevertising.com/ Frame B05F 		597 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://likevertising.com/pxl.jpg?i=b2q9ssvr0rctu7elxrne&s=519&p=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&rstk=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&h=4767171618502858954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
content-length
597
x-amz-cf-id
Q1RxTVdoJSJ6_GzVW0Fw3NmD2HCOB7WA6JuJgiqkrITtlHPdL1VlTQ==
x-cache
Miss from cloudfront
content-type
image/jpeg; charset=UTF-8
async.js
cdn.adtrue.com/rtb/ Frame DC6E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/user?i=ozq8lklz3e1znpqig3c&a=4f4a4c72e5d91df7438c43d8a6ef40cd5&cb=3565061618502858819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
age
13012276
etag
W/"5fb1d3ed-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
64066d949d1f0609-FRA
cf-request-id
0977e2d0e300000609103eb000000001
expires
Thu, 11 Nov 2021 01:36:22 GMT
prebid_v4_21.js
hb.adpone.com/ Frame CBD6 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/sync?i=b2q9ssvr0rctu7elxrne&a=56a2b13f3aa682806e16e152c8c768699&cb=9590361618502858841
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3723
content-type
application/javascript
x-amz-request-id
9Y8FFSFYNCFVKG4W
x-amz-id-2
ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=POPOVQCi8PJmKffBEBlQRRj9v2XSaDcpnL6dM8ShAmVcPfpeeeVE8H8km7pzGT%2Fy8k910VGkAGDj7xXL4PbaGFU9eaI9GN2WKetAi%2FnMpIfMiX3fjlhPiWNG"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
public, max-age=14400
cf-request-id
0977e2d0d90000c272593e2000000001
cf-ray
64066d948f4dc272-FRA
expires
Thu, 15 Apr 2021 20:07:38 GMT
/
ads.projectagoraservices.com/ Frame A27A 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=8136&uref=https%3A%2F%2Fwww.themoscowtimes.com%2F
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d61&cb=8973771618502858839
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:120::211:78e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
feea4902784ecb3c8c5e08477106ca21ec77628933e61f6f69456f97d20e4d73

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3703
expires
Thu, 15 Apr 2021 16:07:39 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame 0FA8 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=689161&width=728&height=90
Requested by
Host: likevertising.com
URL: https://likevertising.com/usync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2537&cb=8355001618502858842
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:39 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"60468d89-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap6ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
prebid_v4_21.js
hb.adpone.com/ Frame B093 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/usync?i=b2q9ssvr0rctu7elxrne&a=71fe11d01084140e99d087fe51ae4cfc3&cb=6273051618502858843
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3723
content-type
application/javascript
x-amz-request-id
9Y8FFSFYNCFVKG4W
x-amz-id-2
ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=77QLFy2th7Ucn7Kwn6CfDYBS5mNGFvtPSur%2Bo1ZojUKMpwoyREnCHH8T41W9BwI%2Bi5PK9lfDyVOHPKZQl24wpQLauf0atc8VXCPMgBQ1U2jUnQKjUiZdjfB5"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
public, max-age=14400
cf-request-id
0977e2d0ee0000c272903d0000000001
cf-ray
64066d94af7fc272-FRA
expires
Thu, 15 Apr 2021 20:07:38 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 7E49 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/usersync?i=b2q9ssvr0rctu7elxrne&a=381b3593439a32d7eb976a934b5655d67&cb=9021261618502858840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3724
content-type
application/javascript
x-amz-request-id
9Y8FFSFYNCFVKG4W
x-amz-id-2
ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WukFDCIGtM0Wo56G4nl%2BlA9JJSW0T7prcAM0j951Ohpd3j9SGGQ3jvWRqBNlnGgdWXN1zya1cEU1O040Gf8p4cwo463LjK5RNswQUB0yNwR0UASny2atQIVq"}],"max_age":604800}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
public, max-age=14400
cf-request-id
0977e2d0fa0000c272a79aa000000001
cf-ray
64066d94cfa4c272-FRA
expires
Thu, 15 Apr 2021 20:07:39 GMT
async.js
cdn.adtrue.com/rtb/ Frame F628 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/send?i=b2q9ssvr0rctu7elxrne&a=42995271e73e9db492ff35b40498d85b7&cb=9326051618502858844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
age
13012277
etag
W/"5fb1d3ed-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
64066d94ddaf0609-FRA
cf-request-id
0977e2d1050000060939978000000001
expires
Thu, 11 Nov 2021 01:36:22 GMT
integrator.js
adservice.google.pl/adsid/ Frame 9FAD 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=www.themoscowtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:807::2002 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9FAD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.themoscowtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9FAD 		43 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2383873915121824&correlator=658901103326009&output=ldjh&impl=fifs&eid=31060520%2C31060783%2C31060823%2C31060398%2C31060830&vrg=2021041401&ptt=17&sc=1&sfv=1-0-38&ecs=20210415&iu_parts=21671350435%2C300x250-themoscowtimes.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3D307f28d8c677a126-22d349b71fbb00b1%3AT%3D1618502858%3AS%3DALNI_May4MqeGPyI4V69rdeSOMSkMyVPaQ&cdm=www.themoscowtimes.com&bc=31&abxe=1&lmt=1618502859&dt=1618502859109&dlt=1618502858809&idt=278&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1158&adys=491&adks=2351213819&ucis=hju15a1mu285&ifi=1&ifk=2301147525&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&top=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=2122645519.1618502858&ga_sid=1618502859&ga_hid=1868999771&ga_fc=true&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a86a8a62510fc21f54b9969285bc064698b8d5339d7265492995dd7faca45d6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10876
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.themoscowtimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
02fe63a02ac48c7c2ed21fbd1088323d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9FAD 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://02fe63a02ac48c7c2ed21fbd1088323d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 9FAD 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
prebid.3-25.js
projectagora.net/libs/prebidv3/ Frame A27A 		363 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8136&uref=https%3A%2F%2Fwww.themoscowtimes.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3315
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
6D986B55663EEBF3
x-amz-id-2
ZhEiJOSoqiVZrX4wxw8sIKmhRs9/fBzKhQKpIUcozojKoLGYPxcreZbT4qPKiESDAw6Bn5s30vk=
last-modified
Mon, 25 Jan 2021 09:50:58 GMT
server
cloudflare
etag
W/"6d6061f12d5d98b0f63e4b52058a31b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=prU9cSsK8v9ZDWq3G290z4Qjvagn%2BmOAfR2v4MTVWrYnQnuj%2ByeAiJVSbpL9N9bCpZ7RemVMX%2BWzzrIXwaCFUJOzceg%2B7Xh7t788g8AfkTgdX1PJAnc8O8J0gf7c"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
0977e2d186000007420bbef000000001
cf-ray
64066d95af1f0742-FRA
impress
exchange.adtrue.com/delivery/ Frame 6466 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=17495&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=556710260&timeZone=2&adWidth=300&adHeight=250&loc=https://www.themoscowtimes.com/
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.176.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-176-195.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
226215b1b2658cf385937e2935524a1a926c0f8ca7ff6ce21b09ef7f3de61f20

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
server
nginx
x-adtrue-instance
java2
content-length
3900
content-type
application/javascript
impress
exchange.adtrue.com/delivery/ Frame 076B 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=17496&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=3923687808&timeZone=2&adWidth=728&adHeight=90&loc=https://www.themoscowtimes.com/
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.176.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-176-195.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
19d369fff4dc6ddd8e43c287f018fbf87cd4ae2f987080df89dea5967f2838f6

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
server
nginx
x-adtrue-instance
java1
content-length
3897
content-type
application/javascript
prebid.3-25.js
projectagora.net/libs/prebidv3/ Frame 985E 		363 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8135&uref=https%3A%2F%2Fwww.themoscowtimes.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3315
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
6D986B55663EEBF3
x-amz-id-2
ZhEiJOSoqiVZrX4wxw8sIKmhRs9/fBzKhQKpIUcozojKoLGYPxcreZbT4qPKiESDAw6Bn5s30vk=
last-modified
Mon, 25 Jan 2021 09:50:58 GMT
server
cloudflare
etag
W/"6d6061f12d5d98b0f63e4b52058a31b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sV8JX5nvGb1BoSLof7jVc9NvhfJOdkh7aITanNg2VXjIfd5vAx%2BN%2FyFlVxP0BmcarIHiDwj6eMkMIVKNR%2B27fo3qSPiQ9e23M%2FtkLas9EjT7fCN4dJhzS1d9nPmm"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
0977e2d187000007421e196000000001
cf-ray
64066d95af260742-FRA
integrator.js
adservice.google.pl/adsid/ Frame 2BB2 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=www.themoscowtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:807::2002 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2BB2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.themoscowtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2BB2 		42 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=793163262419640&correlator=460925675197239&output=ldjh&impl=fifs&eid=31060784%2C31060806%2C21068031%2C31060830&vrg=2021041201&ptt=17&sc=1&sfv=1-0-38&ecs=20210415&iu_parts=21671350435%2C970x90-themoscowtimes.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&cookie=ID%3D307f28d8c677a126-22d349b71fbb00b1%3AT%3D1618502858%3AS%3DALNI_May4MqeGPyI4V69rdeSOMSkMyVPaQ&cdm=www.themoscowtimes.com&bc=31&abxe=1&lmt=1618502859&dt=1618502859177&dlt=1618502858836&idt=327&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=90&oid=3&adxs=315&adys=12&adks=3938885534&ucis=js458rnssnto&ifi=1&ifk=4201021414&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&top=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90&msz=970x-1&ga_vid=2122645519.1618502858&ga_sid=1618502859&ga_hid=408389527&ga_fc=true&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9fe24a2397a0d32da09b39ce206a71135e1ad681272cf1955f7711565ff7f419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10696
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.themoscowtimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2835a58e821ed6e5b685ccc18ed52a30.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2BB2 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://2835a58e821ed6e5b685ccc18ed52a30.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 2BB2 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
ap.lijit.com/ Frame AF20 		87 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=689163&width=300&height=250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2021 20:48:41 GMT
Server
nginx
ETag
W/"60468da9-15bdc"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap6ams1
Expires
Fri, 16 Apr 2021 16:07:39 GMT
sync
ap.lijit.com/ Frame 0FA8 		87 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=689161&width=728&height=90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2021 20:48:41 GMT
Server
nginx
ETag
W/"60468da9-15bdc"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap6ams1
Expires
Fri, 16 Apr 2021 16:07:39 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A27A 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=298380&zone_id=1600890&size_id=2&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fwww.themoscowtimes.com%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=44fe28ef-a036-4500-bedd-a08abbb6c85a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2772357544108357
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e594c12dd290f3f33452c1709c242b6d4fed04ba028e5a47d0856a766ebd9be8

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:39 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://likevertising.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame A27A 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://likevertising.com
date
Thu, 15 Apr 2021 16:07:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame A27A 		138 B
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
63cf17777eabe94ea1dacaf9cd2edd1e562f2ea752aa9360b522b1db128e41f4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:39 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.216:80
AN-X-Request-Uuid
e48d5a92-21c2-4867-9d7b-9945cf36a2ab
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://likevertising.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame A27A 		0
0
translator
hbopenbid.pubmatic.com/ Frame 985E 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://likevertising.com
date
Thu, 15 Apr 2021 16:07:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 985E 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=298380&zone_id=1600878&size_id=15&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fwww.themoscowtimes.com%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=0f9d1886-5f6a-4c85-ad38-d89f7d52f5dd&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4001387274421673
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a644390d96126d131ad2d9daa1a7953f5d3faf53e0b24a0d9e918b84703b1a18

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:39 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://likevertising.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 985E 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 985E 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d4bbadb02b3e9b2acfbb98b995dd69ae411019815c85d5ae1b06efffc9721e4c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:39 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.236:80
AN-X-Request-Uuid
badd022c-ca3b-4d01-b69e-6529495c0736
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://likevertising.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adcfg
ap.lijit.com/ Frame AF20 		159 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=689163&tid=3086ea879791411c9ccba4c4da0e890addcbbe98&mode=1&dmn=www.themoscowtimes.com
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
d72383943dcb17a866117a8a638e54e5c88cdf6527212d662b255686d1f507a0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:39 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
146
adcfg
ap.lijit.com/ Frame 0FA8 		158 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=689161&tid=85269bea2c0140918b6fcb5172ab59b0275693d7&mode=1&dmn=www.themoscowtimes.com
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b9984e4598bd8474271eb63089a18a228385230df78d0943789cbf30067bccf

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:39 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
146
addelivery
ap.lijit.com/ Frame AF20 		261 B
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/addelivery?zoneid=689163&tid=a_689163_260ae7dc0f9144b69abd297e3229e2f6&cb=undefined&mode=1&flv=0.0.0&ifr=true&od=www.themoscowtimes.com&time=16%3A07%3A39&fd=1&be=sf&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&orig_loc=http%3A%2F%2Fhttps%3A%2F%2Fwww.themoscowtimes.com%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_689163_260ae7dc0f9144b69abd297e3229e2f6
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
4e34610f5a0a557d77aa519657a091b85d3331bce138acfec741202f1a9a4859

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:39 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
211
addelivery
ap.lijit.com/ Frame 0FA8 		261 B
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/addelivery?zoneid=689161&tid=a_689161_e005a1a182d940999f4f5232d41b0fbb&cb=undefined&mode=1&flv=0.0.0&ifr=true&od=www.themoscowtimes.com&time=16%3A07%3A39&fd=1&be=sf&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&orig_loc=http%3A%2F%2Fhttps%3A%2F%2Fwww.themoscowtimes.com%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_689163_260ae7dc0f9144b69abd297e3229e2f6
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
afd1c1f9d92ef486428f1ee5c447cde0899638d5592faf1db8f4297fbc60bd1f

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:39 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
210
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=8425c313-03be-47a7-8c45-5277a8cb2563&tagId=1&_=1618502857746
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=8425c313-03be-47a7-8c45-5277a8cb2563&tagId=1&_=1618502857746
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-18.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cd88e10d158ea10eacf7ed3099428e31b980b61386aac3ea56e0fe915691a459

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KHwZoXYPPkXWSr2b3Jt5lWsj2o2TRU.8
Content-Encoding
gzip
Last-Modified
Mon, 05 Apr 2021 08:49:59 GMT
Server
AmazonS3
x-amz-request-id
Q3DJDMA9XR9V5NHK
ETag
"dffab234d612bdf6445fa319730969d8"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Thu, 15 Apr 2021 16:07:39 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
37262
x-amz-id-2
lliAR36ZvWkWBmZ58PRf/Laxy0pBZImCUvSpeBzuYS1RiZQeo91Jvl2yX7SZOsFbrZE+mg4ZeRw=
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 0B13 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
108860
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 0B13 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
108860
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 0B13 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
108860
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 0B13 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
108860
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 0B13 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
108860
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
truncated
/ Frame 0B13 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f886d768ffdd37ab70cdba442ba7564cde648fd5dbe337c424bc0668800da64

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
1427872137911643474
tpc.googlesyndication.com/simgad/ Frame 0B13 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1427872137911643474?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmrz9PTeoVm1WfKbSwJZYeGiV9VqQ
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6699654f54ef8aac4a5cb821dc21fd2bc3fd5266abf7373859d0c3b4235253ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 06:52:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 09:01:50 GMT
server
sffe
age
33310
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32181
x-xss-protection
0
expires
Fri, 15 Apr 2022 06:52:29 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0B13 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
27882
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 16 Apr 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0B13 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Apr 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
60168
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 15 Apr 2021 23:24:51 GMT
l
www.google.com/ads/measurement/ Frame 0B13 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_E5WK1idXOB-JJ1e1AVBLmjfagK-eKVVGAjpRhsDHraVE-lQKfI7hPm7GiwIRXZG2Ez3ciLn3MjjuEP_6SDvXGVzyrA
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 0B13 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C8dGAy2R4YNP2Cd2T7_UPpvaE-AftqbiIYrPYxsjPDdrZHhABINbmxVhg6eTJhdgaoAGcn6_3AsgBAqkCpRgRCfqkkT7gAgCoAwHIAwiqBN0CT9DgFQp3tR8W5yVc0rFIksP5X5tlhEYHXzudJX9XxuYQs4-xcyXwBAY0_Iy5TmbWaXqjYLFnTMEeZlgdPmuml64vv702U5D9QqzZnZELGAP18uw_lSTKoL7DcO-4SJTrJTMaUdkdmEikhXmQlAyQAe2Uh3bNVymlXVijUFARr1GgoBgFA8ApMVnVLkaN4ls6bTF3FcgKU0hR8V-yrCpMqfhIaIWXf7_oixdBAuuof4YMSIux6Qp-D7kcbI_VLgvGQjLXcneeG9oeIisDbMcdpAtOW-s2F9Cl2WsbrtMmhXNFRHr_QN3tnGv-u2lXxGfMIm3uwjqOxDVZZPxQ6eVHvILbPkfoLR5CNEBddrYyGAbmxzi86DFORELvLjEsaY5mIesj0CoDgqeUbjKse-FGyi8hQY0kbvROQbeTCw93r0XlMm3QVYOqNkBmJxip4sVTL3cxVd_y4HJyYM1ZR8AE0-bc-dMD4AQBkgUECAQYAZIFBAgFGASgBgKAB8zg0IgBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELLMBtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tODc2NDg4MzUzNDM2Njg4N4AKA8gLAdgTDbIXGgoYCAASFHB1Yi0yMTI4NzU3MTY3ODEyNjYz&sigh=nRLrSLe7izU
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9FAD 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e43e061c6100d6a01b6ffbd122023100cce78ac39cce419887df22e209ce3807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6572
x-xss-protection
0
Cookie set beacon
gslbeacon.lijit.com/ Frame 6160 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
634dd91458544691251bae12100517f9ed0792d901be6d537b1da0ad8703c0f0

Request headers

Host
gslbeacon.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://likevertising.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=6e6204e5ca60dc41f216a9e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://likevertising.com/

Response headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:39 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJxd0DsSwCAIBNC7WKcA5JurZXL3RMeGLZ8DK%2FAMHjc7p2WJ1TXctytYdFk6Z2dwNxMY2uOkM4UvV1X0iv8lIQMmSvgjYaZUsIFxQ%2ByHicTPhdRpO%2FoOE%2FIU8rS6Deqt7ft%2BVy9PUA%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 15-Apr-2022 16:07:39 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 15-Apr-2022 16:07:39 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=6e6204e5ca60dc41f216a9e2;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap6ams1
containertag
ap.lijit.com/ Frame AF20 		60 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=689163&v=2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
dadc9f0a4dca0fa168d74b72947308f9c1d2986bcb16626d68fb8fbe83969fcc

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:39 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap6ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression
vap6ams1.lijit.com/addelivery/ Frame AF20 		43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap6ams1.lijit.com/addelivery/impression?bannerid=0&campaignid=232&zoneid=689163&tid=a_689163_260ae7dc0f9144b69abd297e3229e2f6
Requested by
Host: likevertising.com
URL: https://likevertising.com/counter?i=ozq8lklz3e1znpqig3c&a=212f87a9373ade82747a9703475edc401&cb=3377021618502858813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:39 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
generate
avm.avantisvideo.com/api/v1/tag/8425c313-03be-47a7-8c45-5277a8cb2563/1/desktop/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/8425c313-03be-47a7-8c45-5277a8cb2563/1/desktop/generate?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&eu=true&country=PL&hour=18
Protocol
H2
Server
35.166.225.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-225-195.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.themoscowtimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://www.themoscowtimes.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
/
events.avantisvideo.com/ 		2 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=8425c313-03be-47a7-8c45-5277a8cb2563&tagId=1&_=1618502857746
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 15 Apr 2021 16:07:40 GMT
content-length
2
content-type
text/plain
generate
avm.avantisvideo.com/api/v1/tag/8425c313-03be-47a7-8c45-5277a8cb2563/1/desktop/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/8425c313-03be-47a7-8c45-5277a8cb2563/1/desktop/generate?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&eu=true&country=PL&hour=18
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=8425c313-03be-47a7-8c45-5277a8cb2563&tagId=1&_=1618502857746
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.225.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-225-195.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
4f5ebf864c44278b720f67481dee547d7d65f1f63906ad836c3157b6d3d09fc0
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
1225
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Thu, 15 Apr 2021 16:07:39 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.themoscowtimes.com
access-control-allow-credentials
true
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9FAD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 15 Apr 2021 16:07:39 GMT
containertag
ap.lijit.com/ Frame 0FA8 		60 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=689161&v=2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
6a44adae82a577111a4db7ae22090f499a0db93fea35186ad6bfbedafc8e4465

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:39 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap6ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression
vap6ams1.lijit.com/addelivery/ Frame 0FA8 		43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap6ams1.lijit.com/addelivery/impression?bannerid=0&campaignid=232&zoneid=689161&tid=a_689161_e005a1a182d940999f4f5232d41b0fbb
Requested by
Host: likevertising.com
URL: https://likevertising.com/usync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2537&cb=8355001618502858842
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:39 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame E49F 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
108860
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E49F 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
108860
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E49F 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
108860
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E49F 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
108860
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E49F 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
108860
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E49F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
27882
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 16 Apr 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E49F 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Apr 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
60168
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 15 Apr 2021 23:24:51 GMT
truncated
/ Frame E49F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8131304acd451d215aca437deaf4c49f2eba153c7ee2f8f1ae264259d573e225

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
11629513734060213793
tpc.googlesyndication.com/simgad/ Frame E49F 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11629513734060213793?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmpMRM1oEljTZPpvaaMX-CJE8K3Yw
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5af48986a5dc10670cc6f4c69c96555b0c28515cb6d52f9e8ee5a4ecfad2674d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 06:22:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 09:01:50 GMT
server
sffe
age
35127
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32114
x-xss-protection
0
expires
Fri, 15 Apr 2022 06:22:12 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E49F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDzz-y2R4YLijDrXU7_UPzp6jkAntqbiIYvPaxsjPDdrZHhABINbmxVhg6eTJhdgaoAGcn6_3AsgBAqkCvt-lMD-ikT7gAgCoAwHIAwiqBNkCT9BcgTDx7rBMYUL4Q9cXWW_wvS_WACD_idsIeyLWmgbhF3fgBOy_XURWJ_aDbYYVcRu4Ns-DexF7R7IsuuL0dObRqGpBOs2D1Uq533QYpkZTJHS1_n8fFBS0Vsiu2QF7yMtviTjAvYefPlfWxtKSMbxoBJgq7nTBW8yxOe6oNbyDIuesh5jDuyuvfPBwMdMLwoj4Hu5Tm3Mo_jxZptpKs4lRGoR7Q4g81gpWJYb-XGydMFBEw0rkKvwhZbVqNlGvprkMKMQuexghz5GZpkyiaiz1-xSWILNHizWAFUhINPaZmSPHcGRnydz5SSU7YItBj0U43gkgRBmQ09d4QP9G_EQeoyK2I0tH2bfNxlLV6b3l_4rAL1u8w2HwdMhnarSGeQN172tg5fun3oUhsNmY2ifiIC39rrybq9f7w_AWiIYw4xweBTr_YjSmZ9Oe-DOeDRk9NKQJSuaswATT5tz50wPgBAGSBQQIBBgBkgUECAUYBKAGAoAHzODQiAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ0JIB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04NzY0ODgzNTM0MzY2ODg3gAoDyAsB2BMNshcaChgIABIUcHViLTIxMjg3NTcxNjc4MTI2NjM&sigh=5OFue_Va9U8
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2BB2 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaefa0119ba97e24147815602c2fa989f60bd3a861fa70c5309f3e842a5e35c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6574
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0B13
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Thu, 15 Apr 2021 16:07:39 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2BB2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 15 Apr 2021 16:07:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 4953 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 15 Apr 2021 16:00:21 GMT
expires
Fri, 15 Apr 2022 16:00:21 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
438
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
t.dhj
pxdrop.lijit.com/1/d/ Frame AF20 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=likevertising.com&GDPR_v2=
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:39 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Thu, 15 Apr 2021 16:07:39 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame AF20
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1512&partner_device_id=6e6204e5ca60dc41f216a9e2&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=6e6204e5ca60dc41f216a9e2&gdpr=1&gdpr_consent=
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=6e6204e5ca60dc41f216a9e2&gdpr=1&gdpr_consent=
Requested by
Host: likevertising.com
URL: https://likevertising.com/counter?i=ozq8lklz3e1znpqig3c&a=212f87a9373ade82747a9703475edc401&cb=3377021618502858813
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95

Redirect headers

date
Thu, 15 Apr 2021 16:07:39 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=6e6204e5ca60dc41f216a9e2&gdpr=1&gdpr_consent=
alt-svc
clear
content-length
0
pixel
ps.eyeota.net/ Frame AF20 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=&pid=51md42u&t=gif
Requested by
Host: likevertising.com
URL: https://likevertising.com/counter?i=ozq8lklz3e1znpqig3c&a=212f87a9373ade82747a9703475edc401&cb=3377021618502858813
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:39 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
merge
ce.lijit.com/ Frame AF20
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=6e6204e5ca60dc41f216a9e2/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent=
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=6e6204e5ca60dc41f216a9e2/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=5001&3pid=1a1a366ef5ecf2b209593665c91acd17&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=1a1a366ef5ecf2b209593665c91acd17&gdpr=1&gdpr_consent=
Requested by
Host: likevertising.com
URL: https://likevertising.com/counter?i=ozq8lklz3e1znpqig3c&a=212f87a9373ade82747a9703475edc401&cb=3377021618502858813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:39 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=1a1a366ef5ecf2b209593665c91acd17&gdpr=1&gdpr_consent=
cache-control
no-cache
x-server
10.45.0.82
content-length
0
expires
0
ct
ap.lijit.com/data/ Frame AF20 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=a_689163_260ae7dc0f9144b69abd297e3229e2f6&zoneid=689163&cid=18&geo=PL&all_tags=185%2C203%2C205%2C234%2C248%2C383%2C388%2C429%2C458%2C462%2C465%2C490%2C501%2C503%2C512%2C515%2C519%2C520%2C523%2C539%2C541%2C543%2C561%2C563%2C565%2C576%2C578%2C580%2C582%2C584%2C586%2C589%2C590&tss=133%2C133%2C134%2C137&fired_tags=519%2C520%2C541%2C590&count=4&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C1%2C8%2C8%2C1%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1&elapsed_ms=137
Requested by
Host: likevertising.com
URL: https://likevertising.com/counter?i=ozq8lklz3e1znpqig3c&a=212f87a9373ade82747a9703475edc401&cb=3377021618502858813
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:39 GMT
Server
nginx
X-Sovrn-Pod
ad_ap6ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
si
googleads.g.doubleclick.net/pagead/drt/ Frame E49F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Thu, 15 Apr 2021 16:07:39 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 0B9D 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 15 Apr 2021 16:00:21 GMT
expires
Fri, 15 Apr 2022 16:00:21 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
438
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
ps.eyeota.net/ Frame 0FA8 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=&pid=51md42u&t=gif
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:39 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
t.dhj
pxdrop.lijit.com/1/d/ Frame 0FA8 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=likevertising.com&GDPR_v2=
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:39 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Thu, 15 Apr 2021 16:07:39 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 0FA8
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1512&partner_device_id=0816e6ee7dd826d672704c5d&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=0816e6ee7dd826d672704c5d&gdpr=1&gdpr_consent=
95 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=0816e6ee7dd826d672704c5d&gdpr=1&gdpr_consent=
Requested by
Host: likevertising.com
URL: https://likevertising.com/usync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2537&cb=8355001618502858842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95

Redirect headers

date
Thu, 15 Apr 2021 16:07:39 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=0816e6ee7dd826d672704c5d&gdpr=1&gdpr_consent=
alt-svc
clear
content-length
0
merge
ce.lijit.com/ Frame 0FA8
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=0816e6ee7dd826d672704c5d/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent=
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=0816e6ee7dd826d672704c5d/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=5001&3pid=1a1a366ef5ecf2b209593665c91acd17&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=1a1a366ef5ecf2b209593665c91acd17&gdpr=1&gdpr_consent=
Requested by
Host: likevertising.com
URL: https://likevertising.com/usync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2537&cb=8355001618502858842
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:39 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=1a1a366ef5ecf2b209593665c91acd17&gdpr=1&gdpr_consent=
cache-control
no-cache
x-server
10.45.4.110
content-length
0
expires
0
ct
ap.lijit.com/data/ Frame 0FA8 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=a_689161_e005a1a182d940999f4f5232d41b0fbb&zoneid=689161&cid=18&geo=PL&all_tags=185%2C203%2C205%2C234%2C248%2C383%2C388%2C429%2C458%2C462%2C465%2C490%2C501%2C503%2C512%2C515%2C519%2C520%2C523%2C539%2C541%2C543%2C561%2C563%2C565%2C576%2C578%2C580%2C582%2C584%2C586%2C589%2C590&tss=127%2C127%2C128%2C129&fired_tags=519%2C520%2C541%2C590&count=4&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C1%2C8%2C8%2C1%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1&elapsed_ms=130
Requested by
Host: likevertising.com
URL: https://likevertising.com/usync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2537&cb=8355001618502858842
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:39 GMT
Server
nginx
X-Sovrn-Pod
ad_ap6ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js
pagead2.googlesyndication.com/bg/ Frame 4953 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 14:08:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:08:00 GMT
server
sffe
age
7165
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5721
x-xss-protection
0
expires
Fri, 15 Apr 2022 14:08:14 GMT
merge
ce.lijit.com/ Frame 6160
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AABxQk7A8MoAACj4VVqJTg&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AABxQk7A8MoAACj4VVqJTg&gdpr=1
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AABxQk7A8MoAACj4VVqJTg&gdpr=1
Date
Thu, 15 Apr 2021 16:07:40 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
merge
ce.lijit.com/ Frame 6160
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:39 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
merge
ce.lijit.com/ Frame 6160
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=6e6204e5ca60dc41f216a9e2&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=00ff6078-64cb-4100-85b9-f50803ea647b&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=00ff6078-64cb-4100-85b9-f50803ea647b&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Thu, 15 Apr 2021 16:07:43 GMT
Server
MT3 3660 495c301 master zrh-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=00ff6078-64cb-4100-85b9-f50803ea647b&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Apr 2021 16:07:42 GMT
merge
ce.lijit.com/ Frame 6160
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=875739025954424340
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=875739025954424340
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=875739025954424340
Date
Thu, 15 Apr 2021 16:07:39 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6160
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NmU2MjA0ZTVjYTYwZGM0MWYyMTZhOWUy
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NmU2MjA0ZTVjYTYwZGM0MWYyMTZhOWUy
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 15 Apr 2021 16:07:39 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NmU2MjA0ZTVjYTYwZGM0MWYyMTZhOWUy
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
tum
ums.acuityplatform.com/ Frame 6160 		0
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6160 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif
merge
ce.lijit.com/ Frame 6160
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=ac7e50ce-7b0a-497b-8b9f-34a47e9431dd
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=ac7e50ce-7b0a-497b-8b9f-34a47e9431dd
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=ac7e50ce-7b0a-497b-8b9f-34a47e9431dd
Date
Thu, 15 Apr 2021 16:07:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
reporting
ap.lijit.com/dsp/google/ Frame 6160
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NmU2MjA0ZTVjYTYwZGM0MWYyMTZhOWUy
  • https://ap.lijit.com/dsp/google/reporting
43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:40 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
238
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 6160 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.172.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
merge
ce.lijit.com/ Frame 6160
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:39 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
getuid
secure.adnxs.com/ Frame 6160 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generic
data.adsrvr.org/track/cmf/ Frame 6160 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.237.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 6160 		0
0
merge
ce.lijit.com/ Frame 6160
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=6e6204e5ca60dc41f216a9e2&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:42902b43772eb9b7f74fef86f8df35c0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:42902b43772eb9b7f74fef86f8df35c0
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:41 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 15 Apr 2021 16:07:40 GMT
server
Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:42902b43772eb9b7f74fef86f8df35c0
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-19-110.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
merge
ce.lijit.com/ Frame 6160
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=jzYATyA5oAbovpgI047v&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=jzYATyA5oAbovpgI047v&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=jzYATyA5oAbovpgI047v&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT, Thu, 15 Apr 2021 16:07:40 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
no_match_opted_out
um.simpli.fi/ Frame 6160
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1618502859718&gdpr=1&gdpr_consent=
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Apr 2021 16:07:40 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Thu, 15 Apr 2021 16:07:40 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 14 Apr 2021 16:07:40 GMT
merge
ce.lijit.com/ Frame 6160
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=o7fpAEjiu3X6&ev=1&pid=558511&gdpr_consent=&gdpr=1
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=o7fpAEjiu3X6&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:41 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=o7fpAEjiu3X6&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-qd6vz
expires
-1
iu3
aax-eu.amazon-adsystem.com/s/ Frame 6160
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:40 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 6160
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=gQTOP4EAmmSaBs00j1LUP4ENzmSaAswxg1CEfmnH
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=gQTOP4EAmmSaBs00j1LUP4ENzmSaAswxg1CEfmnH
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=gQTOP4EAmmSaBs00j1LUP4ENzmSaAswxg1CEfmnH
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C6B0 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://gslbeacon.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gslbeacon.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=66415
Expires
Fri, 16 Apr 2021 10:34:34 GMT
Date
Thu, 15 Apr 2021 16:07:39 GMT
Connection
keep-alive
Vary
Accept-Encoding
0608867b
rtb.gumgum.com/usync/ Frame EF3B 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.7.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-7-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
58314e3fda02e5543d16c3f5301a5b24267c27a8dc80e1130b7f2f367e217527

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gslbeacon.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gslbeacon.lijit.com/

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_4b3de8f1-b43a-4547-ab27-2a8351227b97; Domain=.gumgum.com; Expires=Fri, 15-Apr-2022 16:07:39 GMT; Path=/; Secure; SameSite=None
etag
W/"04a34a2e8c0d9a862565b2222deca6b38"
timing-allow-origin
*
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CBD6 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://gslbeacon.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gslbeacon.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=66415
Expires
Fri, 16 Apr 2021 10:34:34 GMT
Date
Thu, 15 Apr 2021 16:07:39 GMT
Connection
keep-alive
Vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame B3C2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_c...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&g...
776 B
810 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4f4e876999364c8ee0d92070fa9fd53487079f9b05852cb7f0083f9759c61185

Request headers

:method
GET
:authority
us-u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gslbeacon.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=9e7099d1-3eae-0ffb-0558-3605717d8012|1618502859
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gslbeacon.lijit.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=9e7099d1-3eae-0ffb-0558-3605717d8012|1618502859; Version=1; Expires=Fri, 15-Apr-2022 16:07:39 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618502859|gekin0vNiygu; Version=1; Expires=Fri, 30-Apr-2021 16:07:39 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 15 Apr 2021 16:07:39 GMT
content-type
text/html
content-length
476
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=9e7099d1-3eae-0ffb-0558-3605717d8012|1618502859; Version=1; Expires=Fri, 15-Apr-2022 16:07:39 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
date
Thu, 15 Apr 2021 16:07:39 GMT
content-length
0
via
1.1 google
alt-svc
clear
Cookie set merge
ce.lijit.com/ Frame 9C39
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=7717423280491194807&gdpr=1&gdpr_consent=
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=7717423280491194807&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689163_260ae7dc0f9144b69abd297e3229e2f6&rand=8001&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
ce.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://gslbeacon.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ctag=512:1618589259|515:1621094859|388:1621094859|580:1618589259|582:1618589259|520:1621094859|584:1618589259|234:1619712459|586:1618589259|203:1619712459|205:1618589259|589:1621094859|462:1618589259|561:1621094859|563:1621094859|565:1618589259|185:1618589259|541:1619712459; ljtrtbexp=eJxd0DsSwCAIBNC7WKcA5JurZXL3RMeGLZ8DK%2FAMHjc7p2WJ1TXctytYdFk6Z2dwNxMY2uOkM4UvV1X0iv8lIQMmSvgjYaZUsIFxQ%2ByHicTPhdRpO%2FoOE%2FIU8rS6Deqt7ft%2BVy9PUA%3D%3D; ljt_reader=6e6204e5ca60dc41f216a9e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gslbeacon.lijit.com/

Response headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:40 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
_ljtrtb_1=7717423280491194807;Path=/;Domain=.lijit.com;Expires=Fri, 15-Apr-2022 16:07:40 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 15-Apr-2022 16:07:40 GMT;Max-Age=31536000;Secure;SameSite=None ctag=512:1618589259|515:1621094859|388:1621094859|580:1618589259|582:1618589259|520:1621094859|584:1618589259|234:1619712459|586:1618589259|203:1619712459|205:1618589259|589:1621094859|462:1618589259|561:1621094859|563:1621094859|565:1618589259|185:1618589259|541:1619712459;Path=/;Domain=.lijit.com;Expires=Sat, 15-May-2021 16:07:40 GMT;Max-Age=2592000;Secure;SameSite=None ljtrtbexp=eJxd0DsSwCAIBNC7WKcA5JurZXL3RMeGLZ8DK%2FAMHjc7p2WJ1TXctytYdFk6Z2dwNxMY2uOkM4UvV1X0iv8lIQMmSvgjYaZUsIFxQ%2ByHicTPhdRpO%2FoOE%2FIU8rS6Deqt7ft%2BVy9PUA%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 15-Apr-2022 16:07:40 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=6e6204e5ca60dc41f216a9e2;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap4ams1

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
set-cookie
uid=7717423280491194807; Domain=.turn.com; Expires=Tue, 12-Oct-2021 16:07:39 GMT; Path=/; Secure; SameSite=None
location
https://ce.lijit.com/merge?pid=1&3pid=7717423280491194807&gdpr=1&gdpr_consent=
content-length
0
date
Thu, 15 Apr 2021 16:07:39 GMT
Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js
pagead2.googlesyndication.com/bg/ Frame 0B9D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 14:08:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:08:00 GMT
server
sffe
age
7165
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5721
x-xss-protection
0
expires
Fri, 15 Apr 2022 14:08:14 GMT
prebid.js
cdn.adtrue.com/pb/ Frame 076B 		257 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=17496&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=3923687808&timeZone=2&adWidth=728&adHeight=90&loc=https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 05:31:13 GMT
server
cloudflare
age
5039974
etag
W/"5f3f5c21-405dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
64066d9a2ba50609-FRA
cf-request-id
0977e2d4550000060973b32000000001
expires
Fri, 11 Feb 2022 08:08:05 GMT
ga.js
cdn-adtrue.com/track/ Frame 076B 		502 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=17496&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=3923687808&timeZone=2&adWidth=728&adHeight=90&loc=https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6e08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1141455
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0977e2d46d00004ab081b32000000001
last-modified
Fri, 02 Apr 2021 11:02:09 GMT
server
cloudflare
etag
W/"6066f9b1-1f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5C4YcXJz57zPhjpbiRwZOxy1DObzkEQF6NUH8IRjj3fiKUxQi67yahQI7PWtVmDUaaiDKRMQEz9TCnjH6S9Pdb5VIN6bgZT683UaRg76P1fmn2W2waCBsveQUQ%3D%3D"}],"group":"cf-nel"}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
64066d9a4c304ab0-FRA
expires
Mon, 28 Mar 2022 11:03:24 GMT
prebid.js
cdn.adtrue.com/pb/ Frame 6466 		257 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=17495&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=556710260&timeZone=2&adWidth=300&adHeight=250&loc=https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 05:31:13 GMT
server
cloudflare
age
5039974
etag
W/"5f3f5c21-405dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
64066d9a2bad0609-FRA
cf-request-id
0977e2d457000006096439d000000001
expires
Fri, 11 Feb 2022 08:08:05 GMT
ga.js
cdn-adtrue.com/track/ Frame 6466 		502 B
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=17495&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=556710260&timeZone=2&adWidth=300&adHeight=250&loc=https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6e08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1141455
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0977e2d46d00004ab07690a000000001
last-modified
Fri, 02 Apr 2021 11:02:09 GMT
server
cloudflare
etag
W/"6066f9b1-1f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WW%2FakkJ0hQUlEbEDS00CsL5Ee7o6a9%2BBmPzcWzTtapAJm1oiLZYsb4AORNkuQ42SXVN8vpCx8lQmfcoLinuCI%2BqPK01Qs8meaMPBEX8hJwFTlRf2E16KFcUnvw%3D%3D"}],"group":"cf-nel"}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
64066d9a4c344ab0-FRA
expires
Mon, 28 Mar 2022 11:03:24 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B05F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssnDRgngP7x59TCmwxrxCkSfEnwFMwM4fY_uSnTRQlqbImbuK-G79wjmYA3kYl-r2Po6AtoIicyj1RwhHqRDfk_Hbxmu7Mj6buNEo3Tc0&sig=Cg0ArKJSzCrkhl_31e-BEAE&id=lidar2&mcvt=1019&p=12,315,102,1285&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20210414&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=118446099&rs=4&met=ie&la=1&cr=0&osd=1&vs=4&rst=1618502858557&dlt=0&rpt=160&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame 6466 		82 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Requested by
Host: cdn-adtrue.com
URL: https://cdn-adtrue.com/track/ga.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
04f0ae81b59effb69993db3673a80a0b15d9f919f3df2a630b36dd81460721a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32712
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 15:31:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Apr 2021 16:07:39 GMT
gtm.js
www.googletagmanager.com/ Frame 076B 		82 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Requested by
Host: cdn-adtrue.com
URL: https://cdn-adtrue.com/track/ga.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
04f0ae81b59effb69993db3673a80a0b15d9f919f3df2a630b36dd81460721a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32712
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 15:31:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Apr 2021 16:07:39 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 076B 		142 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a5e865414004d708dead6c9b2a68312cec3df1151c9e2344f4854b075ae10242
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:39 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.217:80
AN-X-Request-Uuid
52732491-de5d-410d-8d28-73b567c0ac43
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://likevertising.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
142
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 076B 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://likevertising.com
date
Thu, 15 Apr 2021 16:07:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 076B 		0
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=37120487237
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://likevertising.com
date
Thu, 15 Apr 2021 16:07:39 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame 6466 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://likevertising.com
date
Thu, 15 Apr 2021 16:07:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 6466 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
6ef661a7a13e747575b380cc11d6ba532098d100611e3aa7cf1cdef8535a33a8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:40 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.101:80
AN-X-Request-Uuid
e56ef443-f5ec-4904-9a99-90a056d1f5f0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://likevertising.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 6466 		0
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=9375474858
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://likevertising.com
date
Thu, 15 Apr 2021 16:07:39 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 		2 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=8425c313-03be-47a7-8c45-5277a8cb2563&tagId=1&_=1618502857746
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:1b6::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
x-guploader-uploadid
ABg5-UzMeZiaULkAP0ByFeru75vBZJfCK1Y_xfdG1Gt5E2NZa0MY2I1bGGneJX90JPcb5-8yHsc5DIZew2ZqUvEMF9f66i83Nw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
2
last-modified
Thu, 14 May 2020 13:22:36 GMT
server
UploadServer
etag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash
crc32c=cz4mSA==
x-goog-generation
1589462556858294
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=1800
x-goog-stored-content-length
2
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 15 Apr 2021 16:37:40 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame E0D2 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=62024
Expires
Fri, 16 Apr 2021 09:21:24 GMT
Date
Thu, 15 Apr 2021 16:07:40 GMT
Connection
keep-alive
Vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ Frame 6466 		124 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38ca5bb466ab20bdcc8e3c25703c5a703f65708d6b122ad591da50a987a416c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48565
x-xss-protection
0
expires
Thu, 15 Apr 2021 16:07:40 GMT
analytics.js
www.google-analytics.com/ Frame 6466 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
4466
date
Thu, 15 Apr 2021 14:53:14 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Thu, 15 Apr 2021 16:53:14 GMT
js
www.googletagmanager.com/gtag/ Frame 076B 		128 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5e99d74099ae4fae91197bab22db6eed8d45ff5943038978d542a3649c5a6457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50406
x-xss-protection
0
expires
Thu, 15 Apr 2021 16:07:40 GMT
analytics.js
www.google-analytics.com/ Frame 076B 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
4466
date
Thu, 15 Apr 2021 14:53:14 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Thu, 15 Apr 2021 16:53:14 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 50F4 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=62024
Expires
Fri, 16 Apr 2021 09:21:24 GMT
Date
Thu, 15 Apr 2021 16:07:40 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame EF3B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=4462823264694872990
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=4462823264694872990
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.7.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-7-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:41 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:41 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.71:80
AN-X-Request-Uuid
fbd6ae55-e06f-4066-8539-5372c9a18315
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=4462823264694872990
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame EF3B 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_4b3de8f1-b43a-4547-ab27-2a8351227b97&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.172.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
syncUser
sync.outbrain.com/ Frame EF3B
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Z1Fnu1hSrhW8g60fwFdQrMJg6z3mSQzXljiCviAjNOg_22YxzImEbUiHYVYGzmFn%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_4b3de8f1-b43a-4547-ab27-2a8351227b97&obuid=ENC(Z1Fnu1hSrhW8g60fwFdQrMJg6z3mSQzXljiCviAjNOg_22YxzImEbUiHYVYGzmFn)
0
0
usersync
rtb.gumgum.com/ Frame EF3B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=bae102f8-bf3c-085a-38f5-ee00dd0ab2a9
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=bae102f8-bf3c-085a-38f5-ee00dd0ab2a9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.7.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-7-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Thu, 15 Apr 2021 16:07:40 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=bae102f8-bf3c-085a-38f5-ee00dd0ab2a9
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
sync.srv.stackadapt.com/ Frame EF3B 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.15.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:40 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync
rtb.gumgum.com/ Frame EF3B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-9uM5dMRE2pfVURt030aMHvd7.CSqsum_o9X_~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-9uM5dMRE2pfVURt030aMHvd7.CSqsum_o9X_~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.7.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-7-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Thu, 15 Apr 2021 16:07:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-9uM5dMRE2pfVURt030aMHvd7.CSqsum_o9X_~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame EF3B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=b60ec0fe-9e04-11eb-bff9-b9567abcfdd5
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=b60ec0fe-9e04-11eb-bff9-b9567abcfdd5
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.7.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-7-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=b60ec0fe-9e04-11eb-bff9-b9567abcfdd5
Date
Thu, 15 Apr 2021 16:07:42 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
b60ec0ff-9e04-11eb-bff9-b9567abcfdd5
services
sync.technoratimedia.com/ Frame EF3B 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:43 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
972390693
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame EF3B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:43 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame EF3B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4b3de8f1-b43a-4547-ab27-2a8351227b97&gdpr=1&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.7.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-7-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame EF3B
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=dc697243-71bb-4721-ba85-e57153494f64
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=dc697243-71bb-4721-ba85-e57153494f64
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.7.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-7-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=dc697243-71bb-4721-ba85-e57153494f64
date
Thu, 15 Apr 2021 16:07:43 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame EF3B
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6195468802
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6195468802
  • https://sync.1rx.io/usersync/tradedesk/a6429d93-482e-44a2-98c9-d29478d6992a
  • https://sync.targeting.unrulymedia.com/csync/RX-f7a6ffaf-c6b7-45ee-be3a-978378c8f112-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-f7a6ffaf-c6b7-45ee-be3a-978378c8f112-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-f7a6ffaf-c6b7-45ee-be3a-978378c8f112-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-f7a6ffaf-c6b7-45ee-be3a-978378c8f112-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.7.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-7-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:41 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Date
Thu, 15 Apr 2021 16:07:40 GMT
Server
Tengine
ETag
RXf7a6ffafc6b745eebe3a978378c8f112003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-f7a6ffaf-c6b7-45ee-be3a-978378c8f112-003
Connection
keep-alive
Content-Type
text/html
usersync
rtb.gumgum.com/ Frame EF3B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=pruvEd00HhIT&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=pruvEd00HhIT&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.7.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-7-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=pruvEd00HhIT&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-mtfsm
expires
-1
merge
ce.lijit.com/ Frame EF3B 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=36&3pid=e_4b3de8f1-b43a-4547-ab27-2a8351227b97
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:41 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame F61A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=00ff6078-64cb-4100-85b9-f50803ea647b&gdpr=1&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=00ff6078-64cb-4100-85b9-f50803ea647b&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.7.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-7-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=00ff6078-64cb-4100-85b9-f50803ea647b&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_4b3de8f1-b43a-4547-ab27-2a8351227b97
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Thu, 15 Apr 2021 16:07:43 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3660 495c301 master zrh-pixel-x29
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=00ff6078-64cb-4100-85b9-f50803ea647b&gdpr=1&gdpr_consent=
Expires
Thu, 15 Apr 2021 16:07:42 GMT
usersync
rtb.gumgum.com/ Frame 6963
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YHhkzQAAHM8Z2QAC
  • https://rtb.gumgum.com/usersync?b=atm&i=YHhkzQAAHM8Z2QAC&gdpr=1&gdpr_consent=&_test=YHhkzQAAHM8Z2QAC
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YHhkzQAAHM8Z2QAC&gdpr=1&gdpr_consent=&_test=YHhkzQAAHM8Z2QAC
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.7.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-7-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YHhkzQAAHM8Z2QAC&gdpr=1&gdpr_consent=&_test=YHhkzQAAHM8Z2QAC
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_4b3de8f1-b43a-4547-ab27-2a8351227b97
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 15 Apr 2021 16:07:41 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YHhkzQAAHM8Z2QAC&gdpr=1&gdpr_consent=&_test=YHhkzQAAHM8Z2QAC
accept-ranges
bytes
date
Thu, 15 Apr 2021 16:07:41 GMT
via
1.1 varnish
x-served-by
cache-hhn4072-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1618502862.641711,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0DBA 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80YjNkZThmMS1iNDNhLTQ1NDctYWIyNy0yYTgzNTEyMjdiOTc=&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV80YjNkZThmMS1iNDNhLTQ1NDctYWIyNy0yYTgzNTEyMjdiOTc=&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlcmDfFp97K1gyUXcMWqv2WNP0WLfgHdgKu3gfvwK4z2foRefeaQ90xFBwtlNo; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Thu, 15 Apr 2021 16:07:40 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8839 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=66414
Expires
Fri, 16 Apr 2021 10:34:34 GMT
Date
Thu, 15 Apr 2021 16:07:40 GMT
Connection
keep-alive
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 03B7 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.237.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method
GET
:authority
match.adsrvr.org
:scheme
https
:path
/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame 1EE8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Thu, 15 Apr 2021 16:07:46 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame C70C
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YHhk0MCo8ZIAABtiirsAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YHhk0MCo8ZIAABtiirsAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.7.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-7-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YHhk0MCo8ZIAABtiirsAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 15 Apr 2021 16:07:44 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:44 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YHhk0MCo8ZIAABtiirsAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
3
X-SO-HostName
a-ad40152.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng46.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":62,"gdpr":true,"ipv4":"0.0.0.0","key":"YHhk0MCo8ZIAABtiirsAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40152"}
X-SO-Key
YHhk0MCo8ZIAABtiirsAAAAA
X-SO-IP
194.110.114.148
X-SO-Cluster-ID
62
X-SO-Upstream-ID
a-ad40152
usersync
rtb.gumgum.com/ Frame C125
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=875739025954424340
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=875739025954424340
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.7.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-7-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=875739025954424340
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_4b3de8f1-b43a-4547-ab27-2a8351227b97
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Thu, 15 Apr 2021 16:07:40 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAADvEyGtoZmhhamBkYWppaWq4SgzONzMwNDUHAFBD-XggAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 10 May 2022 16:07:40 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSsjA3NTe2NDAytTQ1MTEyMTYxEOIz1I038fD19kyLMg7MLpHiNTQztDA1MLIwtbQ0NQQA9hKtnjMAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 10 May 2022 16:07:40 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSsjA3NTe2NDAytTQ1MTEyMTYxEOIz1I038fD19kyLMg7MLgEAvKrH1CQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=875739025954424340
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame C669
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=jzYATyA5oAbovpgI047v&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=jzYATyA5oAbovpgI047v&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.7.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-7-203.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=jzYATyA5oAbovpgI047v&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_4b3de8f1-b43a-4547-ab27-2a8351227b97
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Thu, 15 Apr 2021 16:07:40 GMT Thu, 15 Apr 2021 16:07:40 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=jzYATyA5oAbovpgI047v&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
merge
ce.lijit.com/ Frame B3C2 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=21327848-7d9d-0a01-1832-484b6deb8cbd&gdpr=1&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame B3C2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=00ff6078-64cb-4100-85b9-f50803ea647b
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=00ff6078-64cb-4100-85b9-f50803ea647b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 15 Apr 2021 16:07:43 GMT
Server
MT3 3660 495c301 master zrh-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=00ff6078-64cb-4100-85b9-f50803ea647b
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Apr 2021 16:07:42 GMT
sd
us-u.openx.net/w/1.0/ Frame B3C2
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=z8EUhM_FQN_UwxePwZcOhM_IFN_UxxaKzZW85EwU
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=z8EUhM_FQN_UwxePwZcOhM_IFN_UxxaKzZW85EwU
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=z8EUhM_FQN_UwxePwZcOhM_IFN_UxxaKzZW85EwU
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame B3C2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1095297685178457468
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1095297685178457468
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:41 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:41 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1095297685178457468
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame B3C2 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=4ddca688-9729-300c-5f8e-feed155ab3ef&gdpr=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.237.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B3C2 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjFiMzc1NDItNWU1ZS02ZWE4LTRhNmUtYTQ1NGRmYjg3ZDhm
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B3C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIOOQS9UEH3OOu00HN4fhXg&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIOOQS9UEH3OOu00HN4fhXg&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIOOQS9UEH3OOu00HN4fhXg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
passback.js
cdn.adtrue.com/rtb/ Frame 20D2 		753 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
age
14125719
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
64066d9befe70609-FRA
cf-request-id
0977e2d571000006093ca79000000001
expires
Fri, 29 Oct 2021 04:19:01 GMT
passback.js
cdn.adtrue.com/rtb/ Frame E67B 		753 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
age
14125719
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
64066d9beff60609-FRA
cf-request-id
0977e2d5760000060922a54000000001
expires
Fri, 29 Oct 2021 04:19:01 GMT
avcplayer.js
player.avplayer.com/script/2/2.57/ 		220 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.57/avcplayer.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=8425c313-03be-47a7-8c45-5277a8cb2563&tagId=1&_=1618502857746
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5325781b1a73ef6f6d0b3e0b9eea6503d647a60400f4951e0eaf566de60fa21f

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzxI-mXi01Dk2Mkpxi5hTbS-9co8cmXpcqn-aRVOMc_MIy1-cF-LeIGK42UqqGMGvVTk-O5ZUAAQ-hWDBnI_w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
54288
last-modified
Sun, 24 Jan 2021 10:15:39 GMT
server
UploadServer
etag
"ff6052612d4aeed57f9ee69bf4259e70"
vary
Accept-Encoding
x-goog-hash
crc32c=uIbd6Q==, md5=/2BSYS1K7tV/nuab9CWecA==
content-language
en
x-goog-generation
1611483339139872
cache-control
public, max-age=300
x-goog-stored-content-length
54288
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 15 Apr 2021 16:12:40 GMT
passback
exchange.adtrue.com/tag/ Frame E67B 		251 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=17496&divid=70446072&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.176.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-176-195.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
81c6252fcdefa91de8fe4774beb814434f984e06563ffe512fc9ee24b75c4afc

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
server
nginx
content-length
251
content-type
application/javascript
passback
exchange.adtrue.com/tag/ Frame 20D2 		300 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=17495&divid=1046291191&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.176.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-176-195.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
26b4e73ffd535f79b0a83d7f845e10a5f90848743309f0dfa61f214bf4cb0410

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
server
nginx
content-length
300
content-type
application/javascript
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FAD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041401&jk=2383873915121824&bg=!5Oel56PNAAb2K53n9is7ACkAdvg8WpBAXJ4RspL4tupuHtHVs0_2CmAfV8YLiIJgQ5LVdWnoMuuh4AIAAAElUgAAAFNoAQcKARhJPOM1aKRFSXIr2qO6ZpkXLAU5CpNcq7WZQwiqmeXzhQfVcaLrmPwVlseFkuM8UVDst5_6jkIR1Zbw-7m7B4nxT1bWfT07kU5z5BqUKod7UxqHvJs-WDF6gsdubBZry4yEkIabuwZObzv3kn13oF0orrljqGa2W0CD0t_AVPWfPJY2CapAfOx7Ch54r_q8fAvo1N4-HBXLy8SBCDYoqMLGN8yTGnhWvTFvffCwV-WE8Lywy86SFMq3ZJjPNmjFnkCoitcO3mMZkaeWf5Tsj-xuy9O9ZfNowFt0nvkS9J1czMeJIi6vFicvyRX7RSF98G2H-FYu2KSndrLrSPKYgzfRFra6bAhGIbxg74B3cDZ7PP0lyc888TY0mQIZHAgGLmR7iIgjJfH1LYfI5qdaaFB4lOtKtuKfbeHj4zwz4sthkwfrsIXgo0mFke-GlXL6rZd7j1x1cwLtlH_qbgpEER3UI7BBKeJsuS8pnSijVN0AyXX3xUOJ7vdeM-mpapQqq6KcRiibuZ5TlmB8didrgP2e88RFyPKlC-LoN3pF6lbSQsANLT8QyWTPwkRGTrk9fySIZBj17OZryHABmXnyF5GGJ_4HRKcExjca1zjHngy5uH5pVRubH8MVlTIN9EUU9hTYO3b0ad1IpJ9gfcl-0lJzph1sSxo_C9EISo1t0jAjUCf7_YffaY-cAo8VcLKu33hQLOKNMTq2j0kS8BhZm349jcKG7ZHO6hPYVCGz2y-zT0lWTdwFasTj0fTj9rRyiR88wak8xVg5xTMMtV2Z4uFWdFEItoSwPIqytWCSOyBluw_6yuD0a9auBlM6RQW9IhcMWGhME71Ig3E5NgAfEqBuI5YVlpxa-7gpvN6A_vrA-4Dg_OikMZ1zF4QEcg8c2_8L-3gTqsF8JYv4cdVXrAV2hr9qnDMT7RKAniW4vk4SLAwTF8zPqLEZtsafN1GjbWS0RKMcgQuKQAbRWh8j39hqk7hyoi_RPoypbUxqjeBZvtRmv-plqEPtS8dXplvlqna8b6AIUHAGwOoJHdLuEzEciFLTi0gH12-j4HpnYWDDOToyUpL5FN6t9Sm7AAN9wLkmtCv5
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E0D2 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=27512411&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:43 GMT
Content-Length
0
ins.txt
static.avantisvideo.com/data/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/ins.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=8425c313-03be-47a7-8c45-5277a8cb2563&tagId=1&_=1618502857746
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2b3e556c347b4b792d6a6216a3a90c461175d0e3d41c4b60079e4201eb33dd3

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Apr 2021 16:07:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Mar 2021 15:06:29 GMT
Server
AmazonS3
x-amz-request-id
2EEV8Q0W561RF1T3
ETag
"82dff1f073c71c30478b78ba11b19d37"
Vary
Accept-Encoding
Content-Type
text/plain
Access-Control-Allow-Origin
*
CDN-Origin-Protocol
HTTP
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
1184
x-amz-id-2
FZCiFiAEDFs9GeW+BzGVepBlK+4RpGJgZC3d7hmuAwv48U+mqkJajh2uo0mO/RLHPiVHeziOFO4=
showad.js
ads.pubmatic.com/AdServer/js/ Frame FA8E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=62024
Expires
Fri, 16 Apr 2021 09:21:24 GMT
Date
Thu, 15 Apr 2021 16:07:40 GMT
Connection
keep-alive
Vary
Accept-Encoding
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame 0D37 		335 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=604626c997bd7e08ad5db135
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.57/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:1b6::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
34b165d9cdfcd24c7b73f0c195f1d87607224bddf3131eecc013c5c7bd6e178c

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UwW1z6ycsgYo_UosX4XKJw61w72ThGHMGtBv6eo94sa9C-tEFI9Ew4JzNsjzYe14ZnSYZutJMYgMqIuVyvlnr8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
96803
last-modified
Tue, 13 Apr 2021 08:45:24 GMT
server
UploadServer
etag
"6f19073c543ddbbe8f1644ade265fc81"
vary
Accept-Encoding
x-goog-hash
crc32c=8CI7JA==, md5=bxkHPFQ9276PFkSt4mX8gQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1618303524042608
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
96803
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 15 Apr 2021 16:12:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BB2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041201&jk=793163262419640&bg=!jY6ljsrNAAb2K53n9is7ACkAdvg8WkN_Bp-wTGF1x4qDVoCmgnbcPro-VkUvaD-upDP3fuaPWRG4egIAAAFhUgAAACJoAQcKAUkvgrQ9k7EQJ62AtG6QLBn648PRFhN63b4YgcVui5WDeTdBSg9SNtZRz1HO6Y4Vf34BSE2TwTUL2y6OaP1cRyUCoa18Gv3z2eFAijI2qZIXssjl8PdJA8X7zahYFko0KOjuIY274Hchj9FuQ9NtdZGAJKSbY0YogMxHXODikCYwdgOhgmQWt515NnLKT5Tz8r5c84ZWUa2z414hSekhzdd4-l4snzC_YVQSiGGpbRudAdx3QZNAx5Y8paWfgejwmojrxYTB9dDy17KVRyeoFcNmGHV6g-eeCotjQx8rv3pUAYtmsZQR8lVpKO4Tl1mMcc5CIq7ayogD6mGUmghTqbBWggIa6O6QJLnMUpkZ0LFVDOh4AeLdi9LF5VItpTftOM4bu2iAA8QYAmpULA9-phijDfQhK_5so_YrNq1XK3gQ2Dvs404fQqJjvZkCHSmRGjGD1bSQIkExKZFB2uO-NVpGp50sCfUSGZuS6E7i8YhSKwCOL0PiJBYt7cy9Qgf1_uJ1Wwk0GzK8AZQd_twDeDDr-hHohB8ZYbbdqKfHKUcgxienzJM8IubWQz3NkFtqepHZFWJaupmJ3e4-ZSIDaDZXvAmOEtpPSziJRDXj0jo4FrSiAERRhHUT9GHjVhA0KkueM8e_OugNl22woScc30nBjUa1fiy4xjCUfqo5W8ra9YeC0BfMML3BfrjscapE31JS_CF4Id418d6fi3XRGV9RbXkQzSch-kOquFoiJeMKpY0ePRJN8jWViEI0iJrTM7pmBcNm7avAYAryLdsYlcPDRYfTnx5Ru0pcZrBKvt5B7XNo14hbB2YNbzI0sgiba2G49jpI0pxr0FeR5rezGMTFv4-DZhGynv98on8Ek738LC4oebKQvuukTQg3ljnyiyIMe9L58ArYDp9jo2_X9-1u299P3tKchkBQv8_E8Ndzn5NuLdRbmaOZvinigbOWplU5lzCIm0PvBh0GBYvEVq4LbqCsJ-UKKlyjgZjQD6J_02aOSyNp352KMEOdVi4u9-1ktKxI1h1CmaiyjlVW6pA0BEOF_XIeFxJFiPmMVhJ1zW1DPvhvvpkXORwq88B5XY-XH7PAizdZ1JkKZFDEjgtjeMmKYw5PRB-SFJ2RaJmZi9zYkzIta4YXIomm8eBhhaMDWL7laxXWq5M
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.mp4
content.avantisvideo.com/verticals/entertainment_0/8425c313-03be-47a7-8c45-5277a8cb2563/1/desktop/ 		39 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://content.avantisvideo.com/verticals/entertainment_0/8425c313-03be-47a7-8c45-5277a8cb2563/1/desktop/0.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.themoscowtimes.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
LdV4hTZe3K5UvkUr_wBVWT2pWPWR8_Bq
Last-Modified
Sun, 21 Feb 2021 16:44:00 GMT
Server
AmazonS3
x-amz-request-id
X0DA44PBF231M6BM
ETag
"b7c80d695da308dfcb3fce151fadcec1-2"
Content-Type
video/mp4
Content-Range
bytes 0-20836812/20836813
CDN-Origin-Protocol
HTTP
Date
Thu, 15 Apr 2021 16:07:40 GMT
X-Forward-Proto
http
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
20836813
x-amz-id-2
5SnZVvfAwDh9AxYnNs4h3Ufj5HAB+82m5uIUjxlmD9JDbZq/3BJL/n0VI8iudeAHbWXNl4UF9eU=
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.themoscowtimes.com&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&apppkg=&fv=3&proto=https&pid=604626c997bd7e08ad5db135&cid=6047808ee8ec6c084f16823c&e=inventory&vi=100&cb=1618502860337
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.104.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&AV_VIDEOURL=https%3A%2F%2Fcontent.avantisvideo.com%2Fverticals%2Fentertainment_0%2F8425c313-03be-47a7-8c45-5277a8cb2563%2F1%2Fdesktop%2F0.mp4&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=604626c997bd7e08ad5db135&AV_CHANNELID=6047808ee8ec6c084f16823c&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.themoscowtimes.com&AV_DADPOS=3&v=6.1.1.243&avtoken=860337&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1618502860349
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=604626c997bd7e08ad5db135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.93.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
3eadaff3c3d89ebf2637205f2b04ff72fd17626274cc120f663c5b5d2c4b97b1

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:41 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.themoscowtimes.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Sun, 04 Apr 2021 02:21:01 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=8425c313-03be-47a7-8c45-5277a8cb2563&tagId=1&_=1618502857746
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 15 Apr 2021 16:07:40 GMT
content-length
2
content-type
text/plain
av.png
static.avantisvideo.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.avantisvideo.com/images/av.png
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56b6c683af43ba8e6ffe99d52fb35f9932c9a409493ed46eb40fd6e696fa24f0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:40 GMT
Last-Modified
Mon, 25 Jan 2021 10:20:27 GMT
Server
AmazonS3
x-amz-request-id
V58NBT9W3D8WR5VM
ETag
"b8ce0fbf2e3e2f4f74cffe16c3b65adf"
Content-Type
image/png
Access-Control-Allow-Origin
*
CDN-Origin-Protocol
HTTP
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
1986
x-amz-id-2
TtRC2RP44U+Gl2/qUyhRoENlxJs5wMYUtnROBADENKrjwAaWbDdFz1yMMk99cevOgLO4bJhlbxY=
0.mp4
content.avantisvideo.com/verticals/entertainment_0/8425c313-03be-47a7-8c45-5277a8cb2563/1/desktop/ 		540 KB
541 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://content.avantisvideo.com/verticals/entertainment_0/8425c313-03be-47a7-8c45-5277a8cb2563/1/desktop/0.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4663ab292093f1473e98233fed0c2390c3466d19833603e6354f4d3d067065cb

Request headers

Referer
https://www.themoscowtimes.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=20283392-

Response headers

x-amz-version-id
LdV4hTZe3K5UvkUr_wBVWT2pWPWR8_Bq
Last-Modified
Sun, 21 Feb 2021 16:44:00 GMT
Server
AmazonS3
x-amz-request-id
X0DA44PBF231M6BM
ETag
"b7c80d695da308dfcb3fce151fadcec1-2"
Content-Type
video/mp4
Content-Range
bytes 20283392-20836812/20836813
CDN-Origin-Protocol
HTTP
Date
Thu, 15 Apr 2021 16:07:40 GMT
X-Forward-Proto
http
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
553421
x-amz-id-2
5SnZVvfAwDh9AxYnNs4h3Ufj5HAB+82m5uIUjxlmD9JDbZq/3BJL/n0VI8iudeAHbWXNl4UF9eU=
world-health-day.gif
cdn-adtrue.com/statics/images/psa/ Frame E67B 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-adtrue.com/statics/images/psa/world-health-day.gif
Requested by
Host: likevertising.com
URL: https://likevertising.com/send?i=b2q9ssvr0rctu7elxrne&a=42995271e73e9db492ff35b40498d85b7&cb=9326051618502858844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6e08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53bfa8917121f9afec4c3c0a3ff270c81a8d90116c720adc7dcbfc9c7fc497ae

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
13863650
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26616
cf-request-id
0977e2d7c200004ab08d1ef000000001
last-modified
Thu, 25 Jun 2020 02:50:22 GMT
server
cloudflare
etag
"5ef410ee-67f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LM9Fli2zIzevKKzbsHQ4f%2FyoEQdcAXII8qQQ8XtKLSEv8AoSZpmMUaLWT7yjW5xaYmHEpIQ1aZBps2D93qLwF3ruV1DZtTZLBEltnMR1NDcxSSLy4DCBNUweAg%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
64066d9f99e14ab0-FRA
expires
Mon, 01 Nov 2021 05:06:50 GMT
socialmedia4.tmb-479v.png
www.who.int/images/default-source/campaigns/world-immunization-week/wiw-2020/ Frame 20D2 		112 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.who.int/images/default-source/campaigns/world-immunization-week/wiw-2020/socialmedia4.tmb-479v.png?sfvrsn=937d8af2_6
Requested by
Host: likevertising.com
URL: https://likevertising.com/user?i=ozq8lklz3e1znpqig3c&a=4f4a4c72e5d91df7438c43d8a6ef40cd5&cb=3565061618502858819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:70bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c4a860a38885b7b7b6536fd9394ff66499092b651f172b4ed01f2574f5c8322f
Security Headers
Name Value
Content-Security-Policy default-src 'self' player.4am.ch polyfill.io services.arcgis.com www.googleadservices.com assets.sitescdn.net *.nativechat.com *.addthis.com static.hotjar.com app.powerbi.com dc.services.visualstudio.com wabi-north-europe-redirect.analysis.windows.net pbipdfapp.azurewebsites.net content.powerapps.com visuals.azureedge.net gis.azureedge.net pbi.azureedge.net *.who.int m.addthis.com liveapi-cached.yext.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com liveapi.yext.com answers.yext-pixel.com westeurope.tts.speech.microsoft.com wabi-north-europe-redirect.analysis.windows.net pbipdfapp.azurewebsites.net who.cloudflareaccess.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: www.youtube.com public.tableau.com *.googleapis.com *.nativechat.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com *.sharethis.com connect.facebook.net ajax.aspnetcdn.com cdnjs.cloudflare.com www.clarity.ms https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org s7.addthis.com kendo.cdn.telerik.com www.googletagmanager.com z.moatads.com v1.addthisedge.com cdnjs.cloudflare.com www.who.int polyfill.io kendo.cdn.telerik.com *.googletagmanager.com *.pingdom.net *.jwpcdn.com *.doubleclick.net assets.sitescdn.net whosearch.searchblox.com *.msecnd.net tagmanager.google.com static.hotjar.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com script.hotjar.com assets.pinterest.com apps.who.int m.addthis.com npmcdn.com script.hotjar.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.nativechat.com *.sharethis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com cdnjs.cloudflare.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com use.fontawesome.com www.who.int player.4am.ch whosearch.searchblox.com tagmanager.google.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com *.nativechat.com *.sharethis.com netdna.bootstrapcdn.com data: use.fontawesome.com www.who.int player.4am.ch whosearch.searchblox.com script.hotjar.com app.powerbi.com pbi.azureedge.net; img-src 'self' data: *.gstatic.com *.googleapis.com *.nativechat.com *.sharethis.com *.google-analytics.com platform.tumblr.com www.clarity.ms web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://apps.who.int https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com stats.g.doubleclick.net *.who.int yt3.ggpht.com i.ytimg.com addthis.com *.googleusercontent.com googletagmanager.com script.hotjar.com www.addthis.com log.pinterest.com whosearch.searchblox.com app.powerbi.com pbi.azureedge.net kendo.cdn.telerik.com; media-src 'self' terrance.who.int data: blob: *.who.int; frame-src 'self' player.vimeo.com html5-player.libsyn.com *.nativechat.com public.tableau.com experience.arcgis.com www.facebook.com s7.addthis.com www.youtube.com platform.twitter.com *.who.int *.doubleclick.net docs.google.com syndication.twitter.com *.sitefinity.cloud player.4am.ch *.sharethis.mgr.consensu.org *.google.com vars.hotjar.com youtube-nocookie.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com assets.pinterest.com www.youtube-nocookie.com vars.hotjar.com app.powerbi.com pbi.azureedge.net wabi-north-europe-g-primary-redirect.analysis.windows.net; frame-ancestors app.powerbi.com pbi.azureedge.net *.who.int; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ *.nativechat.com https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com www.who.int; connect-src 'self' stats.g.doubleclick.net accounts.google.com https://*.dec.sitefinity.com *.nativechat.com *.mktoresp.com *.who.int www.clarity.ms services.arcgis.com dc.services.visualstudio.com whosearch.searchblox.com *.google-analytics.com smartsuggest.searchblox.com m.addthis.com liveapi-cached.yext.com liveapi.yext.com answers.yext-pixel.com wss://westeurope.tts.speech.microsoft.com in.hotjar.com wss://*.hotjar.com *.hotjar.com vc.hotjar.io app.powerbi.com pbi.azureedge.net pbipdfapp.azurewebsites.net wabi-north-europe-redirect.analysis.windows.net; object-src app.powerbi.com pbi.azureedge.net pbipdfapp.azurewebsites.net wabi-north-europe-redirect.analysis.windows.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-aspnet-version
4.0.30319
age
6571965
cf-polished
origSize=114402
content-disposition
inline; filename=socialmedia4.png
x-instance-name
RD0003FF1A74B8
vary
Accept-Encoding
content-length
114369
x-xss-protection
1; mode=block
request-context
appId=cid-v1:7d90af53-a640-4c9a-9d36-1c3f84f71f51
x-frame-options
SAMEORIGIN
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 19 Jan 2021 11:20:21 GMT
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-allow-origin
*
cf-bgj
imgq:85,h2pri
access-control-expose-headers
Request-Context
cache-control
public, max-age=7776000, s-maxage=7776000
content-security-policy
default-src 'self' player.4am.ch polyfill.io services.arcgis.com www.googleadservices.com assets.sitescdn.net *.nativechat.com *.addthis.com static.hotjar.com app.powerbi.com dc.services.visualstudio.com wabi-north-europe-redirect.analysis.windows.net pbipdfapp.azurewebsites.net content.powerapps.com visuals.azureedge.net gis.azureedge.net pbi.azureedge.net *.who.int m.addthis.com liveapi-cached.yext.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com liveapi.yext.com answers.yext-pixel.com westeurope.tts.speech.microsoft.com wabi-north-europe-redirect.analysis.windows.net pbipdfapp.azurewebsites.net who.cloudflareaccess.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: www.youtube.com public.tableau.com *.googleapis.com *.nativechat.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com *.sharethis.com connect.facebook.net ajax.aspnetcdn.com cdnjs.cloudflare.com www.clarity.ms https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org s7.addthis.com kendo.cdn.telerik.com www.googletagmanager.com z.moatads.com v1.addthisedge.com cdnjs.cloudflare.com www.who.int polyfill.io kendo.cdn.telerik.com *.googletagmanager.com *.pingdom.net *.jwpcdn.com *.doubleclick.net assets.sitescdn.net whosearch.searchblox.com *.msecnd.net tagmanager.google.com static.hotjar.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com script.hotjar.com assets.pinterest.com apps.who.int m.addthis.com npmcdn.com script.hotjar.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.nativechat.com *.sharethis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com cdnjs.cloudflare.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com use.fontawesome.com www.who.int player.4am.ch whosearch.searchblox.com tagmanager.google.com; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com *.nativechat.com *.sharethis.com netdna.bootstrapcdn.com data: use.fontawesome.com www.who.int player.4am.ch whosearch.searchblox.com script.hotjar.com app.powerbi.com pbi.azureedge.net; img-src 'self' data: *.gstatic.com *.googleapis.com *.nativechat.com *.sharethis.com *.google-analytics.com platform.tumblr.com www.clarity.ms web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://apps.who.int https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com stats.g.doubleclick.net *.who.int yt3.ggpht.com i.ytimg.com addthis.com *.googleusercontent.com googletagmanager.com script.hotjar.com www.addthis.com log.pinterest.com whosearch.searchblox.com app.powerbi.com pbi.azureedge.net kendo.cdn.telerik.com; media-src 'self' terrance.who.int data: blob: *.who.int; frame-src 'self' player.vimeo.com html5-player.libsyn.com *.nativechat.com public.tableau.com experience.arcgis.com www.facebook.com s7.addthis.com www.youtube.com platform.twitter.com *.who.int *.doubleclick.net docs.google.com syndication.twitter.com *.sitefinity.cloud player.4am.ch *.sharethis.mgr.consensu.org *.google.com vars.hotjar.com youtube-nocookie.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com assets.pinterest.com www.youtube-nocookie.com vars.hotjar.com app.powerbi.com pbi.azureedge.net wabi-north-europe-g-primary-redirect.analysis.windows.net; frame-ancestors app.powerbi.com pbi.azureedge.net *.who.int; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ *.nativechat.com https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com www.who.int; connect-src 'self' stats.g.doubleclick.net accounts.google.com https://*.dec.sitefinity.com *.nativechat.com *.mktoresp.com *.who.int www.clarity.ms services.arcgis.com dc.services.visualstudio.com whosearch.searchblox.com *.google-analytics.com smartsuggest.searchblox.com m.addthis.com liveapi-cached.yext.com liveapi.yext.com answers.yext-pixel.com wss://westeurope.tts.speech.microsoft.com in.hotjar.com wss://*.hotjar.com *.hotjar.com vc.hotjar.io app.powerbi.com pbi.azureedge.net pbipdfapp.azurewebsites.net wabi-north-europe-redirect.analysis.windows.net; object-src app.powerbi.com pbi.azureedge.net pbipdfapp.azurewebsites.net wabi-north-europe-redirect.analysis.windows.net;
cf-request-id
0977e2d6ac00004e9e2aa21000000001
accept-ranges
bytes
cf-ray
64066d9ddf674e9e-FRA
expires
Fri, 23 Apr 2021 13:45:25 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=8425c313-03be-47a7-8c45-5277a8cb2563&tagId=1&_=1618502857746
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 15 Apr 2021 16:07:40 GMT
content-length
2
content-type
text/plain
0.mp4
content.avantisvideo.com/verticals/entertainment_0/8425c313-03be-47a7-8c45-5277a8cb2563/1/desktop/ 		704 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://content.avantisvideo.com/verticals/entertainment_0/8425c313-03be-47a7-8c45-5277a8cb2563/1/desktop/0.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.themoscowtimes.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=32768-

Response headers

x-amz-version-id
LdV4hTZe3K5UvkUr_wBVWT2pWPWR8_Bq
Last-Modified
Sun, 21 Feb 2021 16:44:00 GMT
Server
AmazonS3
x-amz-request-id
X0DA44PBF231M6BM
ETag
"b7c80d695da308dfcb3fce151fadcec1-2"
Content-Type
video/mp4
Content-Range
bytes 32768-20836812/20836813
CDN-Origin-Protocol
HTTP
Date
Thu, 15 Apr 2021 16:07:40 GMT
X-Forward-Proto
http
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
20804045
x-amz-id-2
5SnZVvfAwDh9AxYnNs4h3Ufj5HAB+82m5uIUjxlmD9JDbZq/3BJL/n0VI8iudeAHbWXNl4UF9eU=
activeview
pagead2.googlesyndication.com/pcs/ Frame 0B13 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIcK51I3-IL6TEKY2c0B_4f9NIeT5PdKh-y753krA3belE0tczCsNExw5L0KE-aIR0cvI-y79G6jUWIUNHKfTmX1AiTKLyxsxIUO8VVnECIVJ6gtSqr2EX6EaucA&sai=AMfl-YQYEbJKvsf24Fcq8PpzO8ZvcpLq_0SaM4e40_z7C6DCW-_w7-8tNAVGFib_uI3boc4dfPfTIcVwvV4jxAscnXtHH570ujnlr6Vfqqt_BrHYo_VYs7v3CSR477Y&sig=Cg0ArKJSzFebUh39XMZJEAE&cid=CAASF-RoK0hUvJbq34UNBcbgpPZ33vJgUqFW&id=ampim&o=1158,491&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=172&tls=1172&g=99.95625019073486&h=99.95625019073486&tt=1172&r=v&avms=ampa&adk=2351213819
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E49F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaqEy7nmw0L8glkDQwcK5pb3HVm6_8eoqxlqVh9Shq9dQXTFKvPgvczGEdMMNNbYAApesOSfRja88hejC16v57b1h6kmeOgPg4jT9ccYrQBg-xktSoh0dA8AGqJw&sai=AMfl-YQtGSIYBbhdjrqHR4sMPhtvr4R_q2uN8oLXtm__6AqdstxKSizAzlhqPJQKFu07RSyGqQjw4BPrvn_6qoLIpBeA78QXaDQJVk2MjMGZuLA0qV6qbGeNBfIcCv4&sig=Cg0ArKJSzClD7eVK45ivEAE&cid=CAASF-Rop1lFBPN79NOs_pjMFRh5_dNuIOjW&id=ampim&o=315,12&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=139&tls=1139&g=100&h=100&tt=1139&r=v&avms=ampa&adk=3938885534
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 076B 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 16 Apr 2021 16:07:40 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 6466 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:40 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 16 Apr 2021 16:07:40 GMT
syncframe
gum.criteo.com/ Frame C4CE 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.themoscowtimes.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.themoscowtimes.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://likevertising.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://likevertising.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1508
date
Thu, 15 Apr 2021 16:07:41 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 076B 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:41 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 16 Apr 2021 16:07:41 GMT
syncframe
gum.criteo.com/ Frame 4F72 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.themoscowtimes.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.themoscowtimes.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://likevertising.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://likevertising.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1449
date
Thu, 15 Apr 2021 16:07:40 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 6466 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:41 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 16 Apr 2021 16:07:41 GMT
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame 4394 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8136&uref=https%3A%2F%2Fwww.themoscowtimes.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6f04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:41 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
9DB6F29C93290A96
x-amz-id-2
smen8jySdsd4AujDn3B4ucWjVUiGc8ht7RHzxsFJTxwWckWkguL9DrRr9SztX81tRaS79iryEvE=
last-modified
Tue, 27 Oct 2020 14:01:47 GMT
server
cloudflare
etag
W/"388809d00c3186d72408292dde1dfc83"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WaoNIEyJuc9ODqryYXgTHGR9oxBNPN22TC2jqpwU8PZA4A9m%2BQ3IaJLDf0BKTvuPeJr7u7etRIDoOkKOhqunOCtfMVfihtMrOQV2KWgrlAdO3GR5affXDHBxaEqas%2Fjc9Q%3D%3D"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
0977e2d9c8000096ce4aa04000000001
cf-ray
64066da2dc4396ce-FRA
/
projectagora-483829-hdb.adomik.com/ Frame A27A 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNTc3OGY5NDktZWM2MS00ZmVkLTgzZmEtOWQzNWNlZDkyMjIzIiwiaG9zdG5hbWUiOiJsaWtldmVydGlzaW5nLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IlJVQklDT04ifSx7ImJpZGRlciI6IlJVQklDT04ifSx7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fV19&id=5778f949-ec61-4fed-83fa-9d35ced92223&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.18.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 15 Apr 2021 16:07:41 GMT
Server
nginx
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame 10FE 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8135&uref=https%3A%2F%2Fwww.themoscowtimes.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6f04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:41 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
9DB6F29C93290A96
x-amz-id-2
smen8jySdsd4AujDn3B4ucWjVUiGc8ht7RHzxsFJTxwWckWkguL9DrRr9SztX81tRaS79iryEvE=
last-modified
Tue, 27 Oct 2020 14:01:47 GMT
server
cloudflare
etag
W/"388809d00c3186d72408292dde1dfc83"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hgIrDvpk7xZf9GtKoeMnMNjJ7zV1gA8Qz808qJ6h8CONOOq94fzb3Pcwq65tXivNSAVMPjq17%2BMmyhmoP6nMsWXWXogk06MIVm2ljvKg6p55OSAPAAETaS6SFtdOrwuvLQ%3D%3D"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
0977e2d9cc000096ce6fbae000000001
cf-ray
64066da2dc4796ce-FRA
/
projectagora-483829-hdb.adomik.com/ Frame 985E 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNDQzZmUwYmUtNTc3NS00OWMxLWJmZWUtYmM5MGNlOTRkNzFhIiwiaG9zdG5hbWUiOiJsaWtldmVydGlzaW5nLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiUlVCSUNPTiJ9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=443fe0be-5775-49c1-bfee-bc90ce94d71a&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.18.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 15 Apr 2021 16:07:41 GMT
Server
nginx
loader.js
cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/ Frame 4394 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/loader.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d61&cb=8973771618502858839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
obaker.93.1.2-11.42.4 /
Resource Hash
251117e0b7ab6fab6a206a2f30abaee6cb60b5e88e5aa8c213dff426c0131e48

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
enlQAi.acZVpxgCahJvVlKx1nMhLfNn.
content-encoding
gzip
etag
"b3efee1d17adda0dae6a20d99b18b5246a01ee49"
age
6117
via
1.1 varnish
x-cache
HIT
x-from-cache
1
content-length
19605
x-amz-id-2
R/PzESRcD7FAuK57J4Z7zU7/S0cSmkEMAJKkKQLiqmrPAPj3/FKD3gatmIUKx0dzzliALvvvQAA=
x-served-by
cache-hhn11537-HHN
last-modified
Thu, 15 Apr 2021 12:34:25 UTC
server
obaker.93.1.2-11.42.4
x-timer
S1618502862.652208,VS0,VE1
date
Thu, 15 Apr 2021 16:07:41 GMT
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
8DCJRCJEKHD182TX
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
13
x-cache-hits
1
loader.js
cdn.taboola.com/libtrc/themoscowtimes300x250gr-r18604356/ Frame 10FE 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/themoscowtimes300x250gr-r18604356/loader.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=8239531618502858817
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
obaker.93.1.2-11.42.4 /
Resource Hash
0e8c6fdc527e520487e90b0bc954267fe827c1bc09614da1e734b5783c15f693

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5h2g_Fc8.YknClrjxuLZJ3oMAqwo_4lf
content-encoding
gzip
etag
"769a48fefb1855c6305a2fc7d60d359b9b315728"
age
8793
via
1.1 varnish
x-cache
HIT
x-from-cache
1
content-length
19605
x-amz-id-2
52nJg5mMPKTyxvjOziGaOFLfVcjAFDWRoszds1eMnEp6sAyjyduj7h6Gzz1GSN2ZYNaAkazIkyg=
x-served-by
cache-hhn11537-HHN
last-modified
Thu, 15 Apr 2021 13:41:08 UTC
server
obaker.93.1.2-11.42.4
x-timer
S1618502862.652125,VS0,VE1
date
Thu, 15 Apr 2021 16:07:41 GMT
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
C2W89SXPV3Y14WNQ
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
13
x-cache-hits
1
impl.20210414-6-RELEASE.js
cdn.taboola.com/libtrc/ Frame 10FE 		480 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes300x250gr-r18604356/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
5c1c30811521e2a8e3f1f66d6e550b2d48a250cd11b81223180c9b3fb2f29c3b

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vs9zfjmj52qQCvZeDRMgkTHl2EUEsIHE
content-encoding
br
etag
"e2aa74824e227f919caf68a3ad379b8a"
age
25888
x-cache
HIT
content-length
112566
x-amz-id-2
8sX7ROG8Ywr4W/GQb+5O7U2IaUiPl2BzaJapdsLBu9dHudwfjbB9E0zysf16Cc4pz3TEYGLX824=
x-served-by
cache-hhn11537-HHN
last-modified
Wed, 14 Apr 2021 08:54:43 GMT
server
AmazonS3-br
x-timer
S1618502862.737555,VS0,VE0
date
Thu, 15 Apr 2021 16:07:41 GMT
vary
Accept-Encoding
x-amz-request-id
5N55FMRHEZ39CMVJ
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
9
x-cache-hits
169000
impl.20210414-6-RELEASE.js
cdn.taboola.com/libtrc/ Frame 4394 		480 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
5c1c30811521e2a8e3f1f66d6e550b2d48a250cd11b81223180c9b3fb2f29c3b

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vs9zfjmj52qQCvZeDRMgkTHl2EUEsIHE
content-encoding
br
etag
"e2aa74824e227f919caf68a3ad379b8a"
age
25888
x-cache
HIT
content-length
112566
x-amz-id-2
8sX7ROG8Ywr4W/GQb+5O7U2IaUiPl2BzaJapdsLBu9dHudwfjbB9E0zysf16Cc4pz3TEYGLX824=
x-served-by
cache-hhn11537-HHN
last-modified
Wed, 14 Apr 2021 08:54:43 GMT
server
AmazonS3-br
x-timer
S1618502862.757189,VS0,VE0
date
Thu, 15 Apr 2021 16:07:41 GMT
vary
Accept-Encoding
x-amz-request-id
5N55FMRHEZ39CMVJ
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
9
x-cache-hits
169001
json
trc.taboola.com/themoscowtimes300x250gr-r18604356/trc/3/ Frame 10FE 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themoscowtimes300x250gr-r18604356/trc/3/json?tim=18%3A07%3A41.849&lti=deflated&data=%7B%22id%22%3A929%2C%22ii%22%3A%22%2Fasync_usersync%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1618391635625%2C%22vi%22%3A1618502861847%2C%22cv%22%3A%2220210414-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flikevertising.com%2Fasync_usersync%3Fi%3Dozq8lklz3e1znpqig3c%26a%3D87a35e76bc314113496756222bdcb5fa3%26cb%3D8239531618502858817%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22qs%22%3A%22%3Fi%3Dozq8lklz3e1znpqig3c%26a%3D87a35e76bc314113496756222bdcb5fa3%26cb%3D8239531618502858817%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2218604356%22%2C%22orig_uip%22%3A%2218604356%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c15577ceeb31161c66bc1969e8cc695f061de962872a8c3f035580aec80246f7

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
124
date
Thu, 15 Apr 2021 16:07:42 GMT
content-encoding
gzip
server
nginx
x-timer
S1618502862.884375,VS0,VE124
x-served-by
cache-hhn11537-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://likevertising.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame 10FE 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b80f9996f4ee83ac7e0cdc7b04f9e4150a90d41bbf901e7ea4a646d53f334a92

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
k0fLHolrULeyflnSHDHGwfQ5cxCVyM94
content-encoding
gzip
etag
"03de8465cf9a5b82f8bf06944d4a54bc"
age
5301
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4635
x-amz-id-2
n0fs0aPjHQZ717aN6pHqjdafdagMI/X2oD473Xn8JdFmnM8xoLNWv04vNqSOrRPlh5LHWAghvv8=
x-served-by
cache-hhn11537-HHN
last-modified
Tue, 13 Apr 2021 14:38:50 GMT
server
AmazonS3
x-timer
S1618502862.064876,VS0,VE0
date
Thu, 15 Apr 2021 16:07:42 GMT
vary
Accept-Encoding
x-amz-request-id
ZZF2F7YZGKDR2BAV
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
9
x-cache-hits
61984
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 10FE 		2 KB
1015 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
4733
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by
cache-hhn11537-HHN
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1618502862.064796,VS0,VE0
date
Thu, 15 Apr 2021 16:07:42 GMT
vary
Accept-Encoding
x-amz-request-id
CR4E2RJ6SANDVYVF
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
9
x-cache-hits
56056
tfa-eid.20210414-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 10FE 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210414-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes300x250gr-r18604356/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b2738076279a02dfda00b02f8ee435e9cebb77b535a6b9dfe21b5523a5cde08

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mcil7LLvHShbJAYM25abSAt5ko2HvoSo
content-encoding
gzip
etag
"f0c15c57ffc1f0a46194c879c6386fe4"
age
26
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4857
x-amz-id-2
v5Ibq2600YiONR7MaKjsx0SsWN3JTRD52AsNpHUhfuIOpkdHdG9indW48CnS9JFF6L2y6pTjImg=
x-served-by
cache-hhn11537-HHN
last-modified
Wed, 14 Apr 2021 09:09:32 GMT
server
AmazonS3
x-timer
S1618502862.071036,VS0,VE0
date
Thu, 15 Apr 2021 16:07:42 GMT
vary
Accept-Encoding
x-amz-request-id
72FQCTBEEM77ZQS1
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
9
x-cache-hits
277
sha256.20210414-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 10FE 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210414-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes300x250gr-r18604356/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7a91e8ae78a2017b775f76cad66241ca3c2728228866622dc90cad71144e245

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FCaRxwcW3MLlXzgVX9HQNSiyqGkGeGF_
content-encoding
gzip
etag
"449a15420f4bd41326d0ce1cb3e3252f"
age
17
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
/fVS9G43oGlBjDh7W8lNMwAz/oem2yxojB0zPihiFGUPaXLwNGA4p9d0kdzsaRjM3PZxpd+CR4U=
x-served-by
cache-hhn11537-HHN
last-modified
Wed, 14 Apr 2021 09:09:42 GMT
server
AmazonS3
x-timer
S1618502862.071203,VS0,VE0
date
Thu, 15 Apr 2021 16:07:42 GMT
vary
Accept-Encoding
x-amz-request-id
FRPMTZM1YCZQKJHZ
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
9
x-cache-hits
156
userx.20210414-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 10FE 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210414-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes300x250gr-r18604356/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75bda79381d0f3e8fef483deb525dbbb64997a751a33e3901f3e62bc555501df

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
AB5kaFHgjUzYaSgXhghd6SMiz6ooDCVp
content-encoding
gzip
etag
"4dee943d9af8f930facd1ec702b5266b"
age
7
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7856
x-amz-id-2
urU9COxwtiuiB4uz1lO56EVkmVboMnMmnNM0RY1SB51LRkaZcs2S1tm+RTZouhYEPct48bnbYbE=
x-served-by
cache-hhn11537-HHN
last-modified
Wed, 14 Apr 2021 09:09:28 GMT
server
AmazonS3
x-timer
S1618502862.082884,VS0,VE0
date
Thu, 15 Apr 2021 16:07:42 GMT
vary
Accept-Encoding
x-amz-request-id
4KDN0BQFYB3QY2Q0
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
9
x-cache-hits
9
cookiesyncendpoint
sync.aniview.com/ Frame 919C
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1618502861963-956140594381-032059-009-006646%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1618502861963-956140594381-032059-009-006646&biddername=55&key=4462823264694872990
0
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1618502861963-956140594381-032059-009-006646&biddername=55&key=4462823264694872990
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=604626c997bd7e08ad5db135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.118.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1618502861963-956140594381-032059-009-006646&biddername=55&key=4462823264694872990
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1618502861963-956140594381-032059-009-006646
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

date
Thu, 15 Apr 2021 16:07:42 GMT
content-length
0
set-cookie
2_C_55=4462823264694872990; Path=/; Domain=aniview.com; Expires=Thu, 22 Apr 2021 16:07:42 GMT; Secure; SameSite=None 2_C_55=4462823264694872990; Path=/; Expires=Thu, 22 Apr 2021 16:07:42 GMT; Secure; SameSite=None

Redirect headers

Server
nginx/1.17.9
Date
Thu, 15 Apr 2021 16:07:42 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1618502861963-956140594381-032059-009-006646&biddername=55&key=4462823264694872990
AN-X-Request-Uuid
2a7cce20-4cf7-4ee5-98bb-6efc0de7009f
Set-Cookie
uuid2=4462823264694872990; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 14-Jul-2021 16:07:42 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.232:80
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=21002496&referrer=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&us_privacy=1---&cbb=8502862070&imp_id=c93915a6-675a-44a3-9e8c-304e26354c25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=604626c997bd7e08ad5db135
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:42 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.134:80
AN-X-Request-Uuid
c2b348d8-2bf7-4ef1-b638-9ba347c8b179
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.themoscowtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=21002488&referrer=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&us_privacy=1---&cbb=8502862073&imp_id=c93915a6-675a-44a3-9e8c-304e26354c25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=604626c997bd7e08ad5db135
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:42 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.232:80
AN-X-Request-Uuid
862fc947-543e-4be8-beb5-70f18a3fcdca
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.themoscowtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=21006675&referrer=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&us_privacy=1---&cbb=8502862074&imp_id=c93915a6-675a-44a3-9e8c-304e26354c25
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=604626c997bd7e08ad5db135
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:42 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.110:80
AN-X-Request-Uuid
ccd2a576-d28d-4a44-b6d7-e0c91edc78b0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.themoscowtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame 0D37 		267 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=604626c997bd7e08ad5db135
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:1b6::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
518b76ad95502ba636b444205d27674749f915eb19173e249ce44ff64871a9cd

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:42 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UyeO8Giv9OcsYsUv9c7K7H6TQ7GaDZJVb3dALPiSUTRMjyO2m6xBkQiqenfqn7AkZ-bLP2qgirxKZyWKTBm8_Ywk9A_gQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
86063
last-modified
Tue, 13 Apr 2021 08:44:42 GMT
server
UploadServer
etag
"e578acf6f5ac4617e9d7471496ae0dfa"
vary
Accept-Encoding
x-goog-hash
crc32c=FTi8jQ==, md5=5Xis9vWsRhfp10cUlq4N+g==
content-language
en
access-control-allow-origin
*
x-goog-generation
1618303482556708
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
86063
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 15 Apr 2021 16:12:42 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.themoscowtimes.com&rs=www.themoscowtimes.com&sid=95557&t=1618502861&cip=194.110.114.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=604626c997bd7e08ad5db135&test=&aafaid=&proto=https&uid=1618502861963-956140594381-032059-009-006646&cha=0.7&cb=9821309113&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&ppid=604626c997bd7e08ad5db135&nid=59918a0e073ef4782e4e347f&pcid=6047808ee8ec6c084f16823c&ncid=5d4aab3928a06112b42d3a48&pasid=6047816113ad1b01ec7818d4&e=request&cb=1618502862077&asid=602001c46e67f25d741a755e%2C60200035bbc5d169984bcaeb%2C6021442b63a5fd0bc74fdbe4%2C601ffe5bf5b153761b23202c%2C601ffe4f00211b5e301f6d47%2C5fc394f62ce5ac7003598e0e&ofpr=%2C%2C%2C0.22%2C0.17%2C0.95&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.104.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
94a620e063a970f7874b8da697990474.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 10FE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94a620e063a970f7874b8da697990474.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bcfd592fabb7a4441be50809247b946279fbcf03c730fd66b553a37f2ffb9174

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 15 Apr 2021 16:07:42 GMT
via
1.1 varnish, 1.1 varnish
age
2347081
edge-cache-tag
322648653175037379240207699956225834719,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94a620e063a970f7874b8da697990474.jpg
content-length
4750
x-request-id
02437e7ddab4e7afdadb6fef7516b1d1
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Thu, 11 Mar 2021 13:16:19 GMT
server
nginx
x-timer
S1618502862.128785,VS0,VE0
etag
"473f7c3f1c5e9ac6f6270e0bf9c8f688"
x-served-by
cache-wdc5544-WDC, cache-dca17754-DCA, cache-hhn11537-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 5
openrtb
ads.adaptv.advertising.com/rtb/ 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.15.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-15-110.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themoscowtimes.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
mvo
tag.1rx.io/rmp/216693/0/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216693/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.themoscowtimes.com
Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:42 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Apr 2021 16:07:42 GMT
X-SpotX-Timing-Transform
0.000321
X-SpotX-Timing-SpotMarket
0.017630
X-SpotX-Timing-Page-Mux
0.001154
X-SpotX-Timing-Page-Require
0.000478
X-fe
085
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000036
X-SpotX-Timing-Page
0.023629
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000522
Last-Modified
Thu, 15 Apr 2021 16:07:42 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.017630
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.themoscowtimes.com
X-SpotX-Timing-Page-Misc
0.003473
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
94a620e063a970f7874b8da697990474.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 10FE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94a620e063a970f7874b8da697990474.jpg
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=8239531618502858817
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bcfd592fabb7a4441be50809247b946279fbcf03c730fd66b553a37f2ffb9174

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 15 Apr 2021 16:07:42 GMT
via
1.1 varnish, 1.1 varnish
age
2347081
edge-cache-tag
322648653175037379240207699956225834719,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94a620e063a970f7874b8da697990474.jpg
content-length
4750
x-request-id
02437e7ddab4e7afdadb6fef7516b1d1
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Thu, 11 Mar 2021 13:16:19 GMT
server
nginx
x-timer
S1618502862.201959,VS0,VE0
etag
"473f7c3f1c5e9ac6f6270e0bf9c8f688"
x-served-by
cache-wdc5544-WDC, cache-dca17754-DCA, cache-hhn11537-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 6
json
trc.taboola.com/themoscowtimes728x90gr-r18604579/trc/3/ Frame 4394 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themoscowtimes728x90gr-r18604579/trc/3/json?tim=18%3A07%3A42.386&lti=deflated&data=%7B%22id%22%3A904%2C%22ii%22%3A%22%2Fasync_usersync%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1618391617615%2C%22vi%22%3A1618502862386%2C%22cv%22%3A%2220210414-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flikevertising.com%2Fasync_usersync%3Fi%3Db2q9ssvr0rctu7elxrne%26a%3D6965507efc6b22ad0bb46f9e614d09d61%26cb%3D8973771618502858839%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22qs%22%3A%22%3Fi%3Db2q9ssvr0rctu7elxrne%26a%3D6965507efc6b22ad0bb46f9e614d09d61%26cb%3D8973771618502858839%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2218604579%22%2C%22orig_uip%22%3A%2218604579%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0a3ccdc2e37592452acf2a9542e98903fa5fd0780f8467df3c63ef5f7755c5a6

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
123
date
Thu, 15 Apr 2021 16:07:42 GMT
content-encoding
gzip
server
nginx
x-timer
S1618502862.414309,VS0,VE123
x-served-by
cache-hhn11537-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://likevertising.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=8425c313-03be-47a7-8c45-5277a8cb2563&tagId=1&_=1618502857746
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 15 Apr 2021 16:07:42 GMT
content-length
2
content-type
text/plain
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=21002496&referrer=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&us_privacy=1---&cbb=8502862432&imp_id=e58e93f8-a3a6-4299-a2d0-4bce6075e11f
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=604626c997bd7e08ad5db135
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:42 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.234:80
AN-X-Request-Uuid
c5eac4ca-8327-4710-954b-fc53cf45e782
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.themoscowtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=21002488&referrer=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&us_privacy=1---&cbb=8502862432&imp_id=e58e93f8-a3a6-4299-a2d0-4bce6075e11f
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=604626c997bd7e08ad5db135
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:42 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.100:80
AN-X-Request-Uuid
ef746ee3-eca4-4dda-8adf-f45754784bda
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.themoscowtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=21006675&referrer=https%3A%2F%2Fwww.themoscowtimes.com%2F2021%2F04%2F15%2Fexplainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607&us_privacy=1---&cbb=8502862432&imp_id=e58e93f8-a3a6-4299-a2d0-4bce6075e11f
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=604626c997bd7e08ad5db135
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:42 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.13:80
AN-X-Request-Uuid
435c5402-f6e4-429a-bf07-94a99e6c084b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.themoscowtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.themoscowtimes.com&rs=www.themoscowtimes.com&sid=95557&t=1618502861&cip=194.110.114.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=604626c997bd7e08ad5db135&test=&aafaid=&proto=https&uid=1618502861963-956140594381-032059-009-006646&cha=0.7&cb=9821309113&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&ppid=604626c997bd7e08ad5db135&nid=59918a0e073ef4782e4e347f&pcid=6047808ee8ec6c084f16823c&ncid=5d4aab3928a06112b42d3a48&pasid=6047816113ad1b01ec7818d4&e=request&cb=1618502862433&asid=602001c46e67f25d741a755e%2C60200035bbc5d169984bcaeb%2C6021442b63a5fd0bc74fdbe4%2C601ffe5bf5b153761b23202c%2C601ffe4f00211b5e301f6d47%2C5fc394f62ce5ac7003598e0e&ofpr=%2C%2C%2C0.22%2C0.17%2C0.95&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.104.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
openrtb
ads.adaptv.advertising.com/rtb/ 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.15.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-15-110.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.themoscowtimes.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Apr 2021 16:07:42 GMT
X-SpotX-Timing-Transform
0.000824
X-SpotX-Timing-SpotMarket
0.005029
X-SpotX-Timing-Page-Mux
0.001680
X-SpotX-Timing-Page-Require
0.000593
X-fe
085
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000037
X-SpotX-Timing-Page
0.012093
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000500
Last-Modified
Thu, 15 Apr 2021 16:07:42 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005029
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.themoscowtimes.com
X-SpotX-Timing-Page-Misc
0.003411
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000018
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mvo
tag.1rx.io/rmp/216693/0/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216693/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.themoscowtimes.com
Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:42 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame 4394 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b80f9996f4ee83ac7e0cdc7b04f9e4150a90d41bbf901e7ea4a646d53f334a92

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
k0fLHolrULeyflnSHDHGwfQ5cxCVyM94
content-encoding
gzip
etag
"03de8465cf9a5b82f8bf06944d4a54bc"
age
5302
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4635
x-amz-id-2
n0fs0aPjHQZ717aN6pHqjdafdagMI/X2oD473Xn8JdFmnM8xoLNWv04vNqSOrRPlh5LHWAghvv8=
x-served-by
cache-hhn11537-HHN
last-modified
Tue, 13 Apr 2021 14:38:50 GMT
server
AmazonS3
x-timer
S1618502863.590451,VS0,VE0
date
Thu, 15 Apr 2021 16:07:42 GMT
vary
Accept-Encoding
x-amz-request-id
ZZF2F7YZGKDR2BAV
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
9
x-cache-hits
61989
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 4394 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
4733
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by
cache-hhn11537-HHN
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1618502863.590425,VS0,VE0
date
Thu, 15 Apr 2021 16:07:42 GMT
vary
Accept-Encoding
x-amz-request-id
CR4E2RJ6SANDVYVF
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
9
x-cache-hits
56061
tfa-eid.20210414-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 4394 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210414-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b2738076279a02dfda00b02f8ee435e9cebb77b535a6b9dfe21b5523a5cde08

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mcil7LLvHShbJAYM25abSAt5ko2HvoSo
content-encoding
gzip
etag
"f0c15c57ffc1f0a46194c879c6386fe4"
age
27
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4857
x-amz-id-2
v5Ibq2600YiONR7MaKjsx0SsWN3JTRD52AsNpHUhfuIOpkdHdG9indW48CnS9JFF6L2y6pTjImg=
x-served-by
cache-hhn11537-HHN
last-modified
Wed, 14 Apr 2021 09:09:32 GMT
server
AmazonS3
x-timer
S1618502863.592436,VS0,VE0
date
Thu, 15 Apr 2021 16:07:42 GMT
vary
Accept-Encoding
x-amz-request-id
72FQCTBEEM77ZQS1
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
9
x-cache-hits
280
sha256.20210414-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 4394 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210414-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7a91e8ae78a2017b775f76cad66241ca3c2728228866622dc90cad71144e245

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FCaRxwcW3MLlXzgVX9HQNSiyqGkGeGF_
content-encoding
gzip
etag
"449a15420f4bd41326d0ce1cb3e3252f"
age
18
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
/fVS9G43oGlBjDh7W8lNMwAz/oem2yxojB0zPihiFGUPaXLwNGA4p9d0kdzsaRjM3PZxpd+CR4U=
x-served-by
cache-hhn11537-HHN
last-modified
Wed, 14 Apr 2021 09:09:42 GMT
server
AmazonS3
x-timer
S1618502863.592597,VS0,VE0
date
Thu, 15 Apr 2021 16:07:42 GMT
vary
Accept-Encoding
x-amz-request-id
FRPMTZM1YCZQKJHZ
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
9
x-cache-hits
159
userx.20210414-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 4394 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210414-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75bda79381d0f3e8fef483deb525dbbb64997a751a33e3901f3e62bc555501df

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
AB5kaFHgjUzYaSgXhghd6SMiz6ooDCVp
content-encoding
gzip
etag
"4dee943d9af8f930facd1ec702b5266b"
age
7
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7856
x-amz-id-2
urU9COxwtiuiB4uz1lO56EVkmVboMnMmnNM0RY1SB51LRkaZcs2S1tm+RTZouhYEPct48bnbYbE=
x-served-by
cache-hhn11537-HHN
last-modified
Wed, 14 Apr 2021 09:09:28 GMT
server
AmazonS3
x-timer
S1618502863.597512,VS0,VE0
date
Thu, 15 Apr 2021 16:07:42 GMT
vary
Accept-Encoding
x-amz-request-id
4KDN0BQFYB3QY2Q0
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
9
x-cache-hits
13
94a620e063a970f7874b8da697990474.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4394 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94a620e063a970f7874b8da697990474.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36177f96b96ff11c802d5ae7813f3a35c9e1f25d4133e92ba4fba6d80c4d6baf

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 15 Apr 2021 16:07:42 GMT
via
1.1 varnish, 1.1 varnish
age
3054563
edge-cache-tag
322648653175037379240207699956225834719,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94a620e063a970f7874b8da697990474.jpg
content-length
1864
x-request-id
2dea1fb4f93d43ebc56f38db01ea5c8a
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Mon, 08 Feb 2021 08:18:24 GMT
server
nginx
x-timer
S1618502863.606683,VS0,VE0
etag
"c7e6d2a9a1615ee9a0d69ba258320fe3"
x-served-by
cache-wdc5572-WDC, cache-dca17765-DCA, cache-hhn11537-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 117
ad99f4307e86cacc895a8743ec179dde.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4394 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad99f4307e86cacc895a8743ec179dde.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bab6f5488c2590937d75e8bd2123d8c7ce4bac9efac2aeb3c49233bc064701c1

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 15 Apr 2021 16:07:42 GMT
via
1.1 varnish, 1.1 varnish
age
1497866
edge-cache-tag
569084115366710949867294456770874787518,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad99f4307e86cacc895a8743ec179dde.jpg
content-length
4020
x-request-id
8a424545d62607f087cee7023a504f62
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Mon, 29 Mar 2021 07:40:35 GMT
server
nginx
x-timer
S1618502863.607008,VS0,VE1
etag
"6a1e4df54d27ec4302a0e895280d7b68"
x-served-by
cache-wdc5520-WDC, cache-dca17741-DCA, cache-hhn11537-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
adc21f7066dac6b1851ae66330c961fb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4394 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/adc21f7066dac6b1851ae66330c961fb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2d2fd5c206948b85731f955339475f7324634c77e329df40d4e5081cd717862f

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 15 Apr 2021 16:07:42 GMT
via
1.1 varnish, 1.1 varnish
age
1795662
edge-cache-tag
572795343128392998432697375928758053877,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/adc21f7066dac6b1851ae66330c961fb.jpg
content-length
3662
x-request-id
0481544d24766395cced38ab66de7dab
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Tue, 09 Mar 2021 12:02:24 GMT
server
nginx
x-timer
S1618502863.609231,VS0,VE1
etag
"1317e346bbee571be9bc6f56b8f025ea"
x-served-by
cache-wdc5565-WDC, cache-dca17731-DCA, cache-hhn11537-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=8425c313-03be-47a7-8c45-5277a8cb2563&tagId=1&_=1618502857746
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 15 Apr 2021 16:07:42 GMT
content-length
2
content-type
text/plain
94a620e063a970f7874b8da697990474.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4394 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94a620e063a970f7874b8da697990474.jpg
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d61&cb=8973771618502858839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36177f96b96ff11c802d5ae7813f3a35c9e1f25d4133e92ba4fba6d80c4d6baf

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 15 Apr 2021 16:07:42 GMT
via
1.1 varnish, 1.1 varnish
age
3054563
edge-cache-tag
322648653175037379240207699956225834719,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94a620e063a970f7874b8da697990474.jpg
content-length
1864
x-request-id
2dea1fb4f93d43ebc56f38db01ea5c8a
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Mon, 08 Feb 2021 08:18:24 GMT
server
nginx
x-timer
S1618502863.662602,VS0,VE0
etag
"c7e6d2a9a1615ee9a0d69ba258320fe3"
x-served-by
cache-wdc5572-WDC, cache-dca17765-DCA, cache-hhn11537-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 118
ad99f4307e86cacc895a8743ec179dde.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4394 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad99f4307e86cacc895a8743ec179dde.jpg
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d61&cb=8973771618502858839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bab6f5488c2590937d75e8bd2123d8c7ce4bac9efac2aeb3c49233bc064701c1

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 15 Apr 2021 16:07:42 GMT
via
1.1 varnish, 1.1 varnish
age
1497866
edge-cache-tag
569084115366710949867294456770874787518,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad99f4307e86cacc895a8743ec179dde.jpg
content-length
4020
x-request-id
8a424545d62607f087cee7023a504f62
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Mon, 29 Mar 2021 07:40:35 GMT
server
nginx
x-timer
S1618502863.685825,VS0,VE0
etag
"6a1e4df54d27ec4302a0e895280d7b68"
x-served-by
cache-wdc5520-WDC, cache-dca17741-DCA, cache-hhn11537-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
adc21f7066dac6b1851ae66330c961fb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4394 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/adc21f7066dac6b1851ae66330c961fb.jpg
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d61&cb=8973771618502858839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2d2fd5c206948b85731f955339475f7324634c77e329df40d4e5081cd717862f

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 15 Apr 2021 16:07:42 GMT
via
1.1 varnish, 1.1 varnish
age
1795662
edge-cache-tag
572795343128392998432697375928758053877,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/adc21f7066dac6b1851ae66330c961fb.jpg
content-length
3662
x-request-id
0481544d24766395cced38ab66de7dab
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Tue, 09 Mar 2021 12:02:24 GMT
server
nginx
x-timer
S1618502863.698211,VS0,VE0
etag
"1317e346bbee571be9bc6f56b8f025ea"
x-served-by
cache-wdc5565-WDC, cache-dca17731-DCA, cache-hhn11537-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a6429d93-482e-44a2-98c9-d29478d6992a&_origin=1&gdpr=1&gdpr_consent=
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=a6429d93-482e-44a2-98c9-d29478d6992a&_origin=1&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:43 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=a6429d93-482e-44a2-98c9-d29478d6992a&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPb5b88af4-9e04-11eb-a448-06ee44d609ba
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBiNWI4OGFmNC05ZTA0LTExZWItYTQ0OC0wNmVlNDRkNjA5YmE%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEInUOENjekigPGYnqyHIT1s&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEInUOENjekigPGYnqyHIT1s&google_cver=1&apid=UPb5b99c28-9e04-11eb-b2be-060b42c4039e
0
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEInUOENjekigPGYnqyHIT1s&google_cver=1&apid=UPb5b99c28-9e04-11eb-b2be-060b42c4039e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:43 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEInUOENjekigPGYnqyHIT1s&google_cver=1&apid=UPb5b99c28-9e04-11eb-b2be-060b42c4039e
date
Thu, 15 Apr 2021 16:07:43 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/55986/sync?uid=YHhkzQAAHM8Z2QAC&_origin=0&gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/55986/sync?uid=YHhkzQAAHM8Z2QAC&_origin=0&gdpr=0&gdpr_consent=&verify=true
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YHhkzQAAHM8Z2QAC&_origin=0&gdpr=0&gdpr_consent=&apid=UPb5b99c28-9e04-11eb-b2be-060b42c4039e
0
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YHhkzQAAHM8Z2QAC&_origin=0&gdpr=0&gdpr_consent=&apid=UPb5b99c28-9e04-11eb-b2be-060b42c4039e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:43 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YHhkzQAAHM8Z2QAC&_origin=0&gdpr=0&gdpr_consent=&apid=UPb5b99c28-9e04-11eb-b2be-060b42c4039e
date
Thu, 15 Apr 2021 16:07:43 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bulk
trc.taboola.com/themoscowtimes300x250gr-r18604356/log/3/ Frame 10FE 		0
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themoscowtimes300x250gr-r18604356/log/3/bulk?route=IL%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
68
pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
via
1.1 varnish
server
nginx
x-timer
S1618502863.107696,VS0,VE68
x-served-by
cache-hhn11537-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://likevertising.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/themoscowtimes300x250gr-r18604356/log/3/ Frame 10FE 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themoscowtimes300x250gr-r18604356/log/3/visible?route=IL%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
68
pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
via
1.1 varnish
server
nginx
x-timer
S1618502863.111588,VS0,VE68
x-served-by
cache-hhn11537-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://likevertising.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6F80 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://likevertising.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=4462823264694872990; anj=dTM7k!M4/8CxrEQF']wIg2C$Mt(7f8!@wnf-Te9(>wL5L!!'!T$N)r<; icu=ChgIz5I0EAoYASABKAEwzMnhgwY4AUABSAEKGAjYpkQQChgBIAEoATDLyeGDBjgBQAFIAQoYCPbNYhAKGAIgAigCMM7J4YMGOAJAAkgCEM7J4YMGGAM.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://likevertising.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 12 Apr 2021 05:51:57 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 15 Apr 2021 16:07:43 GMT
Age
36939
X-Served-By
cache-lga21937-LGA, cache-hhn4053-HHN
X-Cache
HIT, HIT
X-Cache-Hits
2, 592640
X-Timer
S1618502863.394410,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 72B2 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://likevertising.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://likevertising.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=62021
Expires
Fri, 16 Apr 2021 09:21:24 GMT
Date
Thu, 15 Apr 2021 16:07:43 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4786 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://likevertising.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=4462823264694872990; anj=dTM7k!M4/8CxrEQF']wIg2C$Mt(7f8!@wnf-Te9(>wL5L!!'!T$N)r<; icu=ChgIz5I0EAoYASABKAEwzMnhgwY4AUABSAEKGAjYpkQQChgBIAEoATDLyeGDBjgBQAFIAQoYCPbNYhAKGAIgAigCMM7J4YMGOAJAAkgCEM7J4YMGGAM.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://likevertising.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 12 Apr 2021 05:51:57 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 15 Apr 2021 16:07:43 GMT
Age
36939
X-Served-By
cache-lga21937-LGA, cache-hhn4053-HHN
X-Cache
HIT, HIT
X-Cache-Hits
2, 592642
X-Timer
S1618502863.454186,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8713 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://likevertising.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://likevertising.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=62021
Expires
Fri, 16 Apr 2021 09:21:24 GMT
Date
Thu, 15 Apr 2021 16:07:43 GMT
Connection
keep-alive
Vary
Accept-Encoding
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 10FE 		254 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=8239531618502858817
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
1955
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
3fxKGKGG7x9smUgGRZY3/0rYOUUaxLooyKppUJbwjC3F0De0S2w7jAiA03CoGdM8qf9YzUtHXMg=
x-served-by
cache-hhn11537-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1618502863.178546,VS0,VE0
date
Thu, 15 Apr 2021 16:07:43 GMT
x-amz-request-id
BZA2MM8GAVQZA74K
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
9
x-cache-hits
2717
PugMaster
image6.pubmatic.com/AdServer/ Frame 8713 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95897898&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
77df43ae55217a813e454dc4c2150a09133150cd50a33de0603623c15966d57b

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:43 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame 6F80 		0
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:43 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.12:80
AN-X-Request-Uuid
7818bdd8-56a6-4b6e-b6fd-dd73cb02f744
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4786 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:43 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.205:80
AN-X-Request-Uuid
b80c10c1-534b-43ab-8ee8-8cec0a975d45
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
visible
trc.taboola.com/themoscowtimes728x90gr-r18604579/log/3/ Frame 4394 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themoscowtimes728x90gr-r18604579/log/3/visible?route=IL%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
68
pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
via
1.1 varnish
server
nginx
x-timer
S1618502864.604094,VS0,VE68
x-served-by
cache-hhn11537-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://likevertising.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/themoscowtimes728x90gr-r18604579/log/3/ Frame 4394 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themoscowtimes728x90gr-r18604579/log/3/bulk?route=IL%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
68
pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
via
1.1 varnish
server
nginx
x-timer
S1618502864.605486,VS0,VE68
x-served-by
cache-hhn11537-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://likevertising.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 4394 		254 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d61&cb=8973771618502858839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
1955
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
3fxKGKGG7x9smUgGRZY3/0rYOUUaxLooyKppUJbwjC3F0De0S2w7jAiA03CoGdM8qf9YzUtHXMg=
x-served-by
cache-hhn11537-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1618502864.661560,VS0,VE0
date
Thu, 15 Apr 2021 16:07:43 GMT
x-amz-request-id
BZA2MM8GAVQZA74K
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
9
x-cache-hits
2719
usersync.aspx
dis.criteo.com/dis/ Frame A413 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95897898&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 15 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1792
x-powered-by
ASP.NET
date
Thu, 15 Apr 2021 16:07:43 GMT
content-length
43
pubmatic
d5p.de17a.com/getuid/ Frame A184 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95897898&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.185 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-185.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 1F61
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCeFFrN0E4TW9BQUNqNFZWcUpUZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABxQk7A8MoAACj4VVqJTg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABxQk7A8MoAACj4VVqJTg&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABxQk7A8MoAACj4VVqJTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4977431938741012291
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4977431938741012291&_bee_ppp=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE2iU7A8MoAACpu2PriFQ
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE2iU7A8MoAACpu2PriFQ
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95897898&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PUBMDCID=3; KRTBCOOKIE_1101=23040-6951416869364627596; SPugT=1618502863; KRTBCOOKIE_218=22978-YHhkzQAAHM8Z2QAC&KRTB&23194-YHhkzQAAHM8Z2QAC&KRTB&23209-YHhkzQAAHM8Z2QAC&KRTB&23244-YHhkzQAAHM8Z2QAC; KRTBCOOKIE_391=22924-1095297685178457468&KRTB&23263-1095297685178457468; KRTBCOOKIE_22=14911-7717423280491194807; SyncRTB3=1619654400%3A220; KRTBCOOKIE_1074=22956-e_4b3de8f1-b43a-4547-ab27-2a8351227b97; KADUSERCOOKIE=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8; KRTBCOOKIE_377=6810-a6429d93-482e-44a2-98c9-d29478d6992a&KRTB&22918-a6429d93-482e-44a2-98c9-d29478d6992a&KRTB&23031-a6429d93-482e-44a2-98c9-d29478d6992a; KRTBCOOKIE_27=16735-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&16736-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&23019-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&23114-uid:00ff6078-64cb-4100-85b9-f50803ea647b; KRTBCOOKIE_466=16530-0f091c0a-3530-4dd1-95fd-89ada1c252e2; KRTBCOOKIE_1235=23226-4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e:$UID; chkChromeAb67Sec=2; KRTBCOOKIE_409=22966-90aJiChWHotz8CHBPo3SWpYH; PugT=1618502865; KRTBCOOKIE_153=1923-TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W&KRTB&19420-TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W&KRTB&22979-TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W; KRTBCOOKIE_57=22776-4462823264694872990; KRTBCOOKIE_80=16514-CAESEOtHYelNZzNgKpg2hqL4XL8&KRTB&22987-CAESEOtHYelNZzNgKpg2hqL4XL8&KRTB&23025-CAESEOtHYelNZzNgKpg2hqL4XL8; KRTBCOOKIE_188=3189-no-consent
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:45 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AAE2iU7A8MoAACpu2PriFQ; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 15-May-2021 16:07:45 GMT; path=/ PugT=1618502865; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 15-May-2021 16:07:45 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 16:07:45 GMT; path=/
X-lat
lhrpug010:0:567
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Thu, 15 Apr 2021 16:07:45 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAE2iU7A8MoAACpu2PriFQ
Server
nginx
set-cookie
bito=AAE2iU7A8MoAACpu2PriFQ; Domain=bidr.io; expires=Sun, 15 May 2022 12:07:45 GMT; Path=/; SameSite=None; Secure bitoIsSecure=ok; Domain=bidr.io; expires=Sun, 15 May 2022 12:07:45 GMT; Path=/; SameSite=None; Secure checkForPermission=""; Domain=bidr.io; expires=Thu, 01 May 2008 00:00:00 GMT; Path=/; SameSite=None; Secure
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame A75C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6951416869364627596
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6951416869364627596
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95897898&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:44 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6951416869364627596; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 15-May-2021 16:07:44 GMT; path=/ PugT=1618502864; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 15-May-2021 16:07:44 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 16:07:44 GMT; path=/
X-lat
lhrpug006:0:298
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:44 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6951416869364627596; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6951416869364627596
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 562F
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=90aJiChWHotz8CHBPo3SWpYH
42 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=90aJiChWHotz8CHBPo3SWpYH
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95897898&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:45 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-90aJiChWHotz8CHBPo3SWpYH; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 15-May-2021 16:07:45 GMT; path=/ PugT=1618502865; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 15-May-2021 16:07:45 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 16:07:45 GMT; path=/
X-lat
lhrpug003:0:435
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 15 Apr 2021 16:07:44 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=90aJiChWHotz8CHBPo3SWpYH; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=90aJiChWHotz8CHBPo3SWpYH
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame EB61 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95897898&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 15 Apr 2021 16:07:44 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
dpe
ad4m.at/ad/ Frame 2C98 		42 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95897898&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 15 Apr 2021 16:07:43 GMT
content-type
image/gif
content-length
42
set-cookie
__cfduid=d7cb4010657ed76b1e2efa9659203bc7d1618502863; expires=Sat, 15-May-21 16:07:43 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7rdk
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0977e2e35e00004edfc6222000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64066db23e394edf-FRA
i.match
s.tribalfusion.com/z/ Frame BCAB
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
465 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95897898&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a5noeUsjyDymTFMcGJgby92sb8Yc2vSa3ZcHZdAxSa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 15 Apr 2021 16:07:44 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=d56df41745e8008d4b598a0300647ac321618502863; expires=Sat, 15-May-21 16:07:43 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=ajnseFOleq8PZabprMjaerpXrFKOKIKNfZdInSPE6FZcgHqYq0PmtA9oowux4fM6qODop27ZaGS3eHQ8fQEEJF1P; path=/; domain=.tribalfusion.com; expires=Wed, 14-Jul-2021 16:07:43 GMT; SameSite=None; Secure; ANON_ID_old=ajnseFOleq8PZabprMjaerpXrFKOKIKNfZdInSPE6FZcgHqYq0PmtA9oowux4fM6qODop27ZaGS3eHQ8fQEEJF1P; path=/; domain=.tribalfusion.com; expires=Wed, 14-Jul-2021 16:07:43 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0977e2e41800002bc2f2ae2000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64066db35b822bc2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 15 Apr 2021 16:07:43 GMT
content-type
text/html
set-cookie
__cfduid=d56df41745e8008d4b598a0300647ac321618502863; expires=Sat, 15-May-21 16:07:43 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=a5noeUsjyDymTFMcGJgby92sb8Yc2vSa3ZcHZdAxSa; path=/; domain=.tribalfusion.com; expires=Wed, 14-Jul-2021 16:07:43 GMT; SameSite=None; Secure; ANON_ID_old=a5noeUsjyDymTFMcGJgby92sb8Yc2vSa3ZcHZdAxSa; path=/; domain=.tribalfusion.com; expires=Wed, 14-Jul-2021 16:07:43 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
20
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
0977e2e36500002bc2d9b72000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64066db238ec2bc2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 2BDA
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=bsNtUEKgKG5N&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=bsNtUEKgKG5N&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95897898&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=DF717716-650E-4F5C-B968-55C37FF678F1; chkChromeAb67Sec=1; DPSync3=1619654400%3A201_227_226_221; SyncRTB3=1619654400%3A230_81_55_176_222_78_8_22_7_3_161_21_54_71_189_13_165_166_88_204_231_220_56%7C1619740800%3A35%7C1621036800%3A203%7C1619049600%3A15_2_223_67%7C1619308800%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:44 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 16:07:44 GMT; path=/
X-lat
lhrpug010:0:445
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-7c488d4f5b-qd6vz
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=bsNtUEKgKG5N&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame FE53
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
52 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95897898&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 15 Apr 2021 16:07:43 GMT
via
1.1 varnish
x-served-by
cache-hhn11537-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1618502864.849950,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 15-Apr-2022 16:07:43 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Thu, 15 Apr 2021 16:07:43 GMT
via
1.1 varnish
x-served-by
cache-hhn11537-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1618502864.730613,VS0,VE68
x-vcl-time-ms
68
content-length
0
141
match.deepintent.com/usersync/ Frame 11A3 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95897898&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Thu, 15 Apr 2021 16:07:43 GMT
server
b
receive
pixel.tapad.com/idsync/ex/ Frame 9682
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
95 B
154 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95897898&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1618502859814; TapAd_DID=b3c6cc62-9e04-11eb-b06e-82fbe4033e53; TapAd_3WAY_SYNCS=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 15 Apr 2021 16:07:44 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:43 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 16:07:43 GMT; path=/
X-lat
lhrpug016:0:321
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8713
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=33F3FmUOT1y5aFXDf_Z48Q%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=66411
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Fri, 16 Apr 2021 10:34:34 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 8713 		95 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=DF717716-650E-4F5C-B968-55C37FF678F1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
64066db23a311752-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0977e2e36500001752ce24d000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 8713
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=DF717716-650E-4F5C-B968-55C37FF678F1&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DF717716-650E-4F5C-B968-55C37FF678F1&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DF717716-650E-4F5C-B968-55C37FF678F1&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:42 GMT
frontend-id
9
location
/pubmatic/1/info2?sType=sync&sExtCookieId=DF717716-650E-4F5C-B968-55C37FF678F1&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DF717716-650E-4F5C-B968-55C37FF678F1&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DF717716-650E-4F5C-B968-55C37FF678F1&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DF717716-650E-4F5C-B968-55C37FF678F1&addseg=21
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DF717716-650E-4F5C-B968-55C37FF678F1&addseg=21
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:47 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Thu, 15 Apr 2021 16:07:46 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DF717716-650E-4F5C-B968-55C37FF678F1&addseg=21
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REY3MTc3MTYtNjUwRS00RjVDLUI5NjgtNTVDMzdGRjY3OEYx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:45 GMT
X-lat
lhrpug010:0:670
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOtHYelNZzNgKpg2hqL4XL8&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOtHYelNZzNgKpg2hqL4XL8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:45 GMT
X-lat
lhrpug016:0:370
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOtHYelNZzNgKpg2hqL4XL8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 8713 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 14 Apr 2021 16:07:43 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a6429d93-482e-44a2-98c9-d29478d6992a
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a6429d93-482e-44a2-98c9-d29478d6992a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:44 GMT
X-lat
lhrpug006:0:644
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a6429d93-482e-44a2-98c9-d29478d6992a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1095297685178457468
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1095297685178457468
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:44 GMT
X-lat
lhrpug012:0:462
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1095297685178457468
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:00ff6078-64cb-4100-85b9-f50803ea647b&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:00ff6078-64cb-4100-85b9-f50803ea647b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:44 GMT
X-lat
lhrpug007:0:451
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Thu, 15 Apr 2021 16:07:47 GMT
Server
MT3 3660 495c301 master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:00ff6078-64cb-4100-85b9-f50803ea647b&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Apr 2021 16:07:46 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4462823264694872990&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4462823264694872990&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:45 GMT
X-lat
lhrpug008:0:424
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:43 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.90:80
AN-X-Request-Uuid
a198f5d1-30b2-404d-84e6-3fbdc3fc742a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4462823264694872990&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0f091c0a-3530-4dd1-95fd-89ada1c252e2
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0f091c0a-3530-4dd1-95fd-89ada1c252e2
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=43f23574-6b71-413a-8c0a-9ec7f6afaa75&user_group=1&ssp=pubmatic&bsw_param=0f091c0a-3530-4dd1-95fd-89ada1c252e2
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f091c0a-3530-4dd1-95fd-89ada1c252e2&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f091c0a-3530-4dd1-95fd-89ada1c252e2&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:44 GMT
X-lat
lhrpug011:0:503
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f091c0a-3530-4dd1-95fd-89ada1c252e2&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 15 Apr 2021 16:07:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
DF717716-650E-4F5C-B968-55C37FF678F1
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8713 		43 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/DF717716-650E-4F5C-B968-55C37FF678F1?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DF717716-650E-4F5C-B968-55C37FF678F1&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kUmz3wlE2uXTqKuidzh1AIK1l4quW_0-~A&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kUmz3wlE2uXTqKuidzh1AIK1l4quW_0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Thu, 15 Apr 2021 16:07:43 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Thu, 15 Apr 2021 16:07:43 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kUmz3wlE2uXTqKuidzh1AIK1l4quW_0-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:45 GMT
X-lat
lhrpug017:0:387
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7717423280491194807&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7717423280491194807&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:44 GMT
X-lat
lhrpug002:0:668
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7717423280491194807&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHhkzQAAHM8Z2QAC&gdpr=0&gdpr_consent=
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHhkzQAAHM8Z2QAC&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:44 GMT
X-lat
lhrpug019:0:388
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618502864.730395,VS0,VE0
x-served-by
cache-hhn4072-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHhkzQAAHM8Z2QAC&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:949b5f09-af4d-462e-9730-80b75558014e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:949b5f09-af4d-462e-9730-80b75558014e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:45 GMT
X-lat
lhrpug020:0:790
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:949b5f09-af4d-462e-9730-80b75558014e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 15 Apr 2021 16:07:45 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:45 GMT
X-lat
lhrpug017:0:351
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 8713 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DF717716-650E-4F5C-B968-55C37FF678F1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4658588479070967429
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4658588479070967429
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:47 GMT
X-lat
lhrpug015:0:309
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:46 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.89:80
AN-X-Request-Uuid
bcabf587-96f3-468c-a933-7e13b6e58ad4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4658588479070967429
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8713
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4b3de8f1-b43a-4547-ab27-2a8351227b97
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4b3de8f1-b43a-4547-ab27-2a8351227b97
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:44 GMT
X-lat
lhrpug007:0:592
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4b3de8f1-b43a-4547-ab27-2a8351227b97
date
Thu, 15 Apr 2021 16:07:43 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 1F57
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ac7e50ce-7b0a-497b-8b9f-34a47e9431dd
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ac7e50ce-7b0a-497b-8b9f-34a47e9431dd&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3Dac7e50ce-7b0a-...
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ac7e50ce-7b0a-497b-8b9f-34a47e9431dd&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3Dac7e50ce-7b0a-497b-8b9f-34a47e9431dd&isDirect=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1618502864.232727,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11537-HHN

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ac7e50ce-7b0a-497b-8b9f-34a47e9431dd&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3Dac7e50ce-7b0a-497b-8b9f-34a47e9431dd&isDirect=0
tbl-x-upstream
10.40.0.199:10213
date
Thu, 15 Apr 2021 16:07:44 GMT
server
nginx
x-fastly-to-nlb-rtt
21301
sd
u.openx.net/w/1.0/ Frame 1F57 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=4ac0d072-9096-4cdc-972c-dd27c573c5b9-tuct771ea4d&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 1F57 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 1F57
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=x09m7GUqrmsz&ev=1&orig=trc&pid=562107
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=x09m7GUqrmsz&ev=1&orig=trc&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.199:10213
date
Thu, 15 Apr 2021 16:07:44 GMT
server
nginx
x-fastly-to-nlb-rtt
21299

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=x09m7GUqrmsz&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-qd6vz
expires
-1
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 1F57
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4462823264694872990&orig=trc
0
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4462823264694872990&orig=trc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Thu, 15 Apr 2021 16:07:44 GMT
server
nginx
x-fastly-to-nlb-rtt
21301

Redirect headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:44 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.137:80
AN-X-Request-Uuid
2a950303-7087-4c6e-89e0-80508e184b64
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4462823264694872990&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 1F57
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKrt2CrfNVd62QRMKIyCP_g&google_cver=1
0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKrt2CrfNVd62QRMKIyCP_g&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
68
date
Thu, 15 Apr 2021 16:07:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1618502864.137252,VS0,VE68
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11537-HHN

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKrt2CrfNVd62QRMKIyCP_g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1F57 		42 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=4ac0d072-9096-4cdc-972c-dd27c573c5b9-tuct771ea4d:$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:44 GMT
X-lat
lhrpug008:0:398
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 1F57
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&google_tc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
376
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 1F57
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a6429d93-482e-44a2-98c9-d29478d6992a
0
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a6429d93-482e-44a2-98c9-d29478d6992a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
date
Thu, 15 Apr 2021 16:07:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1618502864.147373,VS0,VE67
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11537-HHN

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a6429d93-482e-44a2-98c9-d29478d6992a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 1F57 		43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=4ac0d072-9096-4cdc-972c-dd27c573c5b9-tuct771ea4d&us_privacy=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 1F57 		49 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=4ac0d072-9096-4cdc-972c-dd27c573c5b9-tuct771ea4d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-7c488d4f5b-qd6vz
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 1F57 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=4ac0d072-9096-4cdc-972c-dd27c573c5b9-tuct771ea4d&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:44 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 1F57 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=4ac0d072-9096-4cdc-972c-dd27c573c5b9-tuct771ea4d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:47 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1F57
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4767ea6b-8d68-4fbb-a000-adcc64286794
0
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4767ea6b-8d68-4fbb-a000-adcc64286794
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.34.222:10213
date
Thu, 15 Apr 2021 16:07:44 GMT
server
nginx
x-fastly-to-nlb-rtt
21296

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4767ea6b-8d68-4fbb-a000-adcc64286794
cache-control
no-cache
date
Thu, 15 Apr 2021 16:07:43 GMT
server-processing-duration-in-ticks
2905
content-type
text/html; charset=utf-8
content-length
222
expires
Thu, 15 Apr 2021 00:00:00 GMT
5.gif
id5-sync.com/c/464/101/3/ Frame 1F57
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=4ac0d072-9096-4cdc-972c-dd27c573c5b9-tuct771ea4d&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=4ac0d072-9096-4cdc-972c-dd27c573c5b9-tuct771ea4d&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO4zC1yvIqjpFCerq_Yi5t1fletNBMAE3izkgZ-w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO4zC1yvIqjpFCerq_Yi5t1fletNBMAE3izkgZ-w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=74e47178-c67d-473e-937b-183ef30943e9&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENsQpj0O-13Zzcmc9P3nGIQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4658588479070967429&opid=apx&ops=&utidl=tech:goo:CAESENsQpj0O-13Zzcmc9P3nGIQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A16927336776&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/4/4.gif?puid=1a1a366ef5ecf2b209593665c91acd17&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/3/5.gif?puid=297033f4-2e48-4578-95a9-cd4d4f17c728&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/464/101/3/5.gif?puid=297033f4-2e48-4578-95a9-cd4d4f17c728&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.87 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:46 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/464/101/3/5.gif?puid=297033f4-2e48-4578-95a9-cd4d4f17c728&gdpr=1&gdpr_consent=
Date
Thu, 15 Apr 2021 16:07:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 1F57
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=KVszUAcZB26HWqeh0GR4YA
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=KVszUAcZB26HWqeh0GR4YA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.175:10213
date
Thu, 15 Apr 2021 16:07:45 GMT
server
nginx
x-fastly-to-nlb-rtt
24888

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=KVszUAcZB26HWqeh0GR4YA
date
Thu, 15 Apr 2021 16:07:44 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 1F57 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Thu, 15 Apr 2021 16:06:51 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 1F57
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=0f091c0a-3530-4dd1-95fd-89ada1c252e2&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=0f091c0a-3530-4dd1-95fd-89ada1c252e2
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fa59da56-e24a-42e1-89ef-befa1f2b7151
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fa59da56-e24a-42e1-89ef-befa1f2b7151
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Thu, 15 Apr 2021 16:07:45 GMT
server
nginx
x-fastly-to-nlb-rtt
24036

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fa59da56-e24a-42e1-89ef-befa1f2b7151
date
Thu, 15 Apr 2021 16:07:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame A27A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTJDMUIxRDktQjA0MS00QTdGLTlBODktNDk5MTlCMzJCM0FE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:44 GMT
Content-Length
0

Redirect headers

Date
Thu, 15 Apr 2021 16:07:45 GMT
X-lat
lhrpug001:0:528
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Connection
keep-alive
ImgSync
image8.pubmatic.com/AdServer/ Frame 985E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0UzRENBQTItMjEyQi00MkU1LTg3NzMtQjlFMjQ2MEJGMkY4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:45 GMT
Content-Length
0

Redirect headers

Date
Thu, 15 Apr 2021 16:07:45 GMT
X-lat
lhrpug004:0:401
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Connection
keep-alive
bounce
ib.adnxs.com/ Frame 6F80
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:44 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.210:80
AN-X-Request-Uuid
e4898e15-ff50-4e99-877d-0a3290edb37f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:44 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.206:80
AN-X-Request-Uuid
6e15c213-6818-4028-a766-9c15c8ac9e5f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4786 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:44 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.8:80
AN-X-Request-Uuid
1bdf2e45-19b7-4516-91c5-3ae763bc47b5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 07C5 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame 07C5
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f
tbl-x-upstream
10.41.22.84:10213
date
Thu, 15 Apr 2021 16:07:44 GMT
server
nginx
x-fastly-to-nlb-rtt
21301
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 07C5
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=_BKQoDEXDaW5rMrV0GR4YA
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=_BKQoDEXDaW5rMrV0GR4YA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Thu, 15 Apr 2021 16:07:45 GMT
server
nginx
x-fastly-to-nlb-rtt
24888

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=_BKQoDEXDaW5rMrV0GR4YA
date
Thu, 15 Apr 2021 16:07:44 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 07C5 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Thu, 15 Apr 2021 16:06:51 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 07C5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=taboola&bds_param=fa59da56-e24a-42e1-89ef-befa1f2b7151
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=850b2d6e-20b5-4a69-a0a4-b4ad55d5ae0e&expires=10&ssp=taboola&bsw_param=fa59da56-e24a-42e1-89ef-befa1f2b7151
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fa59da56-e24a-42e1-89ef-befa1f2b7151
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fa59da56-e24a-42e1-89ef-befa1f2b7151
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Thu, 15 Apr 2021 16:07:46 GMT
server
nginx
x-fastly-to-nlb-rtt
23689

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fa59da56-e24a-42e1-89ef-befa1f2b7151
date
Thu, 15 Apr 2021 16:07:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 07C5
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1582a6a1-40a3-4078-8caa-5593100a009f
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1582a6a1-40a3-4078-8caa-5593100a009f&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1582a6a1-40a3-...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1582a6a1-40a3-4078-8caa-5593100a009f&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1582a6a1-40a3-4078-8caa-5593100a009f&isDirect=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1618502865.775862,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11537-HHN

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1582a6a1-40a3-4078-8caa-5593100a009f&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1582a6a1-40a3-4078-8caa-5593100a009f&isDirect=0
tbl-x-upstream
10.40.0.199:10213
date
Thu, 15 Apr 2021 16:07:44 GMT
server
nginx
x-fastly-to-nlb-rtt
26616
sd
u.openx.net/w/1.0/ Frame 07C5
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&gdpr=0&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&gdpr=0&gdpr_consent=
date
Thu, 15 Apr 2021 16:07:44 GMT
via
1.1 google
server
OXGW/16.205.4
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 07C5
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=gwfdQ2K3QvyF&ev=1&orig=trc&pid=562107
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=gwfdQ2K3QvyF&ev=1&orig=trc&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.175:10213
date
Thu, 15 Apr 2021 16:07:44 GMT
server
nginx
x-fastly-to-nlb-rtt
26616

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=gwfdQ2K3QvyF&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-wpqj7
expires
-1
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 07C5
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4658588479070967429&orig=trc
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4658588479070967429&orig=trc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Thu, 15 Apr 2021 16:07:44 GMT
server
nginx
x-fastly-to-nlb-rtt
21305

Redirect headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:44 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.101:80
AN-X-Request-Uuid
c790f62f-9c14-4f40-8005-fe3d72fda9b1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4658588479070967429&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 07C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENhvI8cDpzVQe2gckvwGL2E&google_cver=1
0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENhvI8cDpzVQe2gckvwGL2E&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
date
Thu, 15 Apr 2021 16:07:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1618502865.663383,VS0,VE67
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11537-HHN

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENhvI8cDpzVQe2gckvwGL2E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 07C5
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e:$UID
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:44 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 15 Apr 2021 16:07:44 GMT
X-lat
lhrpug013:0:883
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Connection
keep-alive
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 07C5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a6429d93-482e-44a2-98c9-d29478d6992a
0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a6429d93-482e-44a2-98c9-d29478d6992a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
68
date
Thu, 15 Apr 2021 16:07:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1618502865.780581,VS0,VE68
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11537-HHN

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a6429d93-482e-44a2-98c9-d29478d6992a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 07C5
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 07C5 		49 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-7c488d4f5b-wpqj7
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 07C5 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:44 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 07C5 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:47 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 07C5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7d4d1cda-7e1f-4b45-b32c-1065d30a6d87
0
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7d4d1cda-7e1f-4b45-b32c-1065d30a6d87
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.127:10213
date
Thu, 15 Apr 2021 16:07:44 GMT
server
nginx
x-fastly-to-nlb-rtt
25374

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7d4d1cda-7e1f-4b45-b32c-1065d30a6d87
cache-control
no-cache
date
Thu, 15 Apr 2021 16:07:44 GMT
server-processing-duration-in-ticks
1585
content-type
text/html; charset=utf-8
content-length
222
expires
Thu, 15 Apr 2021 00:00:00 GMT
5.gif
id5-sync.com/c/464/101/3/ Frame 07C5
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOE-4txmPIjGpoMa1URDbUd-Ox4Ob8p3HBIBaOFA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOE-4txmPIjGpoMa1URDbUd-Ox4Ob8p3HBIBaOFA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=74e47178-c67d-473e-937b-183ef30943e9&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENsQpj0O-13Zzcmc9P3nGIQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4658588479070967429&opid=apx&ops=&utidl=tech:goo:CAESENsQpj0O-13Zzcmc9P3nGIQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A16927336776&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/4/4.gif?puid=1a1a366ef5ecf2b209593665c91acd17&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/3/5.gif?puid=b9558095-2458-42ad-8c73-c5fbb77c248e&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/464/101/3/5.gif?puid=b9558095-2458-42ad-8c73-c5fbb77c248e&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.87 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:46 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/464/101/3/5.gif?puid=b9558095-2458-42ad-8c73-c5fbb77c248e&gdpr=1&gdpr_consent=
Date
Thu, 15 Apr 2021 16:07:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.themoscowtimes.com&rs=www.themoscowtimes.com&sid=95557&t=1618502861&cip=194.110.114.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=604626c997bd7e08ad5db135&test=&aafaid=&proto=https&uid=1618502861963-956140594381-032059-009-006646&cha=0.7&cb=9821309113&d9=1000&AV_WIDTH=600&AV_HEIGHT=338
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=604626c997bd7e08ad5db135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.104.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 15 Apr 2021 16:07:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 8713 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155495&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Thu, 15 Apr 2021 16:07:44 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame 72B2 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PUBMDCID=3; KRTBCOOKIE_1101=23040-6951416869364627596; KRTBCOOKIE_218=22978-YHhkzQAAHM8Z2QAC&KRTB&23194-YHhkzQAAHM8Z2QAC&KRTB&23209-YHhkzQAAHM8Z2QAC&KRTB&23244-YHhkzQAAHM8Z2QAC; KRTBCOOKIE_391=22924-1095297685178457468&KRTB&23263-1095297685178457468; KRTBCOOKIE_22=14911-7717423280491194807; SyncRTB3=1619654400%3A220; KRTBCOOKIE_1074=22956-e_4b3de8f1-b43a-4547-ab27-2a8351227b97; KADUSERCOOKIE=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8; KRTBCOOKIE_377=6810-a6429d93-482e-44a2-98c9-d29478d6992a&KRTB&22918-a6429d93-482e-44a2-98c9-d29478d6992a&KRTB&23031-a6429d93-482e-44a2-98c9-d29478d6992a; KRTBCOOKIE_27=16735-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&16736-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&23019-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&23114-uid:00ff6078-64cb-4100-85b9-f50803ea647b; KRTBCOOKIE_466=16530-0f091c0a-3530-4dd1-95fd-89ada1c252e2; KRTBCOOKIE_1235=23226-4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e:$UID; chkChromeAb67Sec=2; KRTBCOOKIE_409=22966-90aJiChWHotz8CHBPo3SWpYH; PugT=1618502865; KRTBCOOKIE_153=1923-TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W&KRTB&19420-TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W&KRTB&22979-TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W; KRTBCOOKIE_57=22776-4462823264694872990; KRTBCOOKIE_80=16514-CAESEOtHYelNZzNgKpg2hqL4XL8&KRTB&22987-CAESEOtHYelNZzNgKpg2hqL4XL8&KRTB&23025-CAESEOtHYelNZzNgKpg2hqL4XL8; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_699=22727-AAE2iU7A8MoAACpu2PriFQ; SPugT=1618502864; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=62018
Expires
Fri, 16 Apr 2021 09:21:24 GMT
Date
Thu, 15 Apr 2021 16:07:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 72B2 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=9346874&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
11929204b9545484296628ec21d9b5f416e6a5eee4ae52927f6ba2d3ec64520b

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:46 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 72B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJZ72zmsiULydp_pR8C5VsI&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJZ72zmsiULydp_pR8C5VsI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:46 GMT
X-lat
lhrpug007:0:548
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJZ72zmsiULydp_pR8C5VsI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 72B2 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=9346874&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 14 Apr 2021 16:07:46 GMT
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame B407
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
42 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=9346874&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PUBMDCID=3; KRTBCOOKIE_1101=23040-6951416869364627596; KRTBCOOKIE_218=22978-YHhkzQAAHM8Z2QAC&KRTB&23194-YHhkzQAAHM8Z2QAC&KRTB&23209-YHhkzQAAHM8Z2QAC&KRTB&23244-YHhkzQAAHM8Z2QAC; KRTBCOOKIE_391=22924-1095297685178457468&KRTB&23263-1095297685178457468; KRTBCOOKIE_22=14911-7717423280491194807; KRTBCOOKIE_1074=22956-e_4b3de8f1-b43a-4547-ab27-2a8351227b97; KADUSERCOOKIE=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8; KRTBCOOKIE_377=6810-a6429d93-482e-44a2-98c9-d29478d6992a&KRTB&22918-a6429d93-482e-44a2-98c9-d29478d6992a&KRTB&23031-a6429d93-482e-44a2-98c9-d29478d6992a; KRTBCOOKIE_27=16735-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&16736-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&23019-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&23114-uid:00ff6078-64cb-4100-85b9-f50803ea647b; KRTBCOOKIE_466=16530-0f091c0a-3530-4dd1-95fd-89ada1c252e2; KRTBCOOKIE_1235=23226-4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e:$UID; KRTBCOOKIE_409=22966-90aJiChWHotz8CHBPo3SWpYH; PugT=1618502865; KRTBCOOKIE_153=1923-TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W&KRTB&19420-TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W&KRTB&22979-TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W; KRTBCOOKIE_57=22776-4462823264694872990; KRTBCOOKIE_80=16514-CAESEOtHYelNZzNgKpg2hqL4XL8&KRTB&22987-CAESEOtHYelNZzNgKpg2hqL4XL8&KRTB&23025-CAESEOtHYelNZzNgKpg2hqL4XL8; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_699=22727-AAE2iU7A8MoAACpu2PriFQ; SPugT=1618502864; chkChromeAb67Sec=3; DPSync3=1619654400%3A226_221_201_227; SyncRTB3=1619740800%3A35%7C1619308800%3A63%7C1621036800%3A203%7C1619654400%3A56_55_176_78_21_161_88_204_231_220_3_71_7_166_13_22_81_189_5_230_54_8_165_222%7C1619049600%3A67_223_15_2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:46 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 16:07:46 GMT; path=/
X-lat
lhrpug011:0:445
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

cache-control
no-cache
pragma
no-cache
content-type
text/html; charset=utf-8
expires
Thu, 15 Apr 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
3191
x-powered-by
ASP.NET
date
Thu, 15 Apr 2021 16:07:46 GMT
content-length
205
Pug
simage2.pubmatic.com/AdServer/ Frame 72B2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a6429d93-482e-44a2-98c9-d29478d6992a
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a6429d93-482e-44a2-98c9-d29478d6992a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:47 GMT
X-lat
lhrpug007:0:533
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a6429d93-482e-44a2-98c9-d29478d6992a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 72B2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4668053295650009157
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4668053295650009157
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:47 GMT
X-lat
lhrpug004:0:526
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:46 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4668053295650009157
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 72B2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e6726078-64d2-4000-89c4-5c47b028dbcf&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e6726078-64d2-4000-89c4-5c47b028dbcf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:47 GMT
X-lat
lhrpug005:0:797
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Thu, 15 Apr 2021 16:07:49 GMT
Server
MT3 3660 495c301 master zrh-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e6726078-64d2-4000-89c4-5c47b028dbcf&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Apr 2021 16:07:48 GMT
pubmatic
d5p.de17a.com/getuid/ Frame C17B 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=9346874&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.185 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-185.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 72B2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4658588479070967429&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4658588479070967429&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:46 GMT
X-lat
lhrpug008:0:544
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:46 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.134:80
AN-X-Request-Uuid
5a06ea61-548b-4999-b1a6-74403cb39f50
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4658588479070967429&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 72B2
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=89dK-PPTGfLo30yi8tRQ8_HWTvPo1x_38NfpwH4e
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=89dK-PPTGfLo30yi8tRQ8_HWTvPo1x_38NfpwH4e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:46 GMT
X-lat
lhrpug006:0:330
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=89dK-PPTGfLo30yi8tRQ8_HWTvPo1x_38NfpwH4e
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 3228
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFMmlVN0E4TW9BQUNwdTJQcmlGUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAE2iU7A8MoAACpu2PriFQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8808815724829575093
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8808815724829575093&_bee_ppp=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADqK07A8MoAACrY0_5rMg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D8808815724829575093%26bee_sync_partners%3Dpm%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=8808815724829575093&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADqK07A8MoAACrY0_5rMg&pid=558502&d...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADqK07A8MoAACrY0_5rMg
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADqK07A8MoAACrY0_5rMg
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=9346874&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_57=22776-4658588479070967429; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEJZ72zmsiULydp_pR8C5VsI&KRTB&22987-CAESEJZ72zmsiULydp_pR8C5VsI&KRTB&23025-CAESEJZ72zmsiULydp_pR8C5VsI; KRTBCOOKIE_188=3189-no-consent; KADUSERCOOKIE=339DE6D9-6FC3-49A5-BB15-9287AC7E23A3; SPugT=1618502866; KRTBCOOKIE_1074=22956-e_c14cf062-5ea2-4bfa-a149-9b2e955390b6; KRTBCOOKIE_107=1471-uid:qGMZEBpu1Lx4wW5; KRTBCOOKIE_27=16735-uid:e6726078-64d2-4000-89c4-5c47b028dbcf&KRTB&16736-uid:e6726078-64d2-4000-89c4-5c47b028dbcf&KRTB&23019-uid:e6726078-64d2-4000-89c4-5c47b028dbcf&KRTB&23114-uid:e6726078-64d2-4000-89c4-5c47b028dbcf; PugT=1618502867; KRTBCOOKIE_377=6810-a6429d93-482e-44a2-98c9-d29478d6992a&KRTB&22918-a6429d93-482e-44a2-98c9-d29478d6992a&KRTB&23031-a6429d93-482e-44a2-98c9-d29478d6992a; KRTBCOOKIE_391=22924-4668053295650009157&KRTB&23263-4668053295650009157
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:47 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AADqK07A8MoAACrY0_5rMg; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 15-May-2021 16:07:47 GMT; path=/ PugT=1618502867; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 15-May-2021 16:07:47 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 16:07:47 GMT; path=/
X-lat
lhrpug012:0:475
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Thu, 15 Apr 2021 16:07:47 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADqK07A8MoAACrY0_5rMg
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame EF19
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6951416869364627596
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6951416869364627596
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=9346874&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PUBMDCID=3; KRTBCOOKIE_1101=23040-6951416869364627596; KRTBCOOKIE_218=22978-YHhkzQAAHM8Z2QAC&KRTB&23194-YHhkzQAAHM8Z2QAC&KRTB&23209-YHhkzQAAHM8Z2QAC&KRTB&23244-YHhkzQAAHM8Z2QAC; KRTBCOOKIE_391=22924-1095297685178457468&KRTB&23263-1095297685178457468; KRTBCOOKIE_22=14911-7717423280491194807; KRTBCOOKIE_1074=22956-e_4b3de8f1-b43a-4547-ab27-2a8351227b97; KADUSERCOOKIE=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8; KRTBCOOKIE_377=6810-a6429d93-482e-44a2-98c9-d29478d6992a&KRTB&22918-a6429d93-482e-44a2-98c9-d29478d6992a&KRTB&23031-a6429d93-482e-44a2-98c9-d29478d6992a; KRTBCOOKIE_27=16735-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&16736-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&23019-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&23114-uid:00ff6078-64cb-4100-85b9-f50803ea647b; KRTBCOOKIE_466=16530-0f091c0a-3530-4dd1-95fd-89ada1c252e2; KRTBCOOKIE_1235=23226-4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e:$UID; KRTBCOOKIE_409=22966-90aJiChWHotz8CHBPo3SWpYH; PugT=1618502865; KRTBCOOKIE_153=1923-TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W&KRTB&19420-TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W&KRTB&22979-TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W; KRTBCOOKIE_57=22776-4462823264694872990; KRTBCOOKIE_80=16514-CAESEOtHYelNZzNgKpg2hqL4XL8&KRTB&22987-CAESEOtHYelNZzNgKpg2hqL4XL8&KRTB&23025-CAESEOtHYelNZzNgKpg2hqL4XL8; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_699=22727-AAE2iU7A8MoAACpu2PriFQ; SPugT=1618502864; chkChromeAb67Sec=3; DPSync3=1619654400%3A226_221_201_227; SyncRTB3=1619740800%3A35%7C1619308800%3A63%7C1621036800%3A203%7C1619654400%3A56_55_176_78_21_161_88_204_231_220_3_71_7_166_13_22_81_189_5_230_54_8_165_222%7C1619049600%3A67_223_15_2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:46 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6951416869364627596; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 15-May-2021 16:07:46 GMT; path=/ PugT=1618502866; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 15-May-2021 16:07:46 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 16:07:46 GMT; path=/
X-lat
lhrpug010:0:455
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:46 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6951416869364627596; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6951416869364627596
Pug
simage2.pubmatic.com/AdServer/ Frame 72B2
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:949b5f09-af4d-462e-9730-80b75558014e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:949b5f09-af4d-462e-9730-80b75558014e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:47 GMT
X-lat
lhrpug009:0:446
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:949b5f09-af4d-462e-9730-80b75558014e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 15 Apr 2021 16:07:46 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 72B2
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:46 GMT
X-lat
lhrpug013:0:594
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:46 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 5712
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=90aJiChWHotz8CHBPo3SWpYH
42 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=90aJiChWHotz8CHBPo3SWpYH
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=9346874&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PUBMDCID=3; KRTBCOOKIE_1101=23040-6951416869364627596; KRTBCOOKIE_218=22978-YHhkzQAAHM8Z2QAC&KRTB&23194-YHhkzQAAHM8Z2QAC&KRTB&23209-YHhkzQAAHM8Z2QAC&KRTB&23244-YHhkzQAAHM8Z2QAC; KRTBCOOKIE_391=22924-1095297685178457468&KRTB&23263-1095297685178457468; KRTBCOOKIE_22=14911-7717423280491194807; KRTBCOOKIE_1074=22956-e_4b3de8f1-b43a-4547-ab27-2a8351227b97; KADUSERCOOKIE=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8; KRTBCOOKIE_377=6810-a6429d93-482e-44a2-98c9-d29478d6992a&KRTB&22918-a6429d93-482e-44a2-98c9-d29478d6992a&KRTB&23031-a6429d93-482e-44a2-98c9-d29478d6992a; KRTBCOOKIE_27=16735-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&16736-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&23019-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&23114-uid:00ff6078-64cb-4100-85b9-f50803ea647b; KRTBCOOKIE_466=16530-0f091c0a-3530-4dd1-95fd-89ada1c252e2; KRTBCOOKIE_1235=23226-4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e:$UID; KRTBCOOKIE_409=22966-90aJiChWHotz8CHBPo3SWpYH; PugT=1618502865; KRTBCOOKIE_153=1923-TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W&KRTB&19420-TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W&KRTB&22979-TuHkSE7lsBNV4-dDQLf-SE7o5BNV5-ZGTLU6fL7W; KRTBCOOKIE_57=22776-4462823264694872990; KRTBCOOKIE_80=16514-CAESEOtHYelNZzNgKpg2hqL4XL8&KRTB&22987-CAESEOtHYelNZzNgKpg2hqL4XL8&KRTB&23025-CAESEOtHYelNZzNgKpg2hqL4XL8; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_699=22727-AAE2iU7A8MoAACpu2PriFQ; SPugT=1618502864; chkChromeAb67Sec=3; DPSync3=1619654400%3A226_221_201_227; SyncRTB3=1619740800%3A35%7C1619308800%3A63%7C1621036800%3A203%7C1619654400%3A56_55_176_78_21_161_88_204_231_220_3_71_7_166_13_22_81_189_5_230_54_8_165_222%7C1619049600%3A67_223_15_2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:46 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-90aJiChWHotz8CHBPo3SWpYH; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 15-May-2021 16:07:46 GMT; path=/ PugT=1618502866; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 15-May-2021 16:07:46 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 16:07:46 GMT; path=/
X-lat
lhrpug007:0:516
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 15 Apr 2021 16:07:46 GMT
content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=90aJiChWHotz8CHBPo3SWpYH
strict-transport-security
max-age=0; includeSubDomains;
Pug
simage2.pubmatic.com/AdServer/ Frame 72B2
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5872126167561975729
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5872126167561975729
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:47 GMT
X-lat
lhrpug012:0:291
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 16:07:46 GMT
X-Proxy-Origin
194.110.114.148; 194.110.114.148; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.42:80
AN-X-Request-Uuid
24266532-1ca3-4e7e-8a32-0d23ee3fb384
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5872126167561975729
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bridge
cm.adgrx.com/ Frame 16E9 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=9346874&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 15 Apr 2021 16:07:46 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame 72B2
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c14cf062-5ea2-4bfa-a149-9b2e955390b6
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c14cf062-5ea2-4bfa-a149-9b2e955390b6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:46 GMT
X-lat
lhrpug004:0:497
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c14cf062-5ea2-4bfa-a149-9b2e955390b6
date
Thu, 15 Apr 2021 16:07:46 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
dpe
ad4m.at/ad/ Frame 9551 		42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=9346874&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 15 Apr 2021 16:07:46 GMT
content-type
image/gif
content-length
42
set-cookie
__cfduid=d7f9f32d71347f3009917fa9fd49905b51618502866; expires=Sat, 15-May-21 16:07:46 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-2tzg
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0977e2ee6500004edf0b139000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64066dc3deef4edf-FRA
i.match
s.tribalfusion.com/z/ Frame 04E4
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=9346874&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aMnoeUR3YWy7UXuTwbOHMRP9beNTFVFEFrZdJAAx5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 15 Apr 2021 16:07:46 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=d4f1d7bafb21deb907b00de2af1b09ed91618502866; expires=Sat, 15-May-21 16:07:46 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aOnseFSyZaRGRT8vnQXfPm2VSnn5EuZcuJZdgNUm7crsZckrjfSrYQIsZcTMXdAbkI0qoNZcynFBWKjEXsnIO8nkjk; path=/; domain=.tribalfusion.com; expires=Wed, 14-Jul-2021 16:07:46 GMT; SameSite=None; Secure; ANON_ID_old=aOnseFSyZaRGRT8vnQXfPm2VSnn5EuZcuJZdgNUm7crsZckrjfSrYQIsZcTMXdAbkI0qoNZcynFBWKjEXsnIO8nkjk; path=/; domain=.tribalfusion.com; expires=Wed, 14-Jul-2021 16:07:46 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0977e2ef0d00002bc21829e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64066dc4e9dd2bc2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 15 Apr 2021 16:07:46 GMT
content-type
text/html
set-cookie
__cfduid=d4f1d7bafb21deb907b00de2af1b09ed91618502866; expires=Sat, 15-May-21 16:07:46 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aMnoeUR3YWy7UXuTwbOHMRP9beNTFVFEFrZdJAAx5; path=/; domain=.tribalfusion.com; expires=Wed, 14-Jul-2021 16:07:46 GMT; SameSite=None; Secure; ANON_ID_old=aMnoeUR3YWy7UXuTwbOHMRP9beNTFVFEFrZdJAAx5; path=/; domain=.tribalfusion.com; expires=Wed, 14-Jul-2021 16:07:46 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
156
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
0977e2ee6a00002bc2e492a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64066dc3df772bc2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 6DA0
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=acpcSAuIR0TY&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=acpcSAuIR0TY&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=9346874&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PUBMDCID=3; KRTBCOOKIE_1101=23040-6951416869364627596; KRTBCOOKIE_218=22978-YHhkzQAAHM8Z2QAC&KRTB&23194-YHhkzQAAHM8Z2QAC&KRTB&23209-YHhkzQAAHM8Z2QAC&KRTB&23244-YHhkzQAAHM8Z2QAC; KRTBCOOKIE_391=22924-1095297685178457468&KRTB&23263-1095297685178457468; KRTBCOOKIE_22=14911-7717423280491194807; KRTBCOOKIE_1074=22956-e_4b3de8f1-b43a-4547-ab27-2a8351227b97; KADUSERCOOKIE=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8; KRTBCOOKIE_377=6810-a6429d93-482e-44a2-98c9-d29478d6992a&KRTB&22918-a6429d93-482e-44a2-98c9-d29478d6992a&KRTB&23031-a6429d93-482e-44a2-98c9-d29478d6992a; KRTBCOOKIE_27=16735-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&16736-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&23019-uid:00ff6078-64cb-4100-85b9-f50803ea647b&KRTB&23114-uid:00ff6078-64cb-4100-85b9-f50803ea647b; KRTBCOOKIE_466=16530-0f091c0a-3530-4dd1-95fd-89ada1c252e2; KRTBCOOKIE_1235=23226-4531f30c-5ec6-477a-9cea-f5e2f017dfa1-tuct771ea4e:$UID; KRTBCOOKIE_409=22966-90aJiChWHotz8CHBPo3SWpYH; KRTBCOOKIE_57=22776-4462823264694872990; KRTBCOOKIE_80=16514-CAESEOtHYelNZzNgKpg2hqL4XL8&KRTB&22987-CAESEOtHYelNZzNgKpg2hqL4XL8&KRTB&23025-CAESEOtHYelNZzNgKpg2hqL4XL8; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_699=22727-AAE2iU7A8MoAACpu2PriFQ; SPugT=1618502864; chkChromeAb67Sec=3; DPSync3=1619654400%3A226_221_201_227; SyncRTB3=1619740800%3A35%7C1619308800%3A63%7C1621036800%3A203%7C1619654400%3A56_55_176_78_21_161_88_204_231_220_3_71_7_166_13_22_81_189_5_230_54_8_165_222%7C1619049600%3A67_223_15_2; KRTBCOOKIE_153=1923-89dK-PPTGfLo30yi8tRQ8_HWTvPo1x_38NfpwH4e&KRTB&19420-89dK-PPTGfLo30yi8tRQ8_HWTvPo1x_38NfpwH4e&KRTB&22979-89dK-PPTGfLo30yi8tRQ8_HWTvPo1x_38NfpwH4e; PugT=1618502866
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:46 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 16:07:46 GMT; path=/
X-lat
lhrpug003:0:612
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-7c488d4f5b-wpqj7
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=acpcSAuIR0TY&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 327D
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
58 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=9346874&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 15 Apr 2021 16:07:46 GMT
via
1.1 varnish
x-served-by
cache-hhn11537-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1618502867.683742,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 15-Apr-2022 16:07:46 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1d5a4d6c-3894-4d6a-a4a1-fd67d7f3aacd-tuct771ea4f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Thu, 15 Apr 2021 16:07:46 GMT
via
1.1 varnish
x-served-by
cache-hhn11537-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1618502867.565994,VS0,VE67
x-vcl-time-ms
67
content-length
0
141
match.deepintent.com/usersync/ Frame 3BF1 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=9346874&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Thu, 15 Apr 2021 16:07:46 GMT
server
b
check
pixel.tapad.com/idsync/ex/receive/ Frame 4467
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
154 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=9346874&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1618502866643; TapAd_DID=b7d8d233-9e04-11eb-8555-f6e4a19aaf0f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 15 Apr 2021 16:07:46 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Thu, 15 Apr 2021 16:07:46 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1618502866643;Expires=Mon, 14 Jun 2021 16:07:46 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=b7d8d233-9e04-11eb-8555-f6e4a19aaf0f;Expires=Mon, 14 Jun 2021 16:07:46 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame EC4E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qGMZEBpu1Lx4wW5&gdpr=0&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qGMZEBpu1Lx4wW5&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=9346874&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_57=22776-4658588479070967429; PugT=1618502866; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEJZ72zmsiULydp_pR8C5VsI&KRTB&22987-CAESEJZ72zmsiULydp_pR8C5VsI&KRTB&23025-CAESEJZ72zmsiULydp_pR8C5VsI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 15 Apr 2021 16:07:46 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:qGMZEBpu1Lx4wW5; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 16:07:46 GMT; path=/ PugT=1618502866; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 15-May-2021 16:07:46 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 16:07:46 GMT; path=/
X-lat
lhrpug008:0:348
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Thu, 15 Apr 2021 16:07:46 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qGMZEBpu1Lx4wW5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-09324c87255a730c5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=qGMZEBpu1Lx4wW5; Domain=.w55c.net; Expires=Sun, 15-May-2022 16:07:46 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sat, 15-May-2021 16:07:46 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 72B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fj3KoiErQuWHc7niRgvy-A%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=66408
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Fri, 16 Apr 2021 10:34:34 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 72B2 		95 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
64066dc41df31752-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0977e2ee92000017525a8c4000000001
info
uipglob.semasio.net/pubmatic/1/ Frame 72B2 		42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:44 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 72B2
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8&addseg=21
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8&addseg=21
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:47 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Thu, 15 Apr 2021 16:07:46 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8&addseg=21
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
sync
x.bidswitch.net/ul_cb/ Frame 72B2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ums.acuityplatform.com/bum?tpid=29&uid=fa59da56-e24a-42e1-89ef-befa1f2b7151&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=573298112785&expires=30&user_group=1&ssp=Pubmatic
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=236&user_id=573298112785&expires=30&user_group=1&ssp=Pubmatic
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=236&user_id=573298112785&expires=30&user_group=1&ssp=Pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.172.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=236&user_id=573298112785&expires=30&user_group=1&ssp=Pubmatic
date
Thu, 15 Apr 2021 16:07:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
7E3DCAA2-212B-42E5-8773-B9E2460BF2F8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 72B2 		43 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7E3DCAA2-212B-42E5-8773-B9E2460BF2F8?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 16:07:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 72B2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZiuAlrpE2uUscgm87819cH4cT2nrk2M-~A&gdpr=0&gdpr_consent=
0
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZiuAlrpE2uUscgm87819cH4cT2nrk2M-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Thu, 15 Apr 2021 16:07:46 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Thu, 15 Apr 2021 16:07:46 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZiuAlrpE2uUscgm87819cH4cT2nrk2M-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 72B2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7882678080082226794&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7882678080082226794&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:47 GMT
X-lat
lhrpug013:0:414
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7882678080082226794&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 15 Apr 2021 16:07:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 72B2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHhk0gAAHn9HMgBg&gdpr=0&gdpr_consent=&_test=YHhk0gAAHn9HMgBg
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHhk0gAAHn9HMgBg&gdpr=0&gdpr_consent=&_test=YHhk0gAAHn9HMgBg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 16:07:47 GMT
X-lat
lhrpug012:0:554
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618502867.078925,VS0,VE0
x-served-by
cache-hhn4072-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHhk0gAAHn9HMgBg&gdpr=0&gdpr_consent=&_test=YHhk0gAAHn9HMgBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 72B2 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7E3DCAA2-212B-42E5-8773-B9E2460BF2F8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 16:07:46 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 72B2 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155495&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Thu, 15 Apr 2021 16:07:47 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/de8d3c3f-602a-4921-94f6-6c06fb8d9728/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 15 Apr 2021 16:07:48 GMT
content-length
0
vary
Origin
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 15 Apr 2021 16:07:48 GMT
content-length
0
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prg.smartadserver.com
URL
https://prg.smartadserver.com/prebid/v1
Domain
prg.smartadserver.com
URL
https://prg.smartadserver.com/prebid/v1
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=27&uid=6e6204e5ca60dc41f216a9e2&gdpr=1&gdpr_consent=
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_4b3de8f1-b43a-4547-ab27-2a8351227b97&obuid=ENC(Z1Fnu1hSrhW8g60fwFdQrMJg6z3mSQzXljiCviAjNOg_22YxzImEbUiHYVYGzmFn)

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| OneSignal object| _sf_async_config object| gptadslots object| googletag object| __connect function| $ function| jQuery object| webpackJsonpnewsletter object| _cb_shared object| ggeac object| google_js_reporting_queue object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| scCGSHMRCache object| regeneratorRuntime object| _cbm object| gaplugins function| globalYellowInstance function| define object| gaGlobal object| gaData object| $mcSite function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id function| setImmediate function| clearImmediate object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| cintvls object| google_image_requests object| avntsWebpackJsonp number| avnts_player object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| com function| _avcp object| storageAni

9 Cookies

Domain/Path Name / Value
.themoscowtimes.com/ Name: _dc_gtm_UA-4186815-1
Value: 1
.themoscowtimes.com/ Name: _gid
Value: GA1.2.2141527805.1618502858
.themoscowtimes.com/ Name: _ga
Value: GA1.2.2122645519.1618502858
.themoscowtimes.com/ Name: _fbp
Value: fb.1.1618502858012.830181732
.themoscowtimes.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
www.themoscowtimes.com/ Name: _cb_svref
Value: null
www.themoscowtimes.com/ Name: _cb
Value: 4WgjD-Lsi2C8Y6VZ
www.themoscowtimes.com/ Name: _chartbeat2
Value: .1618502857873.1618502857873.1.1hukIBc-WOhB8EGSZgCPWGBIyUF9.1
www.themoscowtimes.com/ Name: _cb_ls
Value: 1

6 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=3028801618502858554(Line 30)
Message:
%c [object HTMLImageElement]
console-api log URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9401371618502858550(Line 30)
Message:
%c [object HTMLImageElement]
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.themoscowtimes.com/2021/04/15/explainer-why-is-the-us-sanctioning-russia-and-what-impact-will-it-have-a73607
console-api log URL: https://likevertising.com/async_usersync?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=8239531618502858817(Line 6)
Message:
element .item-label-href arrived

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02fe63a02ac48c7c2ed21fbd1088323d.safeframe.googlesyndication.com
2835a58e821ed6e5b685ccc18ed52a30.safeframe.googlesyndication.com
977a1f8f642d509cb92dda88d9e161c6.safeframe.googlesyndication.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.adaptv.advertising.com
ads.creative-serving.com
ads.playground.xyz
ads.projectagoraservices.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adservice.google.pl
ampcid.google.com
ampcid.google.de
aorta.clickagy.com
ap.lijit.com
aud.pubmatic.com
avm.avantisvideo.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
bttrack.com
c1.adform.net
cdn-adtrue.com
cdn.adtrue.com
cdn.ampproject.org
cdn.avantisvideo.com
cdn.onesignal.com
cdn.taboola.com
cdn1.avantisvideo.com
ce.lijit.com
chimpstatic.com
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
code.jquery.com
connect-metrics-collector.s-onetag.com
connect.facebook.net
content.avantisvideo.com
cookie-matching.mediarithmics.com
creativecdn.com
cs.emxdgt.com
d.turn.com
d5p.de17a.com
data.adsrvr.org
dis.criteo.com
dsp.adfarm1.adition.com
e1.emxdgt.com
eu-u.openx.net
events.avantisvideo.com
exchange.adtrue.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
go1.aniview.com
googleads.g.doubleclick.net
green.erne.co
gslbeacon.lijit.com
gum.criteo.com
hb.adpone.com
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
likevertising.com
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mwzeom.zeotap.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
play.aniview.com
player.aniview.com
player.avplayer.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
projectagora-483829-hdb.adomik.com
projectagora.net
projectagoralibs.com
ps.eyeota.net
pubmatic-match.dotomi.com
pxdrop.lijit.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.c.appier.net
s.tribalfusion.com
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
static.avantisvideo.com
static.chartbeat.com
static.criteo.net
static.themoscowtimes.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tag.1rx.io
tg.socdm.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
vap6ams1.lijit.com
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.themoscowtimes.com
www.who.int
x.bidswitch.net
pixel-us-east.rubiconproject.com
prg.smartadserver.com
sync.outbrain.com
ums.acuityplatform.com
104.111.233.227
108.129.18.26
124.146.215.44
13.225.87.28
141.226.228.48
142.250.185.66
142.250.74.194
151.101.113.108
151.101.114.49
154.59.122.79
159.253.128.183
169.197.150.7
172.105.221.29
178.250.2.131
178.250.2.151
178.62.202.251
18.158.182.200
18.185.0.221
18.185.192.106
18.185.197.81
18.192.15.110
18.195.155.181
18.206.143.246
185.184.8.30
185.29.133.199
185.64.189.112
185.64.189.114
185.64.189.216
185.64.189.249
185.64.190.78
185.64.190.80
185.86.137.131
185.94.180.124
192.132.33.46
193.0.160.128
193.122.130.38
198.148.27.140
199.232.137.44
2.16.107.18
2.18.233.180
2001:4de0:ac18::1:a:1b
2001:678:cb4:bbbb::11
213.155.156.185
213.19.147.150
213.19.147.151
213.19.147.210
216.52.2.19
216.52.2.30
23.111.9.35
23.32.243.206
23.55.110.204
2600:9000:20e8:6600:18:1fcd:34e:d2a1
2606:4700:10::ac43:607
2606:4700:10::ac43:db6
2606:4700:20::681a:a19
2606:4700:20::ac43:4a81
2606:4700:3035::6815:2f1c
2606:4700::6811:70bc
2606:4700::6812:c05
2606:4700::6812:e134
2606:4700:e0::ac40:6e08
2606:4700:e0::ac40:6f04
2607:f8b0:4004:807::2002
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c1b::9c
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:120::211:78e9
2a02:26f0:6c00::210:ba12
2a02:26f0:6c00::210:ba1a
2a02:26f0:6c00::210:bb91
2a02:26f0:7100:1b6::2c79
2a02:fa8:8806:12::1400
2a03:2880:f013:d:face:b00c:0:3
2a03:2880:f113:81:face:b00c:0:25de
2a04:4e42:1b::714
3.126.56.137
3.127.178.105
3.219.93.236
3.225.15.51
34.251.130.56
34.253.109.165
34.98.107.212
35.158.172.137
35.166.225.195
35.168.104.13
35.174.135.52
35.201.96.126
35.210.239.72
35.210.53.219
35.227.248.159
35.244.159.8
37.157.2.236
37.252.172.38
37.252.173.27
46.228.164.13
51.75.15.106
51.89.20.87
52.209.7.203
52.215.237.248
52.28.254.214
52.37.176.195
52.57.243.4
52.72.174.10
52.95.118.60
54.154.158.183
54.214.163.233
54.234.118.98
63.251.232.170
64.202.112.159
65.9.66.84
66.155.71.149
69.173.144.139
69.173.144.140
77.243.60.138
85.114.159.118
94.23.171.206
95.215.189.11
95.215.189.12
99.83.181.31
99.84.156.117
99.84.156.122
99.84.156.3
99.84.156.48
04b24cc75d726600ecd77219c27bcba8a1e4d100c3dd411a2ea30e0167b414ee
04f0ae81b59effb69993db3673a80a0b15d9f919f3df2a630b36dd81460721a1
0a3ccdc2e37592452acf2a9542e98903fa5fd0780f8467df3c63ef5f7755c5a6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0e8c6fdc527e520487e90b0bc954267fe827c1bc09614da1e734b5783c15f693
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
11929204b9545484296628ec21d9b5f416e6a5eee4ae52927f6ba2d3ec64520b
13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90
183b3328288a687248f1ac3a87bccec303b628997bec28100ef0034366a193ca
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19d369fff4dc6ddd8e43c287f018fbf87cd4ae2f987080df89dea5967f2838f6
1b74fc3666be448b57191d1b21d896316748bd0b311eb01e344f2f90d8237954
1be60b5a71bfa25af7110940b8d511410b158a723d455f72dd7c4ad89b674d68
1c4c5f95ac39592247ba98f6be4c5124d948da7e1ec8210c0e26ec1ad0b9c87f
1cfee043979f75654901789b9c10ded17e85982acd6a66e21614c36949d85fc6
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
206bf243e0b1ba7ef7435675de712d76c920dc8b2f1c6799f1ba89d2986e2e20
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
226215b1b2658cf385937e2935524a1a926c0f8ca7ff6ce21b09ef7f3de61f20
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
234d48220a4763b35e1ad644dba7c68f5119ce179153535f60a20297f3558caa
236ddfb4c7ba17cb430dd68df496bb75143ccfc0a178367056b35605ef0160a0
251117e0b7ab6fab6a206a2f30abaee6cb60b5e88e5aa8c213dff426c0131e48
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269eb85c158413a8e1c036fc2f3aa2360f35cdc4999234028be80b94e9ec2389
26b4e73ffd535f79b0a83d7f845e10a5f90848743309f0dfa61f214bf4cb0410
29bdcf9b0e0ef668ecf8a3cace6a54c949a2a1ef20a93ea04b88728ed190a9f8
2b9984e4598bd8474271eb63089a18a228385230df78d0943789cbf30067bccf
2d2fd5c206948b85731f955339475f7324634c77e329df40d4e5081cd717862f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34b165d9cdfcd24c7b73f0c195f1d87607224bddf3131eecc013c5c7bd6e178c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36177f96b96ff11c802d5ae7813f3a35c9e1f25d4133e92ba4fba6d80c4d6baf
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38ca5bb466ab20bdcc8e3c25703c5a703f65708d6b122ad591da50a987a416c8
3b2738076279a02dfda00b02f8ee435e9cebb77b535a6b9dfe21b5523a5cde08
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eadaff3c3d89ebf2637205f2b04ff72fd17626274cc120f663c5b5d2c4b97b1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038
3fd54b4388f4d46c57f1ea0452307f0b54841d4e3ca1320a0408da973765acdc
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
42a2dfdd25e18def68333ed214a93ad8d514eb9de89064ee93b368f8d082d943
431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e
435fce0c565a910b4c89789482dbd05452bd867bf5a497a253b4d74f65cc8793
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629
4663ab292093f1473e98233fed0c2390c3466d19833603e6354f4d3d067065cb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4d5e8667edc2c8b5f448fdd68f3305b070e34b7ef53bd3c2ae60c5c0d4d6985b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e34610f5a0a557d77aa519657a091b85d3331bce138acfec741202f1a9a4859
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f4e876999364c8ee0d92070fa9fd53487079f9b05852cb7f0083f9759c61185
4f5ebf864c44278b720f67481dee547d7d65f1f63906ad836c3157b6d3d09fc0
518b76ad95502ba636b444205d27674749f915eb19173e249ce44ff64871a9cd
51d2ca3e2554c558c0638095a604a4a3cdc1a914ca9a5f0ace149245b76804c3
52b5333331d3d0a43ed43e779f2885d37d0ac62af22b15988a4fda90bee8a6ca
5325781b1a73ef6f6d0b3e0b9eea6503d647a60400f4951e0eaf566de60fa21f
53bfa8917121f9afec4c3c0a3ff270c81a8d90116c720adc7dcbfc9c7fc497ae
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56b6c683af43ba8e6ffe99d52fb35f9932c9a409493ed46eb40fd6e696fa24f0
582f12576639581f59fe7f9348c7437a025b96f469ef18da0afcc89783a1cfc7
58314e3fda02e5543d16c3f5301a5b24267c27a8dc80e1130b7f2f367e217527
58d161230565c03be873118b031f8c71008ae636357dbf65c5bf2a0c95a0cf90
592e6151235c518829bb5f95476ef30fd3371e65513dd5142665dea292beb1dc
5af48986a5dc10670cc6f4c69c96555b0c28515cb6d52f9e8ee5a4ecfad2674d
5c1c30811521e2a8e3f1f66d6e550b2d48a250cd11b81223180c9b3fb2f29c3b
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5e20480a6db05edcb97721f4b34f3ab0f7d7ad532dedc10d3da60b2b7a29810b
5e99d74099ae4fae91197bab22db6eed8d45ff5943038978d542a3649c5a6457
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235
634dd91458544691251bae12100517f9ed0792d901be6d537b1da0ad8703c0f0
63cf17777eabe94ea1dacaf9cd2edd1e562f2ea752aa9360b522b1db128e41f4
6699654f54ef8aac4a5cb821dc21fd2bc3fd5266abf7373859d0c3b4235253ef
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6a44adae82a577111a4db7ae22090f499a0db93fea35186ad6bfbedafc8e4465
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae86cd94a73128274286ed932f05602f19ee7ad9d1af92d4a3b58f9774a9bfc
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6ef661a7a13e747575b380cc11d6ba532098d100611e3aa7cf1cdef8535a33a8
6f6c910971dd5b42c99835ff5e3d6dcdba3eb9735368bfbefdeeab88c45d5abc
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
706f2859ab8219f2253ca9574296d2797c3d63287b7786d861d71a2def8ab26a
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
7556de5c323364dea5dd5fe782dddeb9fe1686dcb25ea6b2f00abd60d7f7368b
75bda79381d0f3e8fef483deb525dbbb64997a751a33e3901f3e62bc555501df
77624c129e78ead8e8729c795ddf069248873e6436881e4ce54372c842b90b9b
77df43ae55217a813e454dc4c2150a09133150cd50a33de0603623c15966d57b
7cbcd2ca3f23fb96debbd6ac83e3eb9a45bbe793d205b78c0c7d8b26ae8fc604
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80d0a278e7a208ae2bd234aafcbdece69e63c9bf11e800d0ab5fa3c82176cf2c
8131304acd451d215aca437deaf4c49f2eba153c7ee2f8f1ae264259d573e225
81c6252fcdefa91de8fe4774beb814434f984e06563ffe512fc9ee24b75c4afc
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86fcf33dad06e2c94c8b6d0800075eeb09a286c01837329da371da7d859dabf8
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f886d768ffdd37ab70cdba442ba7564cde648fd5dbe337c424bc0668800da64
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
9338eb6ad8a3545a6f38b86db25299e63ac8f1f9ba3f2ffa86d76d3f67abf76a
94f5cda81f68f1844062663655ea584aafcb3e86e5eb6c668220b9d1ed32e39c
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ddca568ff519cd935a816baec6f7bfce459656ec5022ec2ba6a6225891022eb
9e187dfd6bb0e777360c81c9b81bc219d946374a2d3ef4cf3568977e5b4fec08
9fe24a2397a0d32da09b39ce206a71135e1ad681272cf1955f7711565ff7f419
a038ae2dc667c2b3d7964626a2289136579dec16c427521ed36247fb623f8c2d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a21374a3f8e02566ede77b6371937fcf2869587e01b38389552193a4ff9ef56c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e865414004d708dead6c9b2a68312cec3df1151c9e2344f4854b075ae10242
a644390d96126d131ad2d9daa1a7953f5d3faf53e0b24a0d9e918b84703b1a18
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a86a8a62510fc21f54b9969285bc064698b8d5339d7265492995dd7faca45d6a
aaefa0119ba97e24147815602c2fa989f60bd3a861fa70c5309f3e842a5e35c9
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
afd1c1f9d92ef486428f1ee5c447cde0899638d5592faf1db8f4297fbc60bd1f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b
b54654d9006f14c2f336e72c56029a98c2eb6369c85a5aa0594d0b7c8dbc1a95
b5c9e4876832936836619c0b253bd8fd6c739560a6d5f287f51ac71b2edf7ae9
b5e79dfc3cc2e6761bd48ef732edccaa93e64b3e67837499a4dfc0a833e1ae5a
b80f9996f4ee83ac7e0cdc7b04f9e4150a90d41bbf901e7ea4a646d53f334a92
bab6f5488c2590937d75e8bd2123d8c7ce4bac9efac2aeb3c49233bc064701c1
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bcfd592fabb7a4441be50809247b946279fbcf03c730fd66b553a37f2ffb9174
bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d
bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649
c0ded025aa80c10d37920521c8de04536a6145d0e42eb4186c57b412fa50eb45
c15577ceeb31161c66bc1969e8cc695f061de962872a8c3f035580aec80246f7
c3570ae88476bb431d9f71bac86729278a3acc6eecdb7563b620203c43b4f632
c3e5a368da9dac220bf51ddb67f4e274d114bb6071d8f9460901b991e9b0b8a6
c4a860a38885b7b7b6536fd9394ff66499092b651f172b4ed01f2574f5c8322f
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c623e82418aeacccf4b6feed6c69d7aeab0f81ae791e91eb448b8f61a50671c7
c7a91e8ae78a2017b775f76cad66241ca3c2728228866622dc90cad71144e245
c8e578a150f241f400536783c6dae03df92f2f92776b8c87cbdef59144dcb0ce
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbcac3c98cf9658fbaa2ccbd75656668ed9338059ce94fac4b50c48c10f3e90e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd88e10d158ea10eacf7ed3099428e31b980b61386aac3ea56e0fe915691a459
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d04e1b523b6859a23df2b817c52f57807d168e5be2a36d4cf839f22483eadbb6
d471fca96620458724db33f0271e221a6117003d4ffb473a472046cff5eae2b8
d4bbadb02b3e9b2acfbb98b995dd69ae411019815c85d5ae1b06efffc9721e4c
d5295c97529e9d7a0304c2e17eae16173ea2417661479ff80b35da151390fbbf
d7032bca089ded934885262dd86ef3b6381b6a039f00f7644b8699864e995374
d72383943dcb17a866117a8a638e54e5c88cdf6527212d662b255686d1f507a0
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
dadc9f0a4dca0fa168d74b72947308f9c1d2986bcb16626d68fb8fbe83969fcc
de878ac09635910d6fdc776b259330509502e11a42aee1881a73a59d491e0000
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
e2f8cd876768e15cdc9167bdff85d98e23c6e419c33df986cb91678613e542e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43e061c6100d6a01b6ffbd122023100cce78ac39cce419887df22e209ce3807
e594c12dd290f3f33452c1709c242b6d4fed04ba028e5a47d0856a766ebd9be8
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ebb9ccd7e633b6add76b5839940681d91b486e8e37f8e9a4709f15904b768175
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b3e556c347b4b792d6a6216a3a90c461175d0e3d41c4b60079e4201eb33dd3
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f8ca71efa8f9823626b975330f1cd7dde8163230fba36ba1ccf8bf9182ea46cb
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f
f9b0195ab22815c68db0b05e89abfc88fcb0b46b8b9a28d70ca731f17e07053e
faa29af882ddfc0fc714ab1287771fe2d94452b0ed1d6c5d8fc830312860f52e
fae6da6065d3dc40129e76b38b29922e9f32cb683c1eea074dd004ae0c42329a
fc8910a12a56baa8d399a29ea83ff9d09e9326cd7a38be03892a0333df79c931
fcfb2967769ae00c7c9024bf6d7765adb7aa7bea15db5a9b3c3213ba45b92907
feea4902784ecb3c8c5e08477106ca21ec77628933e61f6f69456f97d20e4d73