www.rt.com Open in urlscan Pro
2604:9a00:2100:a017::179 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Submission: On August 10 via api (August 10th 2021, 3:36:40 pm UTC) from US

Summary HTTP 266 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 66 IPs in 10 countries across 50 domains to perform 266 HTTP transactions. The main IP is 2604:9a00:2100:a017::179, located in United States and belongs to LEASEWEB-USA-WDC, US. The main domain is www.rt.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on May 11th 2021. Valid for: a year.

This is the only time www.rt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2604:9a00:210... 2604:9a00:2100:a017::179	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
44	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	() ()
2 3	2606:4700::68... 2606:4700::6810:7caf	() ()
1 2	2a02:6b8::1:119 2a02:6b8::1:119	() ()
3	2a00:1450:400... 2a00:1450:4001:80f::200e	() ()
1	2a00:1450:400... 2a00:1450:4001:800::2003	() ()
36	151.101.13.44 151.101.13.44	() ()
1	2a00:1450:400... 2a00:1450:4001:802::2003	() ()
1 4	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	185.79.236.168 185.79.236.168	200928 (RTTV) (RTTV)
2	151.101.13.181 151.101.13.181	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::2004	() ()
1	2a00:1450:400... 2a00:1450:4001:82f::2003	() ()
15	136.243.217.162 136.243.217.162	24940 (HETZNER-AS) (HETZNER-AS)
2	13.224.96.76 13.224.96.76	16509 (AMAZON-02) (AMAZON-02)
1 8	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 3	54.192.219.37 54.192.219.37	() ()
2	2606:4700:20:... 2606:4700:20::681a:274	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.204 88.212.201.204	() ()
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
8	18.224.231.234 18.224.231.234	16509 (AMAZON-02) (AMAZON-02)
12	13.224.96.37 13.224.96.37	16509 (AMAZON-02) (AMAZON-02)
4	136.243.42.249 136.243.42.249	24940 (HETZNER-AS) (HETZNER-AS)
2	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
6	13.224.92.56 13.224.92.56	16509 (AMAZON-02) (AMAZON-02)
13	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
9	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400f:807::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	65.9.71.76 65.9.71.76	16509 (AMAZON-02) (AMAZON-02)
2	52.84.45.48 52.84.45.48	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.135.226 185.29.135.226	() ()
1 1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	() ()
3 3	37.157.6.247 37.157.6.247	198622 (ADFORM) (ADFORM)
2 3	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
7 15	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.110 185.64.189.110	() ()
2 4	141.226.228.48 141.226.228.48	() ()
1 2	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1	185.86.139.89 185.86.139.89	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.195.155.181 18.195.155.181	() ()
1 1	178.250.2.151 178.250.2.151	() ()
3 3	3.126.15.128 3.126.15.128	16509 (AMAZON-02) (AMAZON-02)
1 1	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
2 2	18.195.66.88 18.195.66.88	16509 (AMAZON-02) (AMAZON-02)
1	75.101.244.20 75.101.244.20	14618 (AMAZON-AES) (AMAZON-AES)
3 4	13.248.245.213 13.248.245.213	() ()
2	2a00:1450:400... 2a00:1450:4001:80e::2002	() ()
3 5	2.18.234.21 2.18.234.21	() ()
3 4	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a04:4e42:3::300 2a04:4e42:3::300	() ()
2	142.250.186.34 142.250.186.34	() ()
1	2a00:1450:400... 2a00:1450:4001:830::2006	() ()
1	141.226.224.32 141.226.224.32	() ()
1 2	2606:4700::68... 2606:4700::6812:c05	() ()
1	66.155.71.149 66.155.71.149	() ()
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	13.32.22.75 13.32.22.75	() ()
2	54.192.216.62 54.192.216.62	() ()
266	66

6 2604:9a00:2100:a017::179 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)

www.rt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdnen.rt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdni.rt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7caf (United States) 2 redirects

ASN- ()

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN- ()

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 151.101.13.44 (Frankfurt am Main, Germany)

ASN- ()

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c3.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.79.236.168 (Russian Federation)

ASN200928 (RTTV, RU)

nbc.rt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
socialstat.rt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN- ()

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 136.243.217.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mixi1-1.sfa50.mixi.media

mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
target.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static3.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static7.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static4.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static5.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static8.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static1.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.96.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-76.zrh50.r.cloudfront.net

w.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

ruptly-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.192.219.37 (United States) 1 redirects

ASN- ()
PTR: server-54-192-219-37.mrs52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:274 (United States)

ASN13335 (CLOUDFLARENET, US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN- ()
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.224.231.234 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-224-231-234.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.224.96.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-37.zrh50.r.cloudfront.net

widget.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.42.249 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sm-server1-1.sfa51.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.92.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-92-56.zrh50.r.cloudfront.net

api-widget.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.71.76 (United States)

ASN16509 (AMAZON-02, US)

wave.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.84.45.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-48.mrs52.r.cloudfront.net

i1.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.226 (United Kingdom) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN- ()

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.247 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.98 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands) 2 redirects

ASN- ()

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN- ()
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.15.128 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-15-128.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.252.78.131 (United States) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.66.88 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-66-88.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.101.244.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-244-20.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.248.245.213 (United States) 3 redirects

ASN- ()
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN- ()
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.13 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::300 (United States)

ASN- ()

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN- ()
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN- ()

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom)

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.75 (United States)

ASN- ()
PTR: server-13-32-22-75.fra56.r.cloudfront.net

context.iris.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.216.62 (United States)

ASN- ()
PTR: server-54-192-216-62.mrs52.r.cloudfront.net

l9bjkkhaycw6f8f4.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	rt.com www.rt.com cdnen.rt.com nbc.rt.com socialstat.rt.com cdni.rt.com	737 KB
44	taboola.com 2 redirects cdn.taboola.com trc.taboola.com il-trc-events.taboola.com sync.taboola.com sync-t1.taboola.com match.taboola.com pips.taboola.com cds.taboola.com images.taboola.com 15.taboola.com vidstat.taboola.com imprammp.taboola.com c3.taboola.com	813 KB
30	doubleclick.net 7 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	207 KB
23	googlesyndication.com pagead2.googlesyndication.com 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com tpc.googlesyndication.com	585 KB
21	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com vid.connatix.com img.connatix.com	1 MB
16	sndcdn.com widget.sndcdn.com wave.sndcdn.com i1.sndcdn.com	790 KB
15	mixi.media mixi.media static.mixi.media target.mixi.media static3.mixi.media static7.mixi.media static4.mixi.media static5.mixi.media static8.mixi.media static1.mixi.media	190 KB
10	soundcloud.com w.soundcloud.com api-widget.soundcloud.com l9bjkkhaycw6f8f4.soundcloud.com	15 KB
8	openx.net 1 redirects ruptly-d.openx.net eu-u.openx.net us-u.openx.net u.openx.net	59 KB
6	google.com www.google.com adservice.google.com	1 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	3lift.com 3 redirects eb2.3lift.com	2 KB
4	googletagservices.com www.googletagservices.com	127 KB
4	googleapis.com imasdk.googleapis.com	690 KB
4	stat.media stat.media	29 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	adform.net 3 redirects c1.adform.net	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	unpkg.com 2 redirects unpkg.com	4 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	rubiconproject.com 1 redirects pixel.rubiconproject.com	700 B
2	google.se adservice.google.se	975 B
2	2mdn.net s0.2mdn.net	101 KB
2	tns-counter.ru 1 redirects www.tns-counter.ru	704 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	tru.am tru.am beacon.tru.am	11 KB
2	perfectmarket.com widget.perfectmarket.com	32 KB
2	gstatic.com fonts.gstatic.com	34 KB
2	yandex.ru 1 redirects mc.yandex.ru	840 B
1	iris.tv context.iris.tv	578 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	584 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	postrelease.com jadserve.postrelease.com	427 B
1	clientgear.com 1 redirects event.clientgear.com	262 B
1	criteo.com 1 redirects dis.criteo.com	568 B
1	emxdgt.com e1.emxdgt.com	59 B
1	smartadserver.com rtb-csync.smartadserver.com	697 B
1	contextweb.com bh.contextweb.com	406 B
1	pubmatic.com simage2.pubmatic.com	546 B
1	quantserve.com 1 redirects pixel.quantserve.com	498 B
1	mathtag.com 1 redirects sync.mathtag.com	599 B
1	google.de www.google.de	107 B
1	googletagmanager.com www.googletagmanager.com	50 KB
0	netmng.com Failed google2waycm.netmng.com Failed
0	tapad.com Failed pixel.tapad.com Failed
266	50

	Domain	Requested by
35	cdnen.rt.com	www.rt.com cdnen.rt.com
15	cm.g.doubleclick.net	7 redirects eu-u.openx.net googleads.g.doubleclick.net 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
14	pagead2.googlesyndication.com	srcdoc securepubads.g.doubleclick.net tpc.googlesyndication.com 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
13	images.taboola.com	www.rt.com vidstat.taboola.com
12	widget.sndcdn.com	w.soundcloud.com widget.sndcdn.com
9	vid.connatix.com	cd.connatix.com
9	cdni.rt.com	www.rt.com
9	cdn.taboola.com	www.rt.com cdn.taboola.com
8	securepubads.g.doubleclick.net	cd.connatix.com securepubads.g.doubleclick.net www.rt.com www.googletagservices.com
8	capi.connatix.com	cd.connatix.com
7	tpc.googlesyndication.com	www.rt.com securepubads.g.doubleclick.net tpc.googlesyndication.com 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com googleads.g.doubleclick.net
7	mixi.media	www.rt.com static.mixi.media
6	api-widget.soundcloud.com	widget.sndcdn.com
6	trc.taboola.com	cdn.taboola.com
6	www.rt.com	www.rt.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	eb2.3lift.com	3 redirects
4	www.googletagservices.com	securepubads.g.doubleclick.net 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com www.rt.com
4	eu-u.openx.net	1 redirects ruptly-d.openx.net eu-u.openx.net
4	adservice.google.com	imasdk.googleapis.com securepubads.g.doubleclick.net
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	stat.media	mixi.media stat.media
3	x.bidswitch.net	3 redirects
3	match.adsrvr.org	2 redirects eu-u.openx.net
3	c1.adform.net	3 redirects
3	sb.scorecardresearch.com	1 redirects cdnen.rt.com www.rt.com
3	www.google-analytics.com	www.rt.com www.google-analytics.com www.googletagmanager.com
3	unpkg.com	2 redirects www.rt.com
2	l9bjkkhaycw6f8f4.soundcloud.com	widget.sndcdn.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	googleads.g.doubleclick.net	459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com www.rt.com
2	rtb.mfadsrvr.com	2 redirects
2	sync-t1.taboola.com
2	ce.lijit.com	1 redirects
2	sync.taboola.com	2 redirects
2	pixel.rubiconproject.com	1 redirects
2	us-u.openx.net	eu-u.openx.net
2	i1.sndcdn.com	w.soundcloud.com
2	wave.sndcdn.com	widget.sndcdn.com
2	459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.se	securepubads.g.doubleclick.net
2	pubads.g.doubleclick.net	imasdk.googleapis.com
2	s0.2mdn.net	imasdk.googleapis.com 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
2	il-trc-events.taboola.com	www.rt.com
2	www.tns-counter.ru	1 redirects www.rt.com
2	counter.yadro.ru	1 redirects www.rt.com
2	w.soundcloud.com	cdnen.rt.com
2	www.google.com	www.rt.com tpc.googlesyndication.com
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	cds.connatix.com	www.rt.com cd.connatix.com
2	fonts.gstatic.com	cdnen.rt.com
2	mc.yandex.ru	1 redirects www.rt.com
1	context.iris.tv	www.rt.com
1	c3.taboola.com
1	imprammp.taboola.com	www.rt.com
1	15.taboola.com	cdn.taboola.com
1	dsp.adfarm1.adition.com	1 redirects
1	pixel-sync.sitescout.com	459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
1	s.tribalfusion.com	459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	jadserve.postrelease.com
1	u.openx.net
1	match.taboola.com
1	event.clientgear.com	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com
1	rtb-csync.smartadserver.com
1	bh.contextweb.com
1	simage2.pubmatic.com
1	static1.mixi.media	www.rt.com
1	static8.mixi.media	www.rt.com
1	static5.mixi.media	www.rt.com
1	pixel.quantserve.com	1 redirects
1	sync.mathtag.com	1 redirects
1	img.connatix.com	www.rt.com
1	static4.mixi.media	www.rt.com
1	static7.mixi.media	www.rt.com
1	static3.mixi.media	www.rt.com
1	target.mixi.media	www.rt.com
1	static.mixi.media	mixi.media
1	beacon.tru.am	tru.am
1	tru.am	cdnen.rt.com
1	ruptly-d.openx.net	cdnen.rt.com
1	socialstat.rt.com	cdnen.rt.com
1	www.google.de	www.rt.com
1	nbc.rt.com	cdnen.rt.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cd.connatix.com	1 redirects
1	www.googletagmanager.com	www.rt.com
0	google2waycm.netmng.com Failed	459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
0	pixel.tapad.com Failed
266	95

This site contains links to these domains. Also see Links.

Domain
arabic.rt.com
actualidad.rt.com
russian.rt.com
de.rt.com
francais.rt.com
rtd.rt.com
ruptly.tv
en.shop-rt.com
t.me
www.facebook.com
twitter.com
www.youtube.com
instagram.com
rumble.com
on.rt.com
popup.taboola.com
www.postfun.com
tmbvt.com
www.readbakery.com
www.topp5svenskadejtingsajter.se
swappie.com
thechefpick.com
mixi.media
soundcloud.com

Subject Issuer	Validity	Valid
*.rt.com GeoTrust RSA CA 2018	`2021-05-11` - `2022-06-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
mixi.media R3	`2021-06-13` - `2021-09-11`	3 months	crt.sh
*.soundcloud.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-13` - `2022-02-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2020-11-10` - `2021-12-12`	a year	crt.sh
*.sndcdn.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-13` - `2022-02-14`	a year	crt.sh
static.mixi.media R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh
stat.media R3	`2021-07-19` - `2021-10-17`	3 months	crt.sh
target.mixi.media R3	`2021-06-13` - `2021-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
iris.tv Amazon	`2020-10-10` - `2021-11-10`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Frame ID: 0BF480A4AE91ABD91E1A01D72F842A40
Requests: 157 HTTP requests in this frame

Frame: https://cds.connatix.com/p/126004/connatix.player.dc.js
Frame ID: 83E1A782DA9AD4C67E608CFC010F6114
Requests: 19 HTTP requests in this frame

Frame: https://w.soundcloud.com/player/?url=https://soundcloud.com/rttv/boom-bust-russia-forges-closer-us-oil-ties-inflation-gripping-china&show_artwork=true&color=%234ad71e
Frame ID: 36E7ABE7152F78732C290A367B2ACF5A
Requests: 15 HTTP requests in this frame

Frame: https://w.soundcloud.com/player/?url=https://soundcloud.com/rttv/dennis-miller1-dorinda-medley-on-her-new-book-make-it-nice&show_artwork=true&color=%234ad71e
Frame ID: D814060E0AE4C5CA6D487CBF0E54889A
Requests: 14 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Frame ID: 50DFC4778D06C77B753AB78F6672156F
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Frame ID: A17904D3FD4366F2D2BB9E6C77CFCD25
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Frame ID: D9DAB38AD73CC6362748B152CDB5A64C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E51F89AEC17CD605807E283F65AAB3ED
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 40A02B062B40CB7608F7388AB6ED53CA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3E566A71152B2DC77CF6508232DA0511
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c1d98d0a-607f-4bca-9cf1-6adad1eea8e3
Frame ID: A2D635A28BCD3A8945E58BF78BFC392A
Requests: 7 HTTP requests in this frame

Frame: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9514DE85D14B57C571EA9F08336A0420
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1RMQ3qIWU-Tp22ytC2WHmhz_XaKIrmAO6793xmS2WpyrM6HargojRQQL_XwKrJx54NJShflVSSLrs-5hsSuil2EirMtN2QdBS-zjWzUXTwoTIBozfM0IH4X8MAiARwkbxA8FFsumDuTBk8BlIY7OHzxwv3eQpWoa8Ah7WVTh1C1zvktYWmpFMFc6Fn9RDPvvs8FFB7URm95VPcmBjuOJU4Ox6EfcpHfUfTPKjieuIq4IgDPpj9t7pe7FpXfz5cm_5ajn5oFwophpWXiyigQ52ttQehrn6J7cVIkFhftWUhIxLWTMazLm_OAMpcn9DCEUIB2o4CBTwTdr0q9WlDReimAl_hiDFrFgmJVddPzzn8DsEIyRR3g&sai=AMfl-YTNLQvuMmQNYW9M2aKPhdAViDRcR1H3e1_HNIo48OihBN3OEtODA8bqultJCo9zLMgh-ZneSATx2O_MsIxCAxdsLCXXUxQ0CTiq8kkfsJFoIZ_2Xa7Za8lNW6rNqgcv&sig=Cg0ArKJSzGBT9oT9jyb6EAE&urlfix=1&adurl=
Frame ID: CA935FF1FC61BBA2CE3B8BFDE6FBC67C
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1BE207C54E5D55336B620088B9945468
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4A6332C74A2C641098FD5E473FC3E51F
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Frame ID: 6A89882BC681F6A1D76D5B3B43113B1E
Requests: 16 HTTP requests in this frame

Frame: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5552E3C12636E742046E51C6868AB1D3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2qIxC1myQYhu2GrwEwAQ&v=APEucNUbw9ybYR3urCqbKqmyfiKoJgUZuvRT0LfXv6DImwE9WaXs4B_iOO-x2Of_1OKHFa_bTSGkjJCkYzePVOMPKxDqn9N9WK7TX6s36qkMCeiqfmsP3ptj8ArEmFmWuFJOl7OPTqYmM-viLdLc7xHWYIIk9I6BZFemfKB2Mb2Cvna5VoNsubA
Frame ID: F67CF0B5C6A9ADACF277A7FF40C53ED3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 04309C365F6DE75FD17D2C6369FE12A3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A9FA41E20007BBB4CD88DC0B9BE13C43
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=6838976ADE40840782757999234&cicmp=1337627&cijs=1&dast=V7N4cCFgMXCHoGg06f_QQXCHoGg06f_QUAAAAGBugHGzbcDJe72YLEIg2Go8FuuFgMJ5PlaDNZTMFgC5_T3d2GCTSdDp_rXq_7_e6S013jd_vlAAAAAPAAQNQSDbHj29AeAQAAACDBM3KtQBFQ8W8hcAEAAACAAUAgFq4B4MxRUF6X5e8PAICHAhAAAAEMEgCBxMISAIe7xRMAAICDOpmnbZb_____GIC89yYZAIq0jRuDHoAHH4AHIQAAgIshtnVq8BHSU1SigtMiRgAAAABWamcKR5M6obKo-v___7cCuAIACNiDqV25yLo5KWYNAwAAABhboIfF7zc77Bq_22X__________2b_ZwBoQm0euGlBjlHsajwj1wprv4AAAGzvBgDwJgAXcwB2AAAAAHf_____eQAAAAZ7lGyv1Xj2KOt9Blv4nO7u-k3YYrSaTDbL4Wy5mAyGo-FotD8BXA5wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDREmVjabZ7KxrRU2m2MtWs1MbuFwYlurnIvNaDgyLFfLwVr0-piOg41lshvusQFnc8VgNlcMNnPFYJUAAAAAAAAAAJYwZd4EAAAA4DSI2Wyy26248WbPBLFWq2UNAAAAwK0bOQ!&excid=22&tst=1&docw=0&cs=false
Frame ID: 4EBD57DA586CA0F3554F059497232459
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

266
Requests

98 %
HTTPS

41 %
IPv6

50
Domains

95
Subdomains

66
IPs

10
Countries

5876 kB
Transfer

13638 kB
Size

6
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://arabic.rt.com/
Title: العربية

Search URL Search Domain Scan URL

URL: https://actualidad.rt.com/
Title: ESP

Search URL Search Domain Scan URL

URL: https://russian.rt.com/
Title: РУС

Search URL Search Domain Scan URL

URL: https://de.rt.com/
Title: DE

Search URL Search Domain Scan URL

URL: https://francais.rt.com/
Title: FR

Search URL Search Domain Scan URL

URL: https://russian.rt.com/inotv
Title:

Search URL Search Domain Scan URL

URL: https://rtd.rt.com/
Title:

Search URL Search Domain Scan URL

URL: https://ruptly.tv/
Title:

Search URL Search Domain Scan URL

URL: https://en.shop-rt.com/
Title: RT Shop

Search URL Search Domain Scan URL

URL: https://t.me/rtintl

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RTnews/

Search URL Search Domain Scan URL

URL: https://twitter.com/RT_com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCpwvZwUam-URkxB7g4USKpg?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://instagram.com/rt

Search URL Search Domain Scan URL

URL: https://rumble.com/c/RTNews

Search URL Search Domain Scan URL

URL: https://on.rt.com/b2n2
Title: Get short URL

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=rt-rtcom&utm_medium=referral&utm_content=thumbnails-anew:Below%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://www.postfun.com/parenting/a-couple-gave-birth-to-beautiful-twins-see-where-they-are-now/?utm_source=tb&utm_medium=rt-rtcom-tb&utm_term=These+Twins+Were+Named+%22Most+Beautiful+In+The+World%2C%22+Wait+Until+You+See+Them+Today-https%3A%2F%2Fwww.postfun.com%2Fhivemedia-images%2Fcreatives%2Ftwn%2F18_twn.jpg&utm_content=2961656341&utm_campaign=8100402-tb&utm_cpc=W14HBIgiauW7CixtGgV5DHwiL5mQxxVZ8QsqFCcENdA=
Title: Post Fun

Search URL Search Domain Scan URL

URL: https://tmbvt.com/527ee8a6-c638-4c5c-9166-d24b25f5ffc7?tci=GiAEBvltym2mjSsr2GteVKjYQMTgFMyoMrzaXc9YOfGZ1iCa_lMo_-7L16Dr4LlM&site=rt-rtcom&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F8e4dd95879be16c55f50e29c8b7071db.jpg&title=Otrolig+japansk+kniv+tar+%C3%B6ver+alla+k%C3%B6k+i+Sverige&platform=Desktop&campaign_item_id=2990396503#tblciGiAEBvltym2mjSsr2GteVKjYQMTgFMyoMrzaXc9YOfGZ1iCa_lMo_-7L16Dr4LlM
Title: Huusk

Search URL Search Domain Scan URL

URL: https://www.readbakery.com/sv/halsa/vira-in-fotterna-i-aluminiumfolie-och-efter-bara-nagra-timmar-blir-resultatet-det-har-det-har-ar-genialiskt/?utm_campaign=dbu0yxkr&utm_source=Taboola&utm_medium=native&utm_term=rt-rtcom
Title: Read BakeryAdvertisement

Search URL Search Domain Scan URL

URL: https://www.topp5svenskadejtingsajter.se/?utm_source=28&tmplt=1.1&zonename=rt-rtcom&adid=3020248516&adname=5+b%C3%A4sta+dejtingsajterna+f%C3%B6r+att+tr%C3%A4ffa+singlar+som+%C3%A4lskar+det+du+%C3%A4lskar&cmpgid=11813134&de=Desktop&adacc=tabo1&cmpgname=SD_SE_Des_29-07-2021&zoneid=1013186&srcclkid=GiAEBvltym2mjSsr2GteVKjYQMTgFMyoMrzaXc9YOfGZ1iDdzkQo2uWrkbKmsM2HAQ#tblciGiAEBvltym2mjSsr2GteVKjYQMTgFMyoMrzaXc9YOfGZ1iDdzkQo2uWrkbKmsM2HAQ
Title: Top5 Dating SE

Search URL Search Domain Scan URL

URL: https://swappie.com/se/renoverad-telefon-istallet-for-en-helt-ny-varfor/?utm_source=taboola&utm_medium=cpc&tblci=GiAEBvltym2mjSsr2GteVKjYQMTgFMyoMrzaXc9YOfGZ1iCZmk4olffB4a-Esvge#tblciGiAEBvltym2mjSsr2GteVKjYQMTgFMyoMrzaXc9YOfGZ1iCZmk4olffB4a-Esvge
Title: Swappie - iPhones till rimliga priser

Search URL Search Domain Scan URL

URL: https://thechefpick.com/trending/gorgeous-stars-have-aged-flawlessly?utm_source=taboola&utm_medium=rt-rtcom&utm_campaign=5961422&utm_term=Erika+Eleniak+Is+Turning+51%2C+This+Is+Her+Today&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F2548bf6d6ff14313daa936a58f96f227.jpg&ts=2021-08-10+15%3A36%3A24&tbv=pyWJIwd0pDmUy-iGBoPpLRCSNE5YY4Fjrd6pt9gJ8S0=&pcl=1
Title: The Chef Pick

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10805694&bl=92026&ct=adpreview&st=46&nvuuid=9ce167e6-f7be-7aff-6100-004b12a40183&bvuuid=3c61e0c3-50ce-4ce8-b0b5-51950d9405cd&rnd=1266935551&ag=25&ev=H4sIAAAAAAAAAOPi2Xd4MuudmRNZj_2ZwgoAXDYu4w4AAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10767580&bl=92026&ct=adpreview&st=46&nvuuid=9c4c67b2-f7dc-7a3e-6100-007112a401f1&bvuuid=3c61e0c3-50ce-4ce8-b0b5-51950d9405cd&rnd=1911665214&ag=25&ev=H4sIAAAAAAAAAOPi2Xd4MuudmRNZj_2ZwgoAXDYu4w4AAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10829382&bl=92026&ct=adpreview&st=46&nvuuid=9c3e6708-f746-7a36-6100-002e12a501d1&bvuuid=3c61e0c3-50ce-4ce8-b0b5-51950d9405cd&rnd=785451062&ag=25&ev=H4sIAAAAAAAAAOPi2Xd4MuudmRNZj_2ZwgoAXDYu4w4AAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10829440&bl=92027&ct=adpreview&st=46&nvuuid=9c3e67aa-f680-7b17-6100-004612a501aa&bvuuid=2ae63062-ae9d-4ba1-960c-3a86109268ac&rnd=1185589783&ag=25&ev=H4sIAAAAAAAAAOPiafg7hfXhnymsD4AYAJrsJJQOAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10829409&bl=92027&ct=adpreview&st=46&nvuuid=9c3e67e5-f661-7b38-6100-002612a501b1&bvuuid=2ae63062-ae9d-4ba1-960c-3a86109268ac&rnd=649192760&ag=25&ev=H4sIAAAAAAAAAOPiafg7hfXhnymsD4AYAJrsJJQOAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10829408&bl=92027&ct=adpreview&st=46&nvuuid=9c3e6796-f660-7b5d-6100-000512a50181&bvuuid=2ae63062-ae9d-4ba1-960c-3a86109268ac&rnd=92378717&ag=25&ev=H4sIAAAAAAAAAOPiafg7hfXhnymsD4AYAJrsJJQOAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://soundcloud.com/rttv/boom-bust-russia-forges-closer-us-oil-ties-inflation-gripping-china
Title: Boom Bust: Russia forges closer US oil ties & inflation gripping China

Search URL Search Domain Scan URL

URL: https://soundcloud.com/rttv/dennis-miller1-dorinda-medley-on-her-new-book-make-it-nice
Title: Dennis Miller+1: Dorinda Medley on her new book ‘Make It Nice’

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RTvids/
Title: RT Play

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://unpkg.com/dayjs HTTP 302
https://unpkg.com/dayjs@1.10.6 HTTP 302
https://unpkg.com/dayjs@1.10.6/dayjs.min.js

Request Chain 13

https://mc.yandex.ru/watch/32550500 HTTP 302
https://mc.yandex.ru/watch/32550500/1

Request Chain 35

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/126004/connatix.player.dc.js

Request Chain 76

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//www.rt.com/business/516638-gamestop-short-sellers-losses/;0.448916250850965 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//www.rt.com/business/516638-gamestop-short-sellers-losses/;0.448916250850965

Request Chain 77

https://www.tns-counter.ru/V13a***R%3E*russianrt_com/ru/UTF-8/tmsec=rt_total/661146009 HTTP 302
https://www.tns-counter.ru/V13b***R%3E*russianrt_com/ru/UTF-8/tmsec=rt_total/661146009

Request Chain 84

https://sb.scorecardresearch.com/b?c1=2&c2=17935924&ns__t=1628609782117&ns_c=UTF-8&cv=3.5&c8=Short-sellers%20lose%20another%20%242%20BILLION%20on%20GameStop%20as%20independent%20traders%20take%20on%20Wall%20Street%20again%20%E2%80%94%20RT%20Business%20News&c7=https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=17935924&ns__t=1628609782117&ns_c=UTF-8&cv=3.5&c8=Short-sellers%20lose%20another%20%242%20BILLION%20on%20GameStop%20as%20independent%20traders%20take%20on%20Wall%20Street%20again%20%E2%80%94%20RT%20Business%20News&c7=https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F&c9=

Request Chain 138

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c1d98d0a-607f-4bca-9cf1-6adad1eea8e3 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c1d98d0a-607f-4bca-9cf1-6adad1eea8e3

Request Chain 154

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e1e46112-9cf7-4c00-a3b0-7ecce02da0ce

Request Chain 155

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=mlYsq5UEe66BX3_4mV8wrpoGfKGBXiShzQUMoCpg

Request Chain 156

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6535878542904078792

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDU4YzU5N2EtNDg1MC02NGRlLTQwMTItMjJlZjU5ZmZjNzFh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDU4YzU5N2EtNDg1MC02NGRlLTQwMTItMjJlZjU5ZmZjNzFh&google_tc=

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAg3bAxz_UryOwSeegTU0Vo&google_cver=1

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIjNbPfZXIiqCMcPUknE-1Y&google_cver=1

Request Chain 189

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=a4b74a1f-5f9f-4229-8d18-cb775de90efd-tuct80c2278

Request Chain 190

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=41103279-b0ce-4872-8ea7-c02eb7f61181

Request Chain 191

https://ce.lijit.com/merge?pid=42&3pid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 195

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3d1ddb19-d72e-4725-9542-c402af6b9293

Request Chain 196

https://id5-sync.com/s/464/9.gif?puid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOdBq2bS0lh-1IIAnSohSGwqq5I_PuyTj-P25A5g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOdBq2bS0lh-1IIAnSohSGwqq5I_PuyTj-P25A5g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=f5e7198d-af84-41c2-a2e7-c628dc67a982&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://match.adsby.bidtheatre.com/usersync?cb=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F487%2F5%2F3.gif%3Fpuid%3D%7Buid%7D%26gdpr%3D1%26gdpr_consent%3D&gpdr_consent=&gdpr=1 HTTP 302
https://id5-sync.com/c/464/487/5/3.gif?puid=cfe04804-b36f-4753-9e61-e24c56c2f211&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEDfyBjByXSl4KWXMGY4cFyM&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDfyBjByXSl4KWXMGY4cFyM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1467449069197439855&opid=apx&ops=&utidl=tech:goo:CAESEDfyBjByXSl4KWXMGY4cFyM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A19751438018&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/3/5.gif?puid=d537ecbd498c72b1af70c120744a9a89&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/2/6.gif?puid=270b208d-3e59-4ae4-b0e6-650465378775&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Request Chain 197

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=taboola&bsw_custom_parameter=e75fa94b-273f-4ac3-9e6c-6837323c0658 HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk631a821d-6d33-4029-9379-c0cfb7f66be4&expires=7&user_group=5&ssp=taboola&bsw_param=e75fa94b-273f-4ac3-9e6c-6837323c0658 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e75fa94b-273f-4ac3-9e6c-6837323c0658

Request Chain 198

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=56057f64-54ed-43af-98dd-b19db6f6e6e2 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=56057f64-54ed-43af-98dd-b19db6f6e6e2&tbid=1eff32c6-aff1-45fd-88b6-e91348d09590-tuct80c2278&query=taboola_hm%3D56057f64-54ed-43af-98dd-b19db6f6e6e2&isDirect=0

Request Chain 201

https://eb2.3lift.com/xuid?mid=7772&xuid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&dongle=tbla HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZt8be6SdkgUMhrislLnUE&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZt8be6SdkgUMhrislLnUE&google_cver=1&C=1

Request Chain 211

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRKc.I3GwKcmGYDmNsoDIgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZt8be6SdkgUMhrislLnUE&google_cver=1&google_hm=2

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDENRYLNOMxj_AHppXfb-p4&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDENRYLNOMxj_AHppXfb-p4%26google_cver%3D1

Request Chain 213

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE5NTY3NjIzNDkxNjU4NTgwMg%3D%3D

Request Chain 226

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDoUbFcnW3-4OSG4ysgPVtk&google_cver=1&google_push=AYg5qPLDK0BHI3Iogp0mN0v-9Zg1XyWQrxBYxfiW50UUJE8k68NUfd6HuzW52yYHlB5Dd-KVIdW8VOI5Zcba_hI6Dlcl2cQLOdI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLDK0BHI3Iogp0mN0v-9Zg1XyWQrxBYxfiW50UUJE8k68NUfd6HuzW52yYHlB5Dd-KVIdW8VOI5Zcba_hI6Dlcl2cQLOdI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDoUbFcnW3-4OSG4ysgPVtk&google_cver=1&google_push=AYg5qPLDK0BHI3Iogp0mN0v-9Zg1XyWQrxBYxfiW50UUJE8k68NUfd6HuzW52yYHlB5Dd-KVIdW8VOI5Zcba_hI6Dlcl2cQLOdI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLDK0BHI3Iogp0mN0v-9Zg1XyWQrxBYxfiW50UUJE8k68NUfd6HuzW52yYHlB5Dd-KVIdW8VOI5Zcba_hI6Dlcl2cQLOdI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 228

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDFD3fyFl_QDuub8FM9UDHU&google_cver=1&google_push=AYg5qPLdSbZkwrKJtZrAsSzVRKbBvxKDjuoMtOp95SalsqNhh3Swq-qy5ue3HB5zxNnSTSBMEFSSBeRDnAgY6GqbvVdB6NDHR6Q1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5NDgyNTc2MDI0MzUxMzQ4NQ%3D%3D&google_push=AYg5qPLdSbZkwrKJtZrAsSzVRKbBvxKDjuoMtOp95SalsqNhh3Swq-qy5ue3HB5zxNnSTSBMEFSSBeRDnAgY6GqbvVdB6NDHR6Q1

Request Chain 229

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENLaCDSozNNFskAUHPaXm6c&google_cver=1&google_push=AYg5qPK8U4n6Nv8yEAkMZiLge0x-EfoMqWOcoGTioNG2uUHhS6bsOtjTxWr92nb7nF1gt-7U66VHh_Xms5jiPiHbL86iQAR_aow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjUzNTg3ODU0MjkwNDA3ODc5Mg&google_push=AYg5qPK8U4n6Nv8yEAkMZiLge0x-EfoMqWOcoGTioNG2uUHhS6bsOtjTxWr92nb7nF1gt-7U66VHh_Xms5jiPiHbL86iQAR_aow

Request Chain 230

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOtRzZTPtQVsDfw3ikdg8Zg&google_cver=1&google_push=AYg5qPJ7RMWcms9SoYV6LG4s4Y5Au26XJXNjSPL655iIYHcUHKwmZRbX6BQdtUbnSdypjTMEl4c8SKNUgrWwh5a6dikXynQZlnny HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1M2ODdTOUQtMVItTTFMNA==&google_push=AYg5qPJ7RMWcms9SoYV6LG4s4Y5Au26XJXNjSPL655iIYHcUHKwmZRbX6BQdtUbnSdypjTMEl4c8SKNUgrWwh5a6dikXynQZlnny

Request Chain 231

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGxYZ0OgZS-q_10vn_91Lqc&google_cver=1&google_push=AYg5qPLMYWoWqqdNWxxg2N2eUEEBm4H4rXEVEPyk_BkNkHgMOvyQv7HGrCpHGO4q5njXlZ_sQ4GppfzQ5imLrdcE2YV-yVzbBzeT HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLMYWoWqqdNWxxg2N2eUEEBm4H4rXEVEPyk_BkNkHgMOvyQv7HGrCpHGO4q5njXlZ_sQ4GppfzQ5imLrdcE2YV-yVzbBzeT&google_gid=CAESEGxYZ0OgZS-q_10vn_91Lqc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODk0Njk1MDM1MzUxNDg0ODI3Ng%3D%3D&google_push=AYg5qPLMYWoWqqdNWxxg2N2eUEEBm4H4rXEVEPyk_BkNkHgMOvyQv7HGrCpHGO4q5njXlZ_sQ4GppfzQ5imLrdcE2YV-yVzbBzeT

266 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.rt.com/business/516638-gamestop-short-sellers-losses/ 155 KB
29 KB 396ms
199ms Document
text/html 2604:9a00:2100:a017::179
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2604:9a00:2100:a017::179 , United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

nginx /

Resource Hash

3acbdd552763b0b541b58f39e907d582372833618251106d089628f8b5c63fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: www.rt.com
:scheme: https
:path: /business/516638-gamestop-short-sellers-losses/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Tue, 10 Aug 2021 15:36:21 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache,no-store,max-age=0
x-4vcta: H5342U2
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
content-encoding: gzip

GET
H2 200 template.min.css
cdnen.rt.com/static/css/ 405 KB
58 KB 27ms
5ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

8ba195fd9856b34f40709120bc1338d4bceaaa0d50bcde9cb96ce0fc5b90b142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H5203N
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-652ad"
vary: Accept-Encoding
x-cached-since: 2021-08-06T17:07:56+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 common.min.js Show response
cdnen.rt.com/static/js/ 141 KB
39 KB 26ms
11ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnen.rt.com/static/js/common.min.js?v=1603867590

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

6da7ac25e7c13905a29629c5e7e8bd11f63462a65f74cbd47d6dc6d97119b4ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H5167N
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-23502"
vary: Accept-Encoding
x-cached-since: 2021-08-06T17:10:50+00:00
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 services.sharing.js Show response
cdnen.rt.com/static/js/ 77 KB
23 KB 26ms
11ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnen.rt.com/static/js/services.sharing.js?v=6

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

73f501fc27fedbc938e3b122ade22318a96b26d208dc9f686a50fbcfec88db3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H18733N
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-1343f"
vary: Accept-Encoding
x-cached-since: 2021-08-08T20:59:59+00:00
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
50 KB 32ms
28ms Script
application/javascript 2a00:1450:4001:82b::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-07ZGQT7GK0

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84136660f3fe4b1dae0fc3e1f43995cf8c82527ff6764c6548406fc53a2df5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51110
x-xss-protection: 0
expires: Tue, 10 Aug 2021 15:36:21 GMT

GET
H2

200

dayjs.min.js Show response
unpkg.com/dayjs@1.10.6/
Redirect Chain

https://unpkg.com/dayjs
https://unpkg.com/dayjs@1.10.6
https://unpkg.com/dayjs@1.10.6/dayjs.min.js

6 KB
3 KB

18ms
18ms

Script
application/javascript

2606:4700::6810:7caf

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/dayjs@1.10.6/dayjs.min.js

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

0cb46af5dfac6a4f8315df6d367b620e16e2b76029d8306555f87b97da3e2cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:21 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3052282
fly-request-id: 01F9XCDS2ZDBQSRBR7304119N7
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"195e-3ZAWoiLc9EB2LNh8XvRe0XaWvPw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 67ca4c9eac844ab0-FRA

Redirect headers

date: Tue, 10 Aug 2021 15:36:21 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01F9XCDRFKRTB6QBNJ1MA3Q6BM
server: cloudflare
age: 3052283
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /dayjs@1.10.6/dayjs.min.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 67ca4c9dda7a4ab0-FRA
access-control-allow-origin: *

GET
H2 200 telegram.svg
www.rt.com/static/img/telegram_banners/ 10 KB
4 KB 102ms
99ms Image
image/svg+xml 2604:9a00:2100:a017::179
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rt.com/static/img/telegram_banners/telegram.svg

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2604:9a00:2100:a017::179 , United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

nginx /

Resource Hash

2beb0fdea647dc5e2861b1bf8f78f3767713bfc17e09a01bd935fe2674f5876e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload

Request headers

:path: /static/img/telegram_banners/telegram.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rt.com
referer: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H24456U
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 08:34:22 GMT
server: nginx
etag: W/"61123a0e-268e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, proxy-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
expires: Tue, 10 Aug 2021 15:35:39 GMTWed, 10 Aug 2022 15:35:39 GMT

GET
H2 200 /
www.rt.com/ 64 KB
64 KB 109ms
106ms Image
text/html 2604:9a00:2100:a017::179
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rt.com/

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2604:9a00:2100:a017::179 , United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload

Request headers

:path: /
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rt.com
referer: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H24598U2
date: Tue, 10 Aug 2021 15:36:21 GMT
cache-control: no-cache,no-store,max-age=0
server: nginx
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
content-type: text/html; charset=UTF-8

GET
H2 200 soundcloudapi.js Show response
www.rt.com/static/js/libs/ 5 KB
2 KB 112ms
110ms Script
application/javascript 2604:9a00:2100:a017::179
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rt.com/static/js/libs/soundcloudapi.js

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2604:9a00:2100:a017::179 , United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

nginx /

Resource Hash

e5d9117e8001a95c85738c65619f13e1e9f363d72ac04725c48f96abbf9b4dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload

Request headers

:path: /static/js/libs/soundcloudapi.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.rt.com
referer: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H24460U2
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 08:34:22 GMT
server: nginx
etag: W/"61123a0e-12a2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, proxy-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
expires: Tue, 10 Aug 2021 15:35:07 GMTWed, 10 Aug 2022 15:35:07 GMT

GET
H2 200 logo-bottom.png
www.rt.com/static/img/ 437 B
802 B 113ms
110ms Image
image/png 2604:9a00:2100:a017::179
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rt.com/static/img/logo-bottom.png

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2604:9a00:2100:a017::179 , United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

nginx /

Resource Hash

5a7d9179c3bc5e50800997de515dce4c68a34aeb961deb354bcf75ecfff55ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload

Request headers

:path: /static/img/logo-bottom.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rt.com
referer: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H24500U2
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 08:34:22 GMT
server: nginx
etag: W/"61123a0e-1b5"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, proxy-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
expires: Tue, 10 Aug 2021 15:36:12 GMTWed, 10 Aug 2022 15:36:12 GMT

GET
H2 200 jquery-1.11.2.min.js Show response
cdnen.rt.com/static/libs/ 95 KB
33 KB 9ms
5ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnen.rt.com/static/libs/jquery-1.11.2.min.js?v=2

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

d9d8c24c62c219b81212de073edabf87daa25db193a82272578819c7b8223775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H62626N2
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-17aa6"
vary: Accept-Encoding
x-cached-since: 2021-08-09T09:33:26+00:00
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 common.min.js Show response
cdnen.rt.com/static/js/ 141 KB
39 KB 10ms
6ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnen.rt.com/static/js/common.min.js?v=1603867591

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

6da7ac25e7c13905a29629c5e7e8bd11f63462a65f74cbd47d6dc6d97119b4ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H12605N
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 10:58:13 GMT
server: nginx
etag: W/"61110a45-23502"
vary: Accept-Encoding
x-cached-since: 2021-08-09T14:46:11+00:00
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 lazyall.js Show response
cdnen.rt.com/static/js/libs/ 15 KB
6 KB 12ms
9ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnen.rt.com/static/js/libs/lazyall.js

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

1420f87ff3d4e3f0a504fdeca92e448bb437bc09311f8f8ccab5540021f0195c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H78891N2
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-3dde"
vary: Accept-Encoding
x-cached-since: 2021-08-07T14:47:12+00:00
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 lazysizes.min.js Show response
cdnen.rt.com/static/js/libs/ 8 KB
4 KB 12ms
10ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnen.rt.com/static/js/libs/lazysizes.min.js

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

fa2f121ec9dd0d5b0d523ff61e37089fdeb595c2d4ebe34be4e67d8bee6a7e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H65012U2
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-1eea"
vary: Accept-Encoding
x-cached-since: 2021-08-09T09:38:19+00:00
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2

200

1
mc.yandex.ru/watch/32550500/
Redirect Chain

https://mc.yandex.ru/watch/32550500
https://mc.yandex.ru/watch/32550500/1

43 B
92 B

52ms
52ms

Image
image/gif

2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/32550500/1

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:21 GMT
last-modified: Tue, 10-Aug-2021 15:36:21 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-Aug-2021 15:36:21 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:21 GMT
last-modified: Tue, 10-Aug-2021 15:36:21 GMT
strict-transport-security: max-age=31536000
location: /watch/32550500/1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 10-Aug-2021 15:36:21 GMT

GET
H2 200 counters.js Show response
cdnen.rt.com/static/js/libs/ 2 KB
1 KB 13ms
11ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnen.rt.com/static/js/libs/counters.js?b=7

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

d4cb55e40214fff2a9d0c6d60a114800493f95afb896262d286cd395da7511c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H77480U
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 10:58:13 GMT
server: nginx
etag: W/"61110a45-813"
vary: Accept-Encoding
x-cached-since: 2021-08-10T08:34:21+00:00
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 notification.js Show response
cdnen.rt.com/static/js/pushes/ 4 KB
2 KB 14ms
12ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnen.rt.com/static/js/pushes/notification.js?v=3

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

6827ac528ded78425f584499a25ac85e6103451fb13e2e5a0a39d745081c7049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H62938U2
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-11f1"
vary: Accept-Encoding
x-cached-since: 2021-08-09T09:42:07+00:00
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 7187
date: Tue, 10 Aug 2021 13:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Tue, 10 Aug 2021 15:36:34 GMT

GET
H2 200 ino_tv.svg
cdnen.rt.com/static/img/icon/ 2 KB
976 B 12ms
12ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/ino_tv.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

d719d906c16377af549e87a0c0128872143ded1478c372b4dc2268d9e207299a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H6243U
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 08:34:22 GMT
server: nginx
etag: W/"61123a0e-73b"
vary: Accept-Encoding
x-cached-since: 2021-08-10T10:39:05+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 rt_D.svg
cdnen.rt.com/static/img/icon/ 1 KB
858 B 18ms
5ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/rt_D.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

316428641361f48a61052ea435aa2a1476f4e94c512ff8cf4cfe6c79d70a7c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: M U
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 0
x-cached-since: 2021-08-10T08:48:58+00:00
last-modified: Tue, 10 Aug 2021 08:34:22 GMT
server: nginx
etag: W/"61123a0e-5e0"
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 ruptly_.svg
cdnen.rt.com/static/img/icon/ 2 KB
775 B 18ms
5ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/ruptly_.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

a1fe36f0564aaef0ae578254f84691566d9432d0c02b51ff512031bd318acc04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H36760N
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 10:58:13 GMT
server: nginx
etag: W/"61110a45-600"
vary: Accept-Encoding
x-cached-since: 2021-08-09T21:22:01+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 shop-rt.svg
cdnen.rt.com/static/img/icon/ 998 B
548 B 18ms
6ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/shop-rt.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9abaf74ff6501b55a5f6b77cca50bdff263b12c8dfd33e5783fac456cfe6ed9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: M U
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 0
x-cached-since: 2021-08-10T08:48:58+00:00
last-modified: Tue, 10 Aug 2021 08:34:22 GMT
server: nginx
etag: W/"61123a0e-3e6"
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 logo.png
cdnen.rt.com/static/img/ 332 B
431 B 18ms
6ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/logo.png

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

a0fe2fd87d4116d0ccbcb708eb81fe8070a612131ca258cec1d564e61d147cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H2760N
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 08:34:22 GMT
server: nginx
etag: W/"61123a0e-14c"
vary: Accept-Encoding
x-cached-since: 2021-08-10T09:36:31+00:00
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 telegram.svg
cdnen.rt.com/static/img/icon/social-icons/ 1 KB
740 B 19ms
7ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/social-icons/telegram.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

4c36edc29e41874a1deee4a869844a176f9758db81c0b455b1dfe96d005a1ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H62520U
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-489"
vary: Accept-Encoding
x-cached-since: 2021-08-09T09:44:06+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 rss.svg
cdnen.rt.com/static/img/icon/social-icons/ 797 B
473 B 18ms
8ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/social-icons/rss.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9ca0d13ba13079188d19f996ac9b9bc39b35ebd01053cde1c0bbb394b757fa92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: M U2
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 0
x-cached-since: 2021-08-10T08:48:58+00:00
last-modified: Tue, 10 Aug 2021 08:34:22 GMT
server: nginx
etag: W/"61123a0e-31d"
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 facebook.svg
cdnen.rt.com/static/img/icon/social-icons/ 521 B
402 B 18ms
8ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/social-icons/facebook.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

731d2da90f17aebd8ed017a967237bec11040bed9f836010179c7e987b9d1545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H18889N
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 08:34:22 GMT
server: nginx
etag: W/"61123a0e-209"
vary: Accept-Encoding
x-cached-since: 2021-08-10T14:10:46+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 twitter.svg
cdnen.rt.com/static/img/icon/social-icons/ 1 KB
669 B 18ms
9ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/social-icons/twitter.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

20a1c4b20cb61a72b4ec5c49da4eb5ed99e8f324db8804b59cdd649364bd48df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H20877N
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-43c"
vary: Accept-Encoding
x-cached-since: 2021-08-08T21:28:23+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 youtube.svg
cdnen.rt.com/static/img/icon/social-icons/ 808 B
446 B 19ms
9ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/social-icons/youtube.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

cf008ea50216e14d67c03a9a37519774dbcb1f03a17767ee63e4f1ed967a25fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H62782U2
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-328"
vary: Accept-Encoding
x-cached-since: 2021-08-09T09:44:06+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 instagram.svg
cdnen.rt.com/static/img/icon/social-icons/ 2 KB
1 KB 19ms
9ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/social-icons/instagram.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

1e75071b75864bde0aee273b736ad29cb077a42d7648096229a9bbf07f5f34bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H63658U2
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-969"
vary: Accept-Encoding
x-cached-since: 2021-08-09T09:44:06+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 rumble.svg
cdnen.rt.com/static/img/icon/social-icons/ 938 B
572 B 18ms
10ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/social-icons/rumble.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

024da1d314ab0eb376d8871b1df98af36436f044975d02ab2d0eae9b1db8d5a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H61024N
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 10:58:13 GMT
server: nginx
etag: W/"61110a45-3aa"
vary: Accept-Encoding
x-cached-since: 2021-08-10T04:28:25+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 k3kQo8UDI-1M0wlSfdnoLg.woff2
fonts.gstatic.com/s/archivo/v3/ 17 KB
17 KB 13ms
10ms Font
font/woff2 2a00:1450:4001:800::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v3/k3kQo8UDI-1M0wlSfdnoLg.woff2

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7e234b43a45b719a607228464cf9bd7db056ec971072e9b6311c01c43820c34d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rt.com
Referer: https://cdnen.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 04:10:49 GMT
x-content-type-options: nosniff
age: 41132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17272
x-xss-protection: 0
last-modified: Tue, 10 Oct 2017 20:47:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 04:10:49 GMT

GET
H2 200 iconfonts.woff
cdnen.rt.com/static/fonts/icon/ 4 KB
4 KB 23ms
5ms Font
font/woff 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnen.rt.com/static/fonts/icon/iconfonts.woff?21333747

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

5deddcf3c33551cc238c9632492d8007d36ae9df7474375f857780bee373d028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://www.rt.com
Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H16539U
x-id: fr5-up-gc35
date: Tue, 10 Aug 2021 15:36:21 GMT
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: "610a5dd4-e40"
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-cached-since: 2021-08-07T23:44:42+00:00
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
accept-ranges: bytes
content-length: 3648
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a34f750c924980128fea4ff5629ee85df47222741cc2002acafb6ede10471d8e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38814c5240d913c5270db8b8c3eae9f192489b2d2752b63c30562c4287f70015

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/rt-rtcom/ 421 KB
34 KB 181ms
58ms Script
application/javascript 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/rt-rtcom/loader.js
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c32661482af7095514a8b2b5ce196b031ea746c113cb41f25a2b78c4973cf3a

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: v0bbbsmF66RrkDEgk2rjNPhD4NCIHvpZ
content-encoding: gzip
etag: "f29e3cd6d25fb535f292d77db25b9c96"
age: 13332
x-cache: HIT
content-length: 34233
x-amz-id-2: dpTVDJNNGuK6y26U6d56S7+Z0hn6nkY2x73XxinsxFP83+Km2IBO1S5btmlUBA0XG7WfctOvgWs=
x-served-by: cache-fra19172-FRA
last-modified: Tue, 10 Aug 2021 11:53:55 GMT
server: AmazonS3
x-timer: S1628609782.571116,VS0,VE0
date: Tue, 10 Aug 2021 15:36:21 GMT
vary: Accept-Encoding
x-amz-request-id: KBRBV9NY34KB4BZF
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 36
x-cache-hits: 55

GET
H3-29 200 k3kVo8UDI-1M0wlSdWLNO0bhLA.woff2
fonts.gstatic.com/s/archivo/v3/ 17 KB
17 KB 17ms
10ms Font
font/woff2 2a00:1450:4001:802::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v3/k3kVo8UDI-1M0wlSdWLNO0bhLA.woff2

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2ce64e7933469e1da3f4a036094f57b191bc66f877991e61c24781fdad1590e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rt.com
Referer: https://cdnen.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 07:43:07 GMT
x-content-type-options: nosniff
age: 28394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17392
x-xss-protection: 0
last-modified: Tue, 10 Oct 2017 20:47:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 07:43:07 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/126004/ Frame 83E1
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/126004/connatix.player.dc.js

1013 KB
224 KB

32ms
31ms

Script
application/javascript

151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/126004/connatix.player.dc.js
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 607dbeb67a18901cfff479c23f04fe0e8ae64d11ab3e4d3b6e67f2b05bc271fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: br
last-modified: Mon, 09 Aug 2021 18:27:54 GMT
age: 24609
etag: "dac276e22340d525810e9b400fdd530f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges: bytes
content-length: 229374

Redirect headers

location: https://cds.connatix.com/p/126004/connatix.player.dc.js
date: Tue, 10 Aug 2021 15:36:21 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
age: 0
accept-ranges: bytes
content-length: 0
retry-after: 0

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=1015800320&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F&ul=en-us&de=UTF-8&dt=Short-sellers%20lose%20another%20%242%20BILLION%20on%20GameStop%20as%20independent%20traders%20take%20on%20Wall%20Street%20again%20%E2%80%94%20RT%20Business%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAAC~&jid=484530246&gjid=671042575&cid=869823800.1628609782&tid=UA-5773642-2&_gid=257733066.1628609782&_r=1&_slc=1&cd1=26%20Feb%2C%202021&cd2=59840d21dda4c8f4708b4567&z=1674424822

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 74 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a0783be720feb66901e2799c5ec32fe2f976dc743730b898565360e5392885c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2a00:1450:4001:80f::200e

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-07ZGQT7GK0&gtm=2oe840&_p=1015800320&sr=1600x1200&ul=en-us&cid=869823800.1628609782&_s=1&dl=https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F&dt=Short-sellers%20lose%20another%20%242%20BILLION%20on%20GameStop%20as%20independent%20traders%20take%20on%20Wall%20Street%20again%20%E2%80%94%20RT%20Business%20News&sid=1628609781&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-07ZGQT7GK0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-5773642-2&cid=869823800.1628609782&jid=484530246&gjid=671042575&_gid=257733066.1628609782&_u=aEBAAEAAEAAAAC~&z=878591262

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 10 Aug 2021 15:36:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.rt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ino_tv_grey.svg
cdnen.rt.com/static/img/icon/ 2 KB
943 B 9ms
5ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/ino_tv_grey.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

c81971e19b11a9ae41a77ddda670e802aa70c8e3efaf8ad4d75691c1b0957b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H35347N
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 10:58:13 GMT
server: nginx
etag: W/"61110a45-746"
vary: Accept-Encoding
x-cached-since: 2021-08-09T20:52:23+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 rt_D_grey.svg
cdnen.rt.com/static/img/icon/ 2 KB
909 B 9ms
5ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/rt_D_grey.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

f1288a1480b86548d31fa33fe5b29de98e90250e24758f5f79461d9ca08e34ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: M U
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 0
x-cached-since: 2021-08-10T08:48:12+00:00
last-modified: Tue, 10 Aug 2021 08:34:22 GMT
server: nginx
etag: W/"61123a0e-67f"
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 ruptly_grey.svg
cdnen.rt.com/static/img/icon/ 2 KB
782 B 9ms
6ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/ruptly_grey.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

0fa20202cef5b5d9e5bd40342eeec822cb60c40e63d50b10d6b1e0f16f3dc7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H4495N
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-60c"
vary: Accept-Encoding
x-cached-since: 2021-08-07T16:59:47+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 telegram-grey.svg
cdnen.rt.com/static/img/icon/social-icons/ 1 KB
882 B 9ms
6ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/social-icons/telegram-grey.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

24e8175a092a603c3d5474ea3b1df7d0150270a44cf2e9858852c58962ec7178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H62103U2
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-5ff"
vary: Accept-Encoding
x-cached-since: 2021-08-09T09:44:06+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 rss-grey.svg
cdnen.rt.com/static/img/icon/social-icons/ 784 B
486 B 10ms
7ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/social-icons/rss-grey.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

6cd8edbf389e02371d88a857d35fe18225d03d8fa676274509bde04d8048585d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H7121N
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 08:34:22 GMT
server: nginx
etag: W/"61123a0e-310"
vary: Accept-Encoding
x-cached-since: 2021-08-10T10:51:30+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 facebook-grey.svg
cdnen.rt.com/static/img/icon/social-icons/ 511 B
416 B 10ms
7ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/social-icons/facebook-grey.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

256dcd25efceb57914dd7fbb366e8ef93aa299bcd26d161a52883d387b714b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H1737N2
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-1ff"
vary: Accept-Encoding
x-cached-since: 2021-08-07T16:46:15+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 twitter-grey.svg
cdnen.rt.com/static/img/icon/social-icons/ 1 KB
678 B 10ms
8ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/social-icons/twitter-grey.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

82c29c841e58e6aaaa06385aa4a791adf0b72e88b97439452e7964e53033e638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H62719N2
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-43a"
vary: Accept-Encoding
x-cached-since: 2021-08-09T09:37:23+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 youtube-grey.svg
cdnen.rt.com/static/img/icon/social-icons/ 807 B
460 B 10ms
8ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/social-icons/youtube-grey.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

ed9dccbab3c367d75315ef5dd60dc9c8a14d4c9113ba3157a254f5bcda4e7356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H62211U2
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-327"
vary: Accept-Encoding
x-cached-since: 2021-08-09T09:44:06+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 instagram-grey.svg
cdnen.rt.com/static/img/icon/social-icons/ 2 KB
875 B 11ms
8ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/social-icons/instagram-grey.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7bf2fe177d65e758281456b90ae919559031a7dcdc8460a0259cbefd866744bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H6117U2
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-702"
vary: Accept-Encoding
x-cached-since: 2021-08-09T09:44:06+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 rumble-grey.svg
cdnen.rt.com/static/img/icon/social-icons/ 812 B
491 B 11ms
9ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/img/icon/social-icons/rumble-grey.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

1bdbcc8707396dcd446cd847e71d87cd5e26d34e9a67abbdf8141a8fff4b44ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H6292N
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 08:34:22 GMT
server: nginx
etag: W/"61123a0e-32c"
vary: Accept-Encoding
x-cached-since: 2021-08-10T10:51:30+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 rt-shop-logo-2x.png
cdnen.rt.com/static/blocks/footer/ 3 KB
3 KB 11ms
9ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/blocks/footer/rt-shop-logo-2x.png

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7f96ddd320c84a1f34ca18d23f82f94009c2b2e076ee832b4689828d9840d4f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H4900N
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-ac5"
vary: Accept-Encoding
x-cached-since: 2021-08-06T17:11:15+00:00
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 Search_icon_gray.svg
cdnen.rt.com/static/blocks/footer/ 363 B
351 B 11ms
9ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/blocks/footer/Search_icon_gray.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

d235c24d60876585a1949942248f4b5ed7e936829a4706bf70e00483a0270f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: M U
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 0
x-cached-since: 2021-08-10T08:48:12+00:00
last-modified: Tue, 10 Aug 2021 08:34:22 GMT
server: nginx
etag: W/"61123a0e-16b"
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
expires: Wed, 10 Aug 2022 15:36:21 GMT

GET
H2 200 Search_icon.svg
cdnen.rt.com/static/blocks/footer/ 354 B
468 B 11ms
10ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnen.rt.com/static/blocks/footer/Search_icon.svg

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/css/template.min.css?v=1610704920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

ee3ff8f17971dfbb97829280552c3bc404b34d3b92d2ddccabd17c5c529a20ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdnen.rt.com/static/css/template.min.css?v=1610704920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H21228U2
x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 09:28:52 GMT
server: nginx
etag: W/"610a5dd4-162"
vary: Accept-Encoding
x-cached-since: 2021-08-06T21:37:39+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
expires: Wed, 10 Aug 2022 15:36:21 GMT

POST
H2 200 / Show response
nbc.rt.com/nbc/en/ 15 B
436 B 315ms
69ms XHR
application/json 185.79.236.168
RTTV

General

Check archive.org

Show headers Download Go to

Full URL: https://nbc.rt.com/nbc/en/
Requested by: Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/libs/jquery-1.11.2.min.js?v=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.79.236.168 , Russian Federation, ASN200928 (RTTV, RU),
Reverse DNS
Software: nginx /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept: */*
Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 10 Aug 2021 15:36:21 GMT
server: nginx
etag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rt.com
cache-control: no-cache, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 15
expires: Tue, 10 Aug 2021 15:36:20 GMT

GET
H2 200 new_facebook.png
www.rt.com/static/img/social-banners/ 6 KB
6 KB 97ms
96ms Image
image/png 2604:9a00:2100:a017::179
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rt.com/static/img/social-banners/new_facebook.png

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2604:9a00:2100:a017::179 , United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

nginx /

Resource Hash

3d519cdbd6c838d5f6f88b2f64e4f52ac295d6535eb57d170a1bc2d11eb5dd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload

Request headers

:path: /static/img/social-banners/new_facebook.png
pragma: no-cache
cookie: _gid=GA1.2.257733066.1628609782; _gat=1; _ga_07ZGQT7GK0=GS1.1.1628609781.1.0.1628609781.0; _ga=GA1.1.869823800.1628609782
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rt.com
referer: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H24467U2
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 08:34:22 GMT
server: nginx
etag: W/"61123a0e-1683"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, proxy-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
expires: Tue, 10 Aug 2021 15:35:06 GMTWed, 10 Aug 2022 15:35:06 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/rt-rtcom/ 3 KB
2 KB 184ms
58ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/rt-rtcom/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rt-rtcom/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e615a4aaff51112e7a99a67f43803977484797a4602685ca96f093e87a1ea6d

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6KUkcG_8g3pn3AcLYQlpJmP1iv3ArA4U
content-encoding: gzip
etag: "559f7bfd8f2f0a95be877034d71f6420"
age: 226
x-cache: HIT, HIT
content-length: 1201
x-amz-id-2: 9BM3AExHZ63L2pVBMwaf/4N5GQRkoZKdBFemU4Ez8XYSKmxviLhUPjRu4nXHJeZLK3susCT8Yx0=
x-served-by: cache-lax10642-LGB, cache-fra19125-FRA
last-modified: Wed, 25 Nov 2020 05:58:04 GMT
server: AmazonS3
x-timer: S1628609782.975503,VS0,VE1
date: Tue, 10 Aug 2021 15:36:21 GMT
vary: Accept-Encoding,,
x-amz-request-id: 1329N7RZH71JNNFG
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20210810-9-RELEASE.js Show response
cdn.taboola.com/libtrc/ 525 KB
116 KB 68ms
67ms Script
application/javascript 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210810-9-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rt-rtcom/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: d5cc7d71efaf00b363b33b835fa050a71bf6c65698622f0635866c8a24a24ed3

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 5wyuPQzoSvIPCOn4bpvMhQxoHA58aafN
content-encoding: br
etag: "0a4848b21711011f62ebd8e7e89f8a7a"
age: 14631
x-cache: HIT
content-length: 118767
x-amz-id-2: BWypNkdWDYM4v2W0L7FJjjGABIZwLxK4N/JnSogcGUS1vCzMle1bNPk9OfumDQL6LYVaNZatHaU=
x-served-by: cache-fra19172-FRA
last-modified: Tue, 10 Aug 2021 11:31:09 GMT
server: AmazonS3-br
x-timer: S1628609782.860432,VS0,VE0
date: Tue, 10 Aug 2021 15:36:21 GMT
vary: Accept-Encoding
x-amz-request-id: 66FQRCYMFF31F7WP
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 62
x-cache-hits: 71109

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
110 B 18ms
17ms Image
image/gif 2a00:1450:4001:830::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-5773642-2&cid=869823800.1628609782&jid=484530246&_u=aEBAAEAAEAAAAC~&z=1900347077

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:82f::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-5773642-2&cid=869823800.1628609782&jid=484530246&_u=aEBAAEAAEAAAAC~&z=1900347077

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 socialstat Show response
socialstat.rt.com/ 176 B
358 B 206ms
67ms Fetch
application/json 185.79.236.168
RTTV

General

Check archive.org

Show headers Download Go to

Full URL: https://socialstat.rt.com/socialstat?url=https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Requested by: Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/js/services.sharing.js?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.79.236.168 , Russian Federation, ASN200928 (RTTV, RU),
Reverse DNS
Software: nginx /
Resource Hash: 97a71f66fc850e01d8055107c0dd85128358b51f131966292ee05a1f9856f2ae

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-4vcta: H33R
date: Tue, 10 Aug 2021 15:36:22 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=30
accept-ranges: bytes
content-length: 176
expires: Tue, 10 Aug 2021 15:36:52 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b68b12dd28e2eb60decfcc1aee672ceced2684badecd7a07e75567afda2577b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f12847ee6a53c64a74234fcb5547474a0bd7813f38dac4685322a4228b03882c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d44de562bca74762c1fe38491057b654bf67752cc14396a0f08d6da696159bdd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db128b9a0a279a178ebefa264101fcf8c0e722488f048a9b27b33e30dfc6d597

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ac27ed883a0df28810d998581a791e35183b82004d75ba922c0b73a65d14f54

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46dc7588b8ddf1bd6548845eaa2e2a848f9d3e329bda7155e9982c7c76c4692e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f4ec3ba814461d9af04b81c80bb4b5153145a550d8649b1be6d2f06db39937f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200 92027.js Show response
mixi.media/data/js/ 4 KB
3 KB 318ms
147ms Script
application/javascript 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/data/js/92027.js
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 1940b26925eb0e8e46f4ebae07b5415f29263db8612d07f150ff463a24f574da

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:22 GMT
Content-Encoding: gzip
Last-Modified: Tuesday, 10-Aug-2021 15:36:22 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 / Show response
w.soundcloud.com/player/ Frame 36E7 1 KB
1 KB 214ms
69ms Document
text/html 13.224.96.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.soundcloud.com/player/?url=https://soundcloud.com/rttv/boom-bust-russia-forges-closer-us-oil-ties-inflation-gripping-china&show_artwork=true&color=%234ad71e

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/js/libs/lazysizes.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-76.zrh50.r.cloudfront.net

Software

am/2 /

Resource Hash

6630f428d21b16f1cbd52c7066fa2b34b6c7708ae7abb9a69bc82624ef0c4c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:method: GET
:authority: w.soundcloud.com
:scheme: https
:path: /player/?url=https://soundcloud.com/rttv/boom-bust-russia-forges-closer-us-oil-ties-inflation-gripping-china&show_artwork=true&color=%234ad71e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.rt.com/

Response headers

content-type: text/html
via: sssr, 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
p3p: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
cache-control: public, max-age=300
date: Tue, 10 Aug 2021 15:35:48 GMT
strict-transport-security: max-age=63072000
server: am/2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: qGZIX59m-aTVUfxGVr9SYsLExyQclyFEznKL6LXaHQjtPqBGdD9HTg==
age: 34

GET
H2 200 / Show response
w.soundcloud.com/player/ Frame D814 1 KB
1 KB 214ms
70ms Document
text/html 13.224.96.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.soundcloud.com/player/?url=https://soundcloud.com/rttv/dennis-miller1-dorinda-medley-on-her-new-book-make-it-nice&show_artwork=true&color=%234ad71e

Requested by

Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/js/libs/lazysizes.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-76.zrh50.r.cloudfront.net

Software

am/2 /

Resource Hash

81d4ddb8dbb2b76c7fdeb62b6018aecd72e75206d47ea26a397263c2446f63ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:method: GET
:authority: w.soundcloud.com
:scheme: https
:path: /player/?url=https://soundcloud.com/rttv/dennis-miller1-dorinda-medley-on-her-new-book-make-it-nice&show_artwork=true&color=%234ad71e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.rt.com/

Response headers

content-type: text/html
via: sssr, 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
p3p: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
cache-control: public, max-age=300
date: Tue, 10 Aug 2021 15:35:48 GMT
strict-transport-security: max-age=63072000
server: am/2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: uCRMQzlFyGYvqg1yaxdU5qeyVr8rwv7ZiOFx-oLKmCCJaFlVph4ilw==
age: 34

GET
H2 200 6038d2682030273bae5dcc19.jpg
cdni.rt.com/files/2021.02/article/ 74 KB
74 KB 151ms
129ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdni.rt.com/files/2021.02/article/6038d2682030273bae5dcc19.jpg
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a563daba4fe68c9942305b575d7ffb5521aaf723f7c0439ff16706d2e073ce9e

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:22 GMT
last-modified: Fri, 26 Feb 2021 10:50:15 GMT
server: nginx
etag: "6038d267-1273c"
content-type: image/jpeg
cache-control: max-age=31536001
cache: MISS
accept-ranges: bytes
content-length: 75580
expires: Wed, 10 Aug 2022 15:36:23 GMT

GET
H2 200 60018c0685f54038cc77f60d.gif
cdni.rt.com/files/2021.01/original/ 171 KB
171 KB 27ms
6ms Image
image/gif 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdni.rt.com/files/2021.01/original/60018c0685f54038cc77f60d.gif
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: bfacb51c7e0885f8f53d0c224d45a0d465396600aa03090fa02a5fcf491d8a39

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:21 GMT
last-modified: Fri, 15 Jan 2021 12:35:19 GMT
server: nginx
etag: "60018c07-2abb3"
x-cached-since: 2021-08-09T09:34:48+00:00
content-type: image/gif
cache-control: max-age=31536001
cache: HIT
accept-ranges: bytes
content-length: 175027
expires: Wed, 10 Aug 2022 15:36:22 GMT

GET
H2 200 5f686f1085f540417b478df2.jpg
cdni.rt.com/files/2020.09/thumbnail/ 16 KB
16 KB 135ms
115ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdni.rt.com/files/2020.09/thumbnail/5f686f1085f540417b478df2.jpg
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 20ce6608c05dcf64e5a0b4306782a06a7778c20efa2055a9b1ee9222ef61bae2

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:22 GMT
last-modified: Mon, 21 Sep 2020 09:14:56 GMT
server: nginx
etag: "5f686f10-3f96"
content-type: image/jpeg
cache-control: max-age=31536001
cache: MISS
accept-ranges: bytes
content-length: 16278
expires: Wed, 10 Aug 2022 15:36:23 GMT

GET
H2 200 jstag Show response
ruptly-d.openx.net/w/1.0/ 171 KB
58 KB 150ms
66ms Script
text/javascript 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ruptly-d.openx.net/w/1.0/jstag?nc=144751494-RT
Requested by: Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/js/libs/counters.js?b=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 40a6c37311076841d4b64a6919423a262266798e3d5776c88ab994631546446d

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: gzip
server: OXGW/16.213.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58742
expires: Tue, 10 Aug 2021 16:36:21 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 218ms
70ms Script
application/javascript 54.192.219.37

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/js/libs/counters.js?b=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.37 , United States, ASN (),
Reverse DNS: server-54-192-219-37.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:24:46 GMT
via: 1.1 d0945be30f5a4a7ae05683911a5fea2d.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 696
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: MRS52-P2
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: JMJdH7z4HNWjVtrtU1_9M6o2OskG5iq7fAnmdt8bQiDTUS3tYFbsjw==

GET
H2 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 27 KB
11 KB 54ms
22ms Script
text/javascript 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: cdnen.rt.com
URL: https://cdnen.rt.com/static/js/libs/counters.js?b=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=189alg==, md5=Aq8QqpKO913oQSpg0Lh6TA==
date: Tue, 10 Aug 2021 15:36:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1589054
x-guploader-uploadid: ADPycds3KPTPdVNm8yXAdhrxfxRaYeTBnqIG2lrLotae4bxik3egrwkU4sqIQYBG1Cq65fowFX9NakssUdZKBm01N5g
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 11 Nov 2020 17:32:38 GMT
server: cloudflare
etag: W/"02af10aa928ef75de8412a60d0b87a4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTSlHKJCxJh7LUOqc4%2BaZPPzmJqrPmMsi3jVSXeDgyCXraNvGIMupbqlPakRnZyAN9C%2Bw6qBoi9Ja%2FpmGcCplzEtEuG0wEBzxv5appmKPxrjjblsNAYHaNW6clrYF%2BlH86F5OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1605115958819708
content-type: text/javascript
cache-control: public, max-age=2678400
x-goog-stored-content-length: 27827
cf-ray: 67ca4ca0ee250631-FRA
expires: Fri, 23 Jul 2021 07:12:07 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//www.rt.com/business/516638-gamestop-short-sellers-losses/;0.448916250850965
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//www.rt.com/business/516638-gamestop-short-sellers-losses/;0.448916250850965

43 B
528 B

49ms
48ms

Image
image/gif

88.212.201.204

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//www.rt.com/business/516638-gamestop-short-sellers-losses/;0.448916250850965

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN (),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:25 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 09 Aug 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:25 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//www.rt.com/business/516638-gamestop-short-sellers-losses/;0.448916250850965
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 09 Aug 2020 21:00:00 GMT

GET
H2

200

661146009
www.tns-counter.ru/V13b***R%3E*russianrt_com/ru/UTF-8/tmsec=rt_total/
Redirect Chain

https://www.tns-counter.ru/V13a***R%3E*russianrt_com/ru/UTF-8/tmsec=rt_total/661146009
https://www.tns-counter.ru/V13b***R%3E*russianrt_com/ru/UTF-8/tmsec=rt_total/661146009

43 B
297 B

61ms
60ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b***R%3E*russianrt_com/ru/UTF-8/tmsec=rt_total/661146009
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: tns-counter-3.1.0/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:22 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:22 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b***R%3E*russianrt_com/ru/UTF-8/tmsec=rt_total/661146009
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 6036df8c20302710027b73fe.JPG
cdni.rt.com/files/2021.02/l/ 69 KB
69 KB 115ms
114ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdni.rt.com/files/2021.02/l/6036df8c20302710027b73fe.JPG
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 30ffa528c2265a5b93b002af7b7a4dc66227facb219bf41c0053e417da86275d

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:22 GMT
last-modified: Wed, 24 Feb 2021 23:21:48 GMT
server: nginx
etag: "6036df8c-11507"
content-type: image/jpeg
cache-control: max-age=31536001
cache: MISS
accept-ranges: bytes
content-length: 70919
expires: Wed, 10 Aug 2022 15:36:23 GMT

GET
H2 200 player.css
cds.connatix.com/p/126004/ 53 KB
8 KB 31ms
31ms Stylesheet
text/css 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/126004/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b8b19af75b77e8d96706f9c314513e0a15cd1093c3c59a0bb99c8ba2839ffebf

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:22 GMT
content-encoding: br
last-modified: Mon, 09 Aug 2021 18:27:55 GMT
age: 24609
etag: "c6e2d0f7624aab499fbb112163409456"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges: bytes
content-length: 8234

GET
H2 200 json Show response
trc.taboola.com/rt-rtcom/trc/3/ 4 KB
2 KB 189ms
187ms XHR
application/javascript 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/rt-rtcom/trc/3/json?tim=17%3A36%3A22.060&lti=deflated&data=%7B%22id%22%3A804%2C%22ii%22%3A%22%2Fbusiness%2F516638-gamestop-short-sellers-losses%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1628596415650%2C%22vi%22%3A1628609782057%2C%22cv%22%3A%2220210810-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5189%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Aabp%3D0%22%2C%22uip%22%3A%22Newsroom%22%2C%22orig_uip%22%3A%22Newsroom%22%2C%22cd%22%3A2228.484375%2C%22mw%22%3A853.234375%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210810-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 452dca1d1185b2d864184bf3b49b4826feeb27ffe67a138123dad66fdc1f7770

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 112
date: Tue, 10 Aug 2021 15:36:22 GMT
content-encoding: gzip
server: nginx
x-timer: S1628609782.107707,VS0,VE112
x-served-by: cache-fra19172-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.rt.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 pmk-202010011.44.js Show response
widget.perfectmarket.com/rt-rtcom/ 112 KB
31 KB 58ms
58ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/rt-rtcom/pmk-202010011.44.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/rt-rtcom/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea7dfcdc42377aef75d4ce41c49630d0ceb149b92d681d928909034c40151fd0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hw2fxI8WJmwzAcKOTRH3wVQXWIALHeO3
content-encoding: gzip
etag: "677e712599d1f9f44423c57eced6dec7"
age: 5379461
x-cache: HIT, HIT
content-length: 31159
x-amz-id-2: XTHSBxMHcqZUUr2K9JJRBpSbne0aTHc2YmrHuGx/tJQtbGmmgFHSF2893C3J7RaTTDiJicXl9MA=
x-served-by: cache-sna10730-LGB, cache-fra19125-FRA
last-modified: Wed, 25 Nov 2020 05:58:04 GMT
server: AmazonS3
x-timer: S1628609782.100818,VS0,VE0
date: Tue, 10 Aug 2021 15:36:22 GMT
vary: Accept-Encoding,,
x-amz-request-id: F910W3X7JBNJ9T4E
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 26

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame 83E1 2 KB
2 KB 622ms
178ms XHR
multipart/form-data 18.224.231.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=126004
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.231.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-231-234.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 6a14c5ffe3de43da3a2c7f52c28be717f0722545756e941f2ca08e3c337162f0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 10 Aug 2021 15:36:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rt.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 400 beacon
beacon.tru.am/ 31 B
0 154ms
128ms Fetch
text/plain 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.tru.am/beacon
Requested by: Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 10 Aug 2021 15:36:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
surrogate-control: no-store
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 31
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5OiosxjZgR%2FN5IAuXKV0HB%2FvmtXTTz7PmbLR6P2rcvoU3jyp9KZ6qSPIqoJ0JOC92zi4rR6ppDFclYHMni9AYzw%2BvVAclNizgsHQXcgLCQn%2FqJCwZRE0Tf7VqIBxUw%2F6wtxDwh%2Bj3zH63g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 67ca4ca24ac54ec1-FRA
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=17935924&ns__t=1628609782117&ns_c=UTF-8&cv=3.5&c8=Short-sellers%20lose%20another%20%242%20BILLION%20on%20GameStop%20as%20independent%20traders%20take%20on...
https://sb.scorecardresearch.com/b2?c1=2&c2=17935924&ns__t=1628609782117&ns_c=UTF-8&cv=3.5&c8=Short-sellers%20lose%20another%20%242%20BILLION%20on%20GameStop%20as%20independent%20traders%20take%20o...

64 B
330 B

108ms
108ms

Image
image/gif

54.192.219.37

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=17935924&ns__t=1628609782117&ns_c=UTF-8&cv=3.5&c8=Short-sellers%20lose%20another%20%242%20BILLION%20on%20GameStop%20as%20independent%20traders%20take%20on%20Wall%20Street%20again%20%E2%80%94%20RT%20Business%20News&c7=https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F&c9=
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.37 , United States, ASN (),
Reverse DNS: server-54-192-219-37.mrs52.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:22 GMT
via: 1.1 d0945be30f5a4a7ae05683911a5fea2d.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: oZTCWa3VNR3MRju8WJ2g_0IPayrK3tJ1oGhsakJEzhHxWiNAZlqAIA==

Redirect headers

date: Tue, 10 Aug 2021 15:36:22 GMT
via: 1.1 d0945be30f5a4a7ae05683911a5fea2d.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=17935924&ns__t=1628609782117&ns_c=UTF-8&cv=3.5&c8=Short-sellers%20lose%20another%20%242%20BILLION%20on%20GameStop%20as%20independent%20traders%20take%20on%20Wall%20Street%20again%20%E2%80%94%20RT%20Business%20News&c7=https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F&c9=
content-length: 364
x-amz-cf-id: ydNvjJtqRbENyAjGS_Eg6XUfYAg1E_o3bpr18_KhxVuSeHmFccPwUw==

GET
H2 200 widget-5-5c62e1ffd152.js Show response
widget.sndcdn.com/ Frame 36E7 7 KB
3 KB 209ms
72ms Script
application/javascript 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-5-5c62e1ffd152.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https://soundcloud.com/rttv/boom-bust-russia-forges-closer-us-oil-ties-inflation-gripping-china&show_artwork=true&color=%234ad71e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa715b659ac04819187bf153e25b5f6230dafc5870bd4ad5a91a93b5c7c264f3

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 13:49:08 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2425635
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 13 Jul 2021 13:40:06 GMT
server: AmazonS3
etag: W/"25f9c74db32b990cf8f84283875344e1"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: _MPwL62FKXf7qsD_DBmr_6sctDV5OQf5
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: HNpx26V0pdsFxhvUsdeWDtGXmJWw0uJpn7AvT8zSAjh_andLcceFpA==

GET
H2 200 widget-8-555fa43e9b77.js Show response
widget.sndcdn.com/ Frame 36E7 2 KB
2 KB 210ms
73ms Script
application/javascript 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-8-555fa43e9b77.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https://soundcloud.com/rttv/boom-bust-russia-forges-closer-us-oil-ties-inflation-gripping-china&show_artwork=true&color=%234ad71e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34d6478be15fadde340d9ac03791342358e96990e23fadba6f6288cd008bf2ea

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 10:48:36 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 449267
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 05 Aug 2021 10:44:25 GMT
server: AmazonS3
etag: W/"c106e89ce827e527576d34d6a98a21cd"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: aE89HkcObwvbXFZuxAeiPgBOWAYUhjs.
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: tUqnjLK3zTi_eW6bDKkPa72qit8iSEA4B_MxoDpwAn1XM1PoPaalzg==

GET
H2 200 widget-9-945f28c53669.js Show response
widget.sndcdn.com/ Frame 36E7 1 MB
309 KB 238ms
100ms Script
application/javascript 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-9-945f28c53669.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https://soundcloud.com/rttv/boom-bust-russia-forges-closer-us-oil-ties-inflation-gripping-china&show_artwork=true&color=%234ad71e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60ea776b54fc7245919c6dc6dd8bc09e9f6fa90d815e3959794bcfa21dc1cba1

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 10:48:36 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 449267
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 05 Aug 2021 10:44:25 GMT
server: AmazonS3
etag: W/"230b8fbd8f1b5bd64461c321d44b0297"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: F8tXdUnDKWe6tjcdxJhE883a02EjPNMz
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Poe3E-ZTFdwoawg3VxBdnAqhPzbNdk9OuiFtTBf0mJeiB0qoE1RgGQ==

GET
H2 200 widget-5-5c62e1ffd152.js Show response
widget.sndcdn.com/ Frame D814 7 KB
3 KB 334ms
197ms Script
application/javascript 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-5-5c62e1ffd152.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https://soundcloud.com/rttv/dennis-miller1-dorinda-medley-on-her-new-book-make-it-nice&show_artwork=true&color=%234ad71e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa715b659ac04819187bf153e25b5f6230dafc5870bd4ad5a91a93b5c7c264f3

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 13:49:08 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2425635
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 13 Jul 2021 13:40:06 GMT
server: AmazonS3
etag: W/"25f9c74db32b990cf8f84283875344e1"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: _MPwL62FKXf7qsD_DBmr_6sctDV5OQf5
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: WQ6Ougn0xe2Pfg4NW4Hy8x_Avx-2K0nA4Vt3CCCUVQwRLHW0DWr7Kw==

GET
H2 200 widget-8-555fa43e9b77.js Show response
widget.sndcdn.com/ Frame D814 2 KB
2 KB 363ms
226ms Script
application/javascript 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-8-555fa43e9b77.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https://soundcloud.com/rttv/dennis-miller1-dorinda-medley-on-her-new-book-make-it-nice&show_artwork=true&color=%234ad71e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34d6478be15fadde340d9ac03791342358e96990e23fadba6f6288cd008bf2ea

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 10:48:36 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 449267
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 05 Aug 2021 10:44:25 GMT
server: AmazonS3
etag: W/"c106e89ce827e527576d34d6a98a21cd"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: aE89HkcObwvbXFZuxAeiPgBOWAYUhjs.
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 7cACm6_BzimdGYWiQAIMgletzDvmxc0M8M2RaKc095fKhXTe1S3ZGw==

GET
H2 200 widget-9-945f28c53669.js Show response
widget.sndcdn.com/ Frame D814 1 MB
309 KB 336ms
199ms Script
application/javascript 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-9-945f28c53669.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https://soundcloud.com/rttv/dennis-miller1-dorinda-medley-on-her-new-book-make-it-nice&show_artwork=true&color=%234ad71e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60ea776b54fc7245919c6dc6dd8bc09e9f6fa90d815e3959794bcfa21dc1cba1

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 10:48:36 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 449267
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 05 Aug 2021 10:44:25 GMT
server: AmazonS3
etag: W/"230b8fbd8f1b5bd64461c321d44b0297"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: F8tXdUnDKWe6tjcdxJhE883a02EjPNMz
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: jRv6FlrwGA2dcVXojTJkeuoQEHh19sMPuI7j6W9Ht1L154uvZWtOsA==

GET
H/1.1 200
OK jsapi.v5.3.0.en_US.js Show response
static.mixi.media/static/jsapi/ 239 KB
70 KB 275ms
102ms Script
application/x-javascript 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mixi.media/static/jsapi/jsapi.v5.3.0.en_US.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/92027.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 9b01d2160fc4faa66e40f8a86b7d81ca0c0c9e14969987a793ba1aec17b7231a

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 15:36:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jul 2021 14:20:09 GMT
Server: nginx
ETag: W/"60e5b819-3ba1b"
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK sm.js Show response
stat.media/ 77 KB
28 KB 244ms
104ms Script
application/x-javascript 136.243.42.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/92027.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa51.imcmdb.net
Software: nginx /
Resource Hash: 382873874381a9138712c2cf69ee03f11b96009cae5fe33d2647c414e9712f6f

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 15:36:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Aug 2021 20:46:02 GMT
Server: nginx
ETag: W/"610afc8a-133b9"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK /
target.mixi.media/init/ 95 B
463 B 324ms
150ms Image
image/png 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.mixi.media/init/?blockid=92027&siteid=47215&bw=1600&bh=1200&rnd=2666092332168
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Target-Version: 2
Date: Tue, 10 Aug 2021 15:36:22 GMT
X-Target-Final: 20210810183622-0
Server: nginx
X-Target-Host: target2-1.ssel25
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00042
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Tue, 10 Aug 2021 15:36:21 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 60ms
58ms Script
application/javascript 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210810-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding: gzip
etag: "7a6ef5412d45e94af6813e18c060355d"
age: 5601
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5990
x-amz-id-2: 5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY=
x-served-by: cache-fra19172-FRA
last-modified: Tue, 06 Jul 2021 14:02:32 GMT
server: AmazonS3
x-timer: S1628609782.285770,VS0,VE0
date: Tue, 10 Aug 2021 15:36:22 GMT
vary: Accept-Encoding
x-amz-request-id: KQE2YD0951MP799B
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 62
x-cache-hits: 32665

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
978 B 60ms
59ms Stylesheet
text/css 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210810-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 26460
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w=
x-served-by: cache-fra19172-FRA
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1628609782.286172,VS0,VE0
date: Tue, 10 Aug 2021 15:36:22 GMT
vary: Accept-Encoding
x-amz-request-id: H26RXF80K5Y33KYT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 62
x-cache-hits: 234532

GET
H2 200 tfa-eid.20210810-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 63ms
62ms Script
application/javascript 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210810-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rt-rtcom/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00a04aa8b5c1edcb39a4dd34121a4779adccc0a33c6c337da5eed7525b2304ce

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 469iDzBKfyS3NJzBr.EjDuxDqjBa24Cu
content-encoding: gzip
etag: "a7d0fee224e5d57efa1bba0d46ccfb10"
age: 14071
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5061
x-amz-id-2: MCrZZabU1daEbWFMZY0CcjDFlbCLjKEYSRrWFnD1uYwv3mHoQqerE8lFUxn8fhaaCdF6X6mmJjY=
x-served-by: cache-fra19172-FRA
last-modified: Tue, 10 Aug 2021 11:41:42 GMT
server: AmazonS3
x-timer: S1628609782.288758,VS0,VE0
date: Tue, 10 Aug 2021 15:36:22 GMT
vary: Accept-Encoding
x-amz-request-id: VMN9FYX7614339GK
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 62
x-cache-hits: 65247

GET
H2 200 sha256.20210810-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 62ms
62ms Script
application/javascript 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210810-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rt-rtcom/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55728f81d691005b6eefd01424f0ae5051df5ec5664d9600aae376c1835735ea

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rJnH9vSvryxFnzFKaxd86y5tCEuLwSJl
content-encoding: gzip
etag: "3e2d6f0ce852cbec0cbed3bf82abbf26"
age: 14059
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2589
x-amz-id-2: Z9QkoFUEIhx8WOcZFwvuCJAIBnu8BlveQ55xP8MoGH38Cl2JAGcxbZKkFBIvQDW3kXsNtTgUQ2o=
x-served-by: cache-fra19172-FRA
last-modified: Tue, 10 Aug 2021 11:41:54 GMT
server: AmazonS3
x-timer: S1628609782.288745,VS0,VE0
date: Tue, 10 Aug 2021 15:36:22 GMT
vary: Accept-Encoding
x-amz-request-id: R2Y8CT99KBA29GQX
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 62
x-cache-hits: 62697

GET
H2 204 debug
il-trc-events.taboola.com/rt-rtcom/log/2/ 0
90 B 369ms
119ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/rt-rtcom/log/2/debug?tim=17%3A36%3A22.261&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20rbox-tracking&id=7734&cv=20210810-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 89945

GET
H2 204 social
il-trc-events.taboola.com/rt-rtcom/log/3/ 0
230 B 352ms
119ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/rt-rtcom/log/3/social?route=AM:IL:V&lti=deflated&ri=5622537a5d72ff075a5c1b69e3bf308a&sd=v2_deb38483c69e7a17717d85c6cd92733e_8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276_1628609782_1628609782_CNawjgYQwus9GKnC1IWzLyABKAEwvwE4krUNQKidEEie4tgDUN_zLVgAYABosa_ptcr9986tAXAA&ui=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&pi=/business/516638-gamestop-short-sellers-losses&wi=7253962610605077097&pt=text&vi=1628609782057&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Short-sellers%20lose%20another%20%242%20BILLION%20on%20GameStop%20as%20independent%20traders%20take%20on%20Wall%20Street%20again%22%2C%22sec%22%3A%22business%22%2C%22aut%22%3A%5B%22RT%22%5D%2C%22img%22%3A%22https%3A%2F%2Fcdni.rt.com%2Ffiles%2F2021.02%2Farticle%2F6038d2682030273bae5dcc19.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=17%3A36%3A22.279&id=9395&llvl=1&cv=20210810-9-RELEASE&
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 10 Aug 2021 15:36:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 450 B
1 KB 66ms
65ms Script
application/javascript 136.243.42.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=CO_wAhIkZmQ3NTE3MGMtNzZmOS00NDI1LTg1Y2QtNWM3OTEwN2JmZDUxGPPC1IWzLyIkYmJmYTQ0YTQtNzE3ZS00NGVhLWFjYTgtZTBkMmI5YWE4YWJk&cb=_callbacks____0ks687qnk
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa51.imcmdb.net
Software: nginx /
Resource Hash: d4fb0d427ce09b9ae2ffd00c427fb2da298e16bb30cf77a3de7d6b30ad21e322

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 15:36:22 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H2 200 logo-200x120-3190df52.png
widget.sndcdn.com/assets/images/ Frame 36E7 4 KB
4 KB 186ms
63ms Image
image/png 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.sndcdn.com/assets/images/logo-200x120-3190df52.png
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https://soundcloud.com/rttv/boom-bust-russia-forges-closer-us-oil-ties-inflation-gripping-china&show_artwork=true&color=%234ad71e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9e23dcec7b7d492b11006586bea4e4fe7de01f647f89c6aa84e186567b9da50

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 23:32:02 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 4118661
x-cache: Hit from cloudfront
content-length: 3745
last-modified: Wed, 23 Jun 2021 09:05:31 GMT
server: AmazonS3
etag: "a1591e5274b36cfbae3e167dffe49970"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: aFv7dm.QM9IMcVqK5hx4DbvjfyjOX3wq
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: fxhxje8hEl6M816C7o0ETCyvYcQ6tMw45jE2jm8cXQO8xt6Zo0F_Lg==

GET
H/1.1 200
OK 560958-434058-234215-438799 Show response
api-widget.soundcloud.com/assignments/ Frame 36E7 557 B
1 KB 220ms
95ms XHR
application/json 13.224.92.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/assignments/560958-434058-234215-438799?layers=widget_listening&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1628160241

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-945f28c53669.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.92.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-92-56.zrh50.r.cloudfront.net

Software

am/2 /

Resource Hash

f4d9115104dc3086ffd82eba09aca64df61b5614cc9beedc2f3716455a2bceed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 15:36:22 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
X-Amz-Cf-Pop: ZRH50-C1
X-Cache: Miss from cloudfront
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
Connection: keep-alive
Vary: Origin
Content-Length: 171
access-control-allow-origin: https://w.soundcloud.com
referrer-policy: no-referrer
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
strict-transport-security: max-age=63072000
Content-Type: application/json; charset=utf-8
Via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: oQWWHsWzXoEKJzLu-0uHWFzvp6h8SDxuzkjKyO4Q_52DAGjNIOUV2Q==

POST
H/1.1 200 jsapi Show response
mixi.media/newdata/ 2 KB
2 KB 147ms
146ms XHR
application/json 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/newdata/jsapi?action=news
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.3.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 5c4092ea428668798f9b1c2acf0b246f7c96c2012a055f0f2cb29c65eea38e86

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:22 GMT
Content-Encoding: gzip
Last-Modified: Tuesday, 10-Aug-2021 15:36:22 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.rt.com
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Node: ads4-3ssel30

GET
H/1.1 404
Not Found /
mixi.media/cookiematching/ 0
0 192ms
65ms Image
text/html 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJGZkNzUxNzBjLTc2ZjktNDQyNS04NWNkLTVjNzkxMDdiZmQ1MRoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNjI4NjA5NzgyMTMxGgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJGJiZmE0NGE0LTcxN2UtNDRlYS1hY2E4LWUwZDJiOWFhOGFiZBoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1628609782599
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 192ms
64ms XHR
text/plain 136.243.42.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa51.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Tue, 10 Aug 2021 15:36:22 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 logo-200x120-3190df52.png
widget.sndcdn.com/assets/images/ Frame D814 4 KB
4 KB 62ms
61ms Image
image/png 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.sndcdn.com/assets/images/logo-200x120-3190df52.png
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https://soundcloud.com/rttv/dennis-miller1-dorinda-medley-on-her-new-book-make-it-nice&show_artwork=true&color=%234ad71e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9e23dcec7b7d492b11006586bea4e4fe7de01f647f89c6aa84e186567b9da50

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 23:32:02 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
age: 4118661
x-cache: Hit from cloudfront
content-length: 3745
last-modified: Wed, 23 Jun 2021 09:05:31 GMT
server: AmazonS3
etag: "a1591e5274b36cfbae3e167dffe49970"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: aFv7dm.QM9IMcVqK5hx4DbvjfyjOX3wq
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: OeU1b5Y5W7EOErXlQNzDVu5k4t9qHeQFi8_e1Tmen2MeIMeaoB9-GA==

GET
H/1.1 200
OK 282408-378851-805029-731640 Show response
api-widget.soundcloud.com/assignments/ Frame D814 511 B
1 KB 224ms
95ms XHR
application/json 13.224.92.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/assignments/282408-378851-805029-731640?layers=widget_listening&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1628160241

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-945f28c53669.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.92.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-92-56.zrh50.r.cloudfront.net

Software

am/2 /

Resource Hash

73442042723599bce8535f591fa5ecde187d59fa2c24498fa27d93db9c09d6fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 15:36:22 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
X-Amz-Cf-Pop: ZRH50-C1
X-Cache: Miss from cloudfront
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
Connection: keep-alive
Vary: Origin
Content-Length: 131
access-control-allow-origin: https://w.soundcloud.com
referrer-policy: no-referrer
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
strict-transport-security: max-age=63072000
Content-Type: application/json; charset=utf-8
Via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: doJKN0fuGlc1CN8IHZ-9xOUp4TV2RKUFDr-W0X4PnB1ilLIByBDvDA==

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame 83E1 0
291 B 149ms
149ms XHR
multipart/form-data 18.224.231.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=126004
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.231.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-231-234.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 10 Aug 2021 15:36:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rt.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 294ms
171ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

cb43e017223e2a531fa7b866d1968ec3a68cd52ccf5849a282de351aa3cd56ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "954 / 986 of 1000 / last-modified: 1628593736"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25142
x-xss-protection: 0
expires: Tue, 10 Aug 2021 15:36:22 GMT

GET
H2 200 5_media.bin Show response
vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/ Frame 83E1 280 B
494 B 101ms
31ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/5_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 205d7f8f1f9fe59b6b690ee1587310a5a07d8984f2f0f396ca902678575c66f1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:22 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 19:28:52 GMT
age: 1084303
etag: "a9e0435371b1c040a9bab4ed843fb415"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges: bytes
content-length: 256

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 83E1 341 KB
118 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d6d3b9f8e0313f53a32160e14ffb19c80aa84fc2534b3d4acdfe8880059d83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120564
x-xss-protection: 0
expires: Tue, 10 Aug 2021 15:36:22 GMT

GET
H/1.1 200
OK 9276309.jpeg
static3.mixi.media/img/120x68/ 5 KB
6 KB 238ms
67ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static3.mixi.media/img/120x68/9276309.jpeg
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: a44a3392430e257a20543b7bb315df373b17dcc7e3b2ad2314bec8b2386b1c64

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 15:36:23 GMT
Last-Modified: Tue, 10 Aug 2021 05:18:57 GMT
Server: nginx
ETag: W/"61120c41-16151"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5561
Expires: Thu, 10 Aug 2023 05:19:14 GMT

GET
H/1.1 200
OK 9276287.jpeg
static7.mixi.media/img/120x68/ 5 KB
6 KB 242ms
67ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static7.mixi.media/img/120x68/9276287.jpeg
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 98f28ffb9107b22e4190592ea281c151371017f1f34aefb9fdfda522070a893b

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 15:36:23 GMT
Last-Modified: Tue, 10 Aug 2021 05:09:35 GMT
Server: nginx
ETag: W/"61120a0f-14e05"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5538
Expires: Thu, 10 Aug 2023 05:09:44 GMT

GET
H/1.1 200
OK 9276286.jpeg
static4.mixi.media/img/120x68/ 4 KB
4 KB 238ms
65ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static4.mixi.media/img/120x68/9276286.jpeg
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 7ec3ce8433295d9af76d8559fe5ca991051401c64fa781365c94f9edf7c2fcdc

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 15:36:23 GMT
Last-Modified: Tue, 10 Aug 2021 05:09:20 GMT
Server: nginx
ETag: W/"61120a00-d086"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4103
Expires: Thu, 10 Aug 2023 05:09:52 GMT

GET
H/1.1 200
OK resolve Show response
api-widget.soundcloud.com/ Frame 36E7 4 KB
3 KB 136ms
136ms XHR
application/json 13.224.92.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/resolve?url=https%3A//soundcloud.com/rttv/boom-bust-russia-forges-closer-us-oil-ties-inflation-gripping-china&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1628160241

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-945f28c53669.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.92.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-92-56.zrh50.r.cloudfront.net

Software

am/2 /

Resource Hash

a6667b45713f6bd87b9a24bff242adcf81dc97a7b917377ec362dd32547a6fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 15:36:22 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
X-Amz-Cf-Pop: ZRH50-C1
X-Cache: Miss from cloudfront
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
Connection: keep-alive
Vary: Origin
Content-Length: 1897
access-control-allow-origin: https://w.soundcloud.com
referrer-policy: no-referrer
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
strict-transport-security: max-age=63072000
Content-Type: application/json; charset=utf-8
Via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: --fu_KYSMX-hSz99QG3rl9SUw9pxhsZCTyRe8IWaEZypsEp5AHowUA==

GET
H/1.1 200
OK resolve Show response
api-widget.soundcloud.com/ Frame D814 4 KB
3 KB 181ms
180ms XHR
application/json 13.224.92.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/resolve?url=https%3A//soundcloud.com/rttv/dennis-miller1-dorinda-medley-on-her-new-book-make-it-nice&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1628160241

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-945f28c53669.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.92.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-92-56.zrh50.r.cloudfront.net

Software

am/2 /

Resource Hash

b00c0eaa396353b0a6527744862873326180d3659b94aa38658017dfc6f234e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 15:36:23 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
X-Amz-Cf-Pop: ZRH50-C1
X-Cache: Miss from cloudfront
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
Connection: keep-alive
Vary: Origin
Content-Length: 1668
access-control-allow-origin: https://w.soundcloud.com
referrer-policy: no-referrer
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
strict-transport-security: max-age=63072000
Content-Type: application/json; charset=utf-8
Via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: OtIAh7cRScniaBvv-sCVnS7UIfEn-1Ya2TdLsGgAj6Ck09sY6Qwv-g==

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame 83E1 0
291 B 192ms
191ms XHR
multipart/form-data 18.224.231.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=126004
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.231.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-231-234.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 10 Aug 2021 15:36:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rt.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame 83E1 0
291 B 334ms
146ms XHR
multipart/form-data 18.224.231.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=126004
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.231.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-231-234.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 10 Aug 2021 15:36:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rt.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3-29 200 bridge3.474.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 50DF 579 KB
190 KB 20ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64b05fc43fc4c439d6d5f3b9e81f9bbb182b04c146dd8847f5723907600f79d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.474.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.rt.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194966
date: Wed, 04 Aug 2021 15:34:46 GMT
expires: Thu, 04 Aug 2022 15:34:46 GMT
last-modified: Wed, 28 Jul 2021 15:30:41 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 518496
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 83E1 44 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 10 Aug 2021 15:36:22 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 83E1 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 15:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.474.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A179 579 KB
190 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64b05fc43fc4c439d6d5f3b9e81f9bbb182b04c146dd8847f5723907600f79d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.474.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.rt.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194966
date: Wed, 04 Aug 2021 15:34:46 GMT
expires: Thu, 04 Aug 2022 15:34:46 GMT
last-modified: Wed, 28 Jul 2021 15:30:41 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 518496
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bridge3.474.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D9DA 579 KB
190 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64b05fc43fc4c439d6d5f3b9e81f9bbb182b04c146dd8847f5723907600f79d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.474.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.rt.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194966
date: Wed, 04 Aug 2021 15:34:46 GMT
expires: Thu, 04 Aug 2022 15:34:46 GMT
last-modified: Wed, 28 Jul 2021 15:30:41 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 518497
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1_th.jpg
img.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/ 11 KB
11 KB 54ms
32ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/1_th.jpg?crop=407:229,smart&width=407&height=229&format=jpeg&quality=60&fit=crop
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2a3669e0cd9ca45b4909d892a3d4a011bac0af33b175db75dafd252199156c2c

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:23 GMT
age: 1689112
etag: "cWmmkumQDE5dHH1Tt9Xl1hT8TO5wAPky20wbdKXNJtM"
access-control-max-age: 86400
fastly-io-info: ifsz=104321 idim=2560x1440 ifmt=jpeg ofsz=11271 odim=407x229 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 11271

GET
H2 200 widget-0-62e7fd9f413b.js Show response
widget.sndcdn.com/ Frame 36E7 204 KB
57 KB 71ms
70ms Script
application/javascript 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-0-62e7fd9f413b.js
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-8-555fa43e9b77.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64cea54e4443df86b1b5d951ed7014f6c03adae0748b9fbd83af599f738c9b79

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 10:48:36 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 449268
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 05 Aug 2021 10:44:24 GMT
server: AmazonS3
etag: W/"9a5bf3c04b5b82f5113d711d41f7eb08"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: O.2sBoTidS6TmVu3_sGixfo0AIlSSsds
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: OgG-IBCG1VyLnmLWrQh4HO0V5rBBZt1ju01peOTlIvjas4SRxGXHbg==

GET
H2 200 widget-1-9c0e7a8582ed.js Show response
widget.sndcdn.com/ Frame 36E7 20 KB
5 KB 110ms
110ms Script
application/javascript 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-1-9c0e7a8582ed.js
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-8-555fa43e9b77.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 642360414edbbf3b377184d94cc5ce4d197e2a723909914a2831556ac7944981

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 12:09:33 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2431611
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 13 Jul 2021 12:04:21 GMT
server: AmazonS3
etag: W/"901adcbfd900cf745877e56d4d5c36c1"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 0EDeoLgtmhjQF_wEQKopL9E70NrcjzUI
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: szf5BAeA3DJDF-IbCDWcDJ2GG8Fm6xOR97XAeLyVuaOyByPhAZZXaQ==

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E51F 36 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 10 Aug 2021 16:10:08 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 40A0 36 KB
12 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 14:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 10 Aug 2021 15:44:59 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3E56 36 KB
12 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 14:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 10 Aug 2021 15:44:59 GMT

GET
H3-29 200 pubads_impl_2021080501.js Show response
securepubads.g.doubleclick.net/gpt/ 328 KB
114 KB 142ms
74ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

999dd215435801026f51fb5847df0b1127bd49541ef7d9aeb8b799a9669d8c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 08:37:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116820
x-xss-protection: 0
expires: Tue, 10 Aug 2021 15:36:23 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 306 B
177 B 139ms
71ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.rt.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a44682aa3fdacbd02411548399f1e854028ff1180f7ea7e2e1e2d298e3249ec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 15:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 152
x-xss-protection: 0
expires: Tue, 10 Aug 2021 15:36:23 GMT

GET
H2 200 widget-0-62e7fd9f413b.js Show response
widget.sndcdn.com/ Frame D814 204 KB
57 KB 65ms
64ms Script
application/javascript 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-0-62e7fd9f413b.js
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-8-555fa43e9b77.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64cea54e4443df86b1b5d951ed7014f6c03adae0748b9fbd83af599f738c9b79

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 10:48:36 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 449268
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 05 Aug 2021 10:44:24 GMT
server: AmazonS3
etag: W/"9a5bf3c04b5b82f5113d711d41f7eb08"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: O.2sBoTidS6TmVu3_sGixfo0AIlSSsds
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: knofE8EQwjclG-bKDnHQomy7nESNS9fr-BvQ2JPW_BXGZJJijk_XMg==

GET
H2 200 widget-1-9c0e7a8582ed.js Show response
widget.sndcdn.com/ Frame D814 20 KB
5 KB 77ms
77ms Script
application/javascript 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-1-9c0e7a8582ed.js
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-8-555fa43e9b77.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 642360414edbbf3b377184d94cc5ce4d197e2a723909914a2831556ac7944981

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 12:09:33 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2431611
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 13 Jul 2021 12:04:21 GMT
server: AmazonS3
etag: W/"901adcbfd900cf745877e56d4d5c36c1"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 0EDeoLgtmhjQF_wEQKopL9E70NrcjzUI
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 6HqmdWUzYefok2icK2O6DnH3kUUv59_LAS8Ex31mbOtA6lBIKMChkQ==

POST
H2 204 bulk Show response
trc.taboola.com/rt-rtcom/log/3/ 0
284 B 126ms
126ms XHR
image/gif 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/rt-rtcom/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210810-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 68
pragma: no-cache
date: Tue, 10 Aug 2021 15:36:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628609783.352364,VS0,VE68
x-served-by: cache-fra19172-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.rt.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1 200
OK resolve Show response
api-widget.soundcloud.com/ Frame 36E7 4 KB
3 KB 132ms
132ms XHR
application/json 13.224.92.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/resolve?url=https%3A//api.soundcloud.com/tracks/1103328121&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1628160241

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-945f28c53669.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.92.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-92-56.zrh50.r.cloudfront.net

Software

am/2 /

Resource Hash

5e4f5b617fb7834bc83faf9fcc20f32d01c8ba8d1d7d7aa071218d0663570e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 15:36:23 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
X-Amz-Cf-Pop: ZRH50-C1
X-Cache: Miss from cloudfront
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
Connection: keep-alive
Vary: Origin
Content-Length: 1897
access-control-allow-origin: https://w.soundcloud.com
referrer-policy: no-referrer
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
strict-transport-security: max-age=63072000
Content-Type: application/json; charset=utf-8
Via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: RErdR9giN2eI1hMMHySucJxvHeI0o9ncV84zwxpty6192uK46z033A==

GET
H/1.1 200
OK resolve Show response
api-widget.soundcloud.com/ Frame D814 4 KB
3 KB 216ms
216ms XHR
application/json 13.224.92.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/resolve?url=https%3A//api.soundcloud.com/tracks/1103319568&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1628160241

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-945f28c53669.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.92.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-92-56.zrh50.r.cloudfront.net

Software

am/2 /

Resource Hash

b00c0eaa396353b0a6527744862873326180d3659b94aa38658017dfc6f234e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 15:36:23 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
X-Amz-Cf-Pop: ZRH50-C1
X-Cache: Miss from cloudfront
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
Connection: keep-alive
Vary: Origin
Content-Length: 1668
access-control-allow-origin: https://w.soundcloud.com
referrer-policy: no-referrer
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
strict-transport-security: max-age=63072000
Content-Type: application/json; charset=utf-8
Via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: fSHvs_licXtMNeT6cg0J0HBki1QQYh2UhgbsDIqhtOCj2ULDFsoqAA==

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 50DF 156 B
716 B 262ms
261ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F8749%2FRT.com&description_url=https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1102633942908968&sdkv=h.3.474.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=1237101124&sdk_apis=2%2C8&sid=1205B2B3-DF9B-43DA-AE2D-CD635EE24B1F&top=https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F&url=https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F&loc=about%3Ablank&dt=1628609783368&cookie_enabled=1&scor=1707785710831590&ged=ve4_td1_tt0_pd1_la1000_er273.1077.425.1377_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame A2D6
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c1d98d0a-607f-4bca-9cf1-6adad1eea8e3
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c1d98d0a-607f-4bca-9cf1-6adad1eea8e3

668 B
749 B

60ms
60ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c1d98d0a-607f-4bca-9cf1-6adad1eea8e3
Requested by: Host: ruptly-d.openx.net
URL: https://ruptly-d.openx.net/w/1.0/jstag?nc=144751494-RT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 153eb9e02d8ed1d473a48099a28d201974cb80e1b43d4802d1457f95dd9431fd

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=c1d98d0a-607f-4bca-9cf1-6adad1eea8e3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=2a4fb5e9-28a0-058d-0f24-b0bef73a3a87|1628609783
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.rt.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=2a4fb5e9-28a0-058d-0f24-b0bef73a3a87|1628609783; Version=1; Expires=Wed, 10-Aug-2022 15:36:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1628609783|gekin0vNiygu; Version=1; Expires=Wed, 25-Aug-2021 15:36:23 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.213.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 10 Aug 2021 15:36:23 GMT
content-type: text/html
content-length: 420
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=2a4fb5e9-28a0-058d-0f24-b0bef73a3a87|1628609783; Version=1; Expires=Wed, 10-Aug-2022 15:36:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.213.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c1d98d0a-607f-4bca-9cf1-6adad1eea8e3
date: Tue, 10 Aug 2021 15:36:23 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 64ms
64ms XHR
text/plain 136.243.42.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa51.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Tue, 10 Aug 2021 15:36:23 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
853 B 136ms
48ms Script
application/javascript 2a00:1450:400f:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=www.rt.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 15:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 25ms
24ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.rt.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 15:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 401ms
400ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2858366131693630&correlator=1990023211317776&output=ldjh&impl=fifs&eid=31062072%2C31062188%2C31062203%2C20211866&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210810&iu_parts=144751494%2CRT_EN%2CEN_BILLBOARD%2CBUSINESS&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C970x90%7C970x200%7C970x250%7C728x90%7C1228x90%7C1228x200%7C1228x250%7C1240x90%7C1240x200%7C1240x250%7C1488x90%7C1488x200%7C1488x250&eri=1&cust_params=Section%3Dbusiness%26subsection%3D%26Page_type%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1628609783&dt=1628609783430&dlt=1628609781275&idt=2111&frm=20&biw=1600&bih=1200&oid=3&adxs=180&adys=152&adks=1624839184&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1240x0&msz=1240x0&ga_vid=869823800.1628609782&ga_sid=1628609783&ga_hid=1015800320&ga_fc=false&fws=4&ohw=1240&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

62599bca8bdfadadd9829a129c3ec8f948ef78cc8f5812ca6ffd0ce749163d01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8619
x-xss-protection: 0
google-lineitem-id: 5112296334
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351359568
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rt.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9514 6 KB
3 KB 61ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.rt.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 10 Aug 2021 15:36:23 GMT
expires: Wed, 10 Aug 2022 15:36:23 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 YoaHvTwhzbPC_m.json Show response
wave.sndcdn.com/ Frame 36E7 6 KB
2 KB 186ms
58ms XHR
application/json 65.9.71.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.sndcdn.com/YoaHvTwhzbPC_m.json
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-945f28c53669.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cb8f4223d001f1e3235cb74d09e952217df7a067f1fb723b6b5720bda52ab92b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 07:46:53 GMT
content-encoding: gzip
age: 28170
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=155520000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 1932
via: 1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
x-amz-cf-id: eAdjHa7ArH3NillZ7YTDfyx7LFkzWC6zyV2MmhzL_Oisy5pBaWUWkg==

GET
H2 200 artworks-0mc84y2NzBm6vulW-1IVlMQ-t200x200.jpg
i1.sndcdn.com/ Frame 36E7 17 KB
17 KB 218ms
78ms Image
image/jpeg 52.84.45.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-0mc84y2NzBm6vulW-1IVlMQ-t200x200.jpg
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1103328121&show_artwork=true&color=%234ad71e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.45.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-45-48.mrs52.r.cloudfront.net
Software: /
Resource Hash: 245fe27886f6e6d08e65e41f2eb0e17efd30273699a9fe3cb0bb9ed59ffffdd2

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 06:57:43 GMT
via: 1.1 7fd2e53766edf2c95772fedd22bce34f.cloudfront.net (CloudFront)
age: 895120
access-control-allow-methods: GET
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3628800
x-amz-cf-pop: MRS52-P1
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
x-amz-cf-id: IDBArY1NfYKQH0a0mFUlL8nK3jxvtsSS43IUo324cR4oFDEgeytI-Q==

GET
DATA 200
OK truncated
/ Frame 36E7 725 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0110b17fc4f574b960bb8bf1729e64992d215f27ab8a58e169e86e2ca046aec0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 36E7 43 KB
43 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3e74dbd9087c9f65fc9dd5ee31569b89224f667cab7edafd6ba15890201c2d

Request headers

Origin: https://w.soundcloud.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff

GET
H/1.1 200 92026.js Show response
mixi.media/data/js/ 4 KB
3 KB 139ms
138ms Script
application/javascript 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/data/js/92026.js
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: a7f8acd4db4af0901f21e78ab396afd16ca6b6db8b6b98e727e3b1bada4914f1

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:23 GMT
Content-Encoding: gzip
Last-Modified: Tuesday, 10-Aug-2021 15:36:23 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 602fb3d1203027061335c33f.JPG
cdni.rt.com/files/2021.02/xs/ 13 KB
13 KB 46ms
44ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdni.rt.com/files/2021.02/xs/602fb3d1203027061335c33f.JPG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ab17ddac12b7de4011d5d291708a4890367684178de570623362a3316033549a

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:23 GMT
last-modified: Fri, 19 Feb 2021 12:49:21 GMT
server: nginx
etag: "602fb3d1-34ca"
content-type: image/jpeg
cache-control: max-age=31536001
cache: MISS
accept-ranges: bytes
content-length: 13514
expires: Wed, 10 Aug 2022 15:36:24 GMT

GET
H2 200 5f042bf385f54052380568d5.jpg
cdni.rt.com/files/2020.07/thumbnail/ 15 KB
15 KB 116ms
114ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdni.rt.com/files/2020.07/thumbnail/5f042bf385f54052380568d5.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 45a4e4446e78289f9dd2218b0a590e48c6065dab0675dfbf5b5a02aa9b9d2864

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:23 GMT
last-modified: Tue, 07 Jul 2020 08:01:55 GMT
server: nginx
etag: "5f042bf3-3b2f"
content-type: image/jpeg
cache-control: max-age=31536001
cache: MISS
accept-ranges: bytes
content-length: 15151
expires: Wed, 10 Aug 2022 15:36:24 GMT

GET
H2 200 5f672e4085f540436a502a82.jpg
cdni.rt.com/files/2020.09/thumbnail/ 12 KB
13 KB 130ms
129ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdni.rt.com/files/2020.09/thumbnail/5f672e4085f540436a502a82.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2a4a64c9a77edfde7faedb906007d3acde8a69fb884ec4659c18fbcad7b4cbc8

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:23 GMT
last-modified: Sun, 20 Sep 2020 10:26:08 GMT
server: nginx
etag: "5f672e40-31d0"
content-type: image/jpeg
cache-control: max-age=31536001
cache: MISS
accept-ranges: bytes
content-length: 12752
expires: Wed, 10 Aug 2022 15:36:24 GMT

GET
H2 200 5f917d3d2030271826689244.jpg
cdni.rt.com/files/2020.10/thumbnail/ 17 KB
17 KB 7ms
6ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdni.rt.com/files/2020.10/thumbnail/5f917d3d2030271826689244.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2ddc992b8d6d27d8ca637c02c5924f6e5cd41131a8e90f58e806ce0e278876b5

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:23 GMT
last-modified: Thu, 22 Oct 2020 12:38:22 GMT
server: nginx
etag: "5f917d3e-435f"
x-cached-since: 2021-08-09T08:25:43+00:00
content-type: image/jpeg
cache-control: max-age=31536001
cache: HIT
accept-ranges: bytes
content-length: 17247
expires: Wed, 10 Aug 2022 15:36:24 GMT

GET
H2 200 5fa3ebcd85f54064166e0f04.jpg
cdni.rt.com/files/2020.11/thumbnail/ 13 KB
13 KB 116ms
115ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdni.rt.com/files/2020.11/thumbnail/5fa3ebcd85f54064166e0f04.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9cef241bf695fc9dd2b515838b3155a44e8f4b6cae237037733d67fcaf87b410

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc14
date: Tue, 10 Aug 2021 15:36:23 GMT
last-modified: Thu, 05 Nov 2020 12:10:53 GMT
server: nginx
etag: "5fa3ebcd-3359"
content-type: image/jpeg
cache-control: max-age=31536001
cache: MISS
accept-ranges: bytes
content-length: 13145
expires: Wed, 10 Aug 2022 15:36:24 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A2D6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e1e46112-9cf7-4c00-a3b0-7ecce02da0ce

43 B
106 B

58ms
58ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e1e46112-9cf7-4c00-a3b0-7ecce02da0ce
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c1d98d0a-607f-4bca-9cf1-6adad1eea8e3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:23 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 10 Aug 2021 15:38:58 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e1e46112-9cf7-4c00-a3b0-7ecce02da0ce
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 10 Aug 2021 15:38:57 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A2D6
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=mlYsq5UEe66BX3_4mV8wrpoGfKGBXiShzQUMoCpg

43 B
180 B

60ms
58ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=mlYsq5UEe66BX3_4mV8wrpoGfKGBXiShzQUMoCpg
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c1d98d0a-607f-4bca-9cf1-6adad1eea8e3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:23 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=mlYsq5UEe66BX3_4mV8wrpoGfKGBXiShzQUMoCpg
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A2D6
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6535878542904078792

43 B
106 B

58ms
58ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6535878542904078792
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c1d98d0a-607f-4bca-9cf1-6adad1eea8e3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:23 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:23 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6535878542904078792
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame A2D6 70 B
265 B 215ms
70ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=f9e38ab0-8127-3a7a-55f2-7856931d097a&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c1d98d0a-607f-4bca-9cf1-6adad1eea8e3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A2D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDU4YzU5N2EtNDg1MC02NGRlLTQwMTItMjJlZjU5ZmZjNzFh
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDU4YzU5N2EtNDg1MC02NGRlLTQwMTItMjJlZjU5ZmZjNzFh&google_tc=

170 B
188 B

78ms
78ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDU4YzU5N2EtNDg1MC02NGRlLTQwMTItMjJlZjU5ZmZjNzFh&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c1d98d0a-607f-4bca-9cf1-6adad1eea8e3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDU4YzU5N2EtNDg1MC02NGRlLTQwMTItMjJlZjU5ZmZjNzFh&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A2D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAg3bAxz_UryOwSeegTU0Vo&google_cver=1

43 B
106 B

59ms
58ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAg3bAxz_UryOwSeegTU0Vo&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c1d98d0a-607f-4bca-9cf1-6adad1eea8e3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:23 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAg3bAxz_UryOwSeegTU0Vo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B7MvFLA86rNY_m.json Show response
wave.sndcdn.com/ Frame D814 6 KB
2 KB 89ms
59ms XHR
application/json 65.9.71.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.sndcdn.com/B7MvFLA86rNY_m.json
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-945f28c53669.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b1f4dad6ef0fe636cc10fc12e15f7c774083209a11075bd92fbeea4d573d363a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 07:21:35 GMT
content-encoding: gzip
age: 29688
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=155520000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 1921
via: 1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
x-amz-cf-id: heCvC9JloeL8aIrBUZRVooPtSD2y0q1NhFwmtcudx625kxhF2uKfYA==

GET
H2 200 artworks-YxAUq64MuUvpRilf-ByKYTw-t200x200.jpg
i1.sndcdn.com/ Frame D814 9 KB
10 KB 142ms
100ms Image
image/jpeg 52.84.45.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-YxAUq64MuUvpRilf-ByKYTw-t200x200.jpg
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1103319568&show_artwork=true&color=%234ad71e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.45.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-45-48.mrs52.r.cloudfront.net
Software: /
Resource Hash: d09e255043f49dc8e8457829826dd4c4db091f857a7ca6fca26613266bd82b41

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 07:37:00 GMT
via: 1.1 7fd2e53766edf2c95772fedd22bce34f.cloudfront.net (CloudFront)
age: 28763
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3628800
x-cache: Hit from cloudfront
x-amz-cf-pop: MRS52-P1
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 9649
x-amz-cf-id: p12pXtHAOXTScNFwJ6rm7fDQpY2C0nPzzocAv01-UrBp-NEADdfc8Q==

GET
DATA 200
OK truncated
/ Frame D814 725 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0110b17fc4f574b960bb8bf1729e64992d215f27ab8a58e169e86e2ca046aec0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200 jsapi Show response
mixi.media/newdata/ 2 KB
2 KB 147ms
146ms XHR
application/json 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/newdata/jsapi?action=news
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.3.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: b93dc28e453320f021269ce14d25c62c8b21c3bf39557e335ce9642c0cd49c33

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:23 GMT
Content-Encoding: gzip
Last-Modified: Tuesday, 10-Aug-2021 15:36:23 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.rt.com
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Node: ads4-3ssel30

GET
H/1.1 200
OK 9259082.jpeg
static5.mixi.media/img/400x266/ 27 KB
27 KB 271ms
100ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static5.mixi.media/img/400x266/9259082.jpeg
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 09a7449f1b62dd74d9b124ec89ca3338f59e86ec8016b8e22569f9c78cdc6ad9

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 15:36:24 GMT
Last-Modified: Wed, 04 Aug 2021 10:03:24 GMT
Server: nginx
ETag: W/"610a65ec-79cd"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27372
Expires: Fri, 04 Aug 2023 10:03:48 GMT

GET
H/1.1 200
OK 9232547.jpeg
static8.mixi.media/img/400x266/ 34 KB
35 KB 271ms
99ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.mixi.media/img/400x266/9232547.jpeg
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 8addba557956c39dfb0d04ddad5a86ef7aaec8038d7dd60ef7583cb4aea1c2c1

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 15:36:24 GMT
Last-Modified: Mon, 26 Jul 2021 14:44:23 GMT
Server: nginx
ETag: W/"60feca47-1f0ef"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35020
Expires: Wed, 26 Jul 2023 14:44:39 GMT

GET
H/1.1 200
OK 9276266.jpeg
static1.mixi.media/img/400x266/ 30 KB
31 KB 274ms
100ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.mixi.media/img/400x266/9276266.jpeg
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 53ef2f1b20680799a9b9b91957b72ca5e538cc622771c99f72bf337a16545b4c

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 15:36:24 GMT
Last-Modified: Tue, 10 Aug 2021 05:00:16 GMT
Server: nginx
ETag: W/"611207e0-11a31"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31184
Expires: Thu, 10 Aug 2023 05:00:33 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame CA93 0
0 71ms
70ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1RMQ3qIWU-Tp22ytC2WHmhz_XaKIrmAO6793xmS2WpyrM6HargojRQQL_XwKrJx54NJShflVSSLrs-5hsSuil2EirMtN2QdBS-zjWzUXTwoTIBozfM0IH4X8MAiARwkbxA8FFsumDuTBk8BlIY7OHzxwv3eQpWoa8Ah7WVTh1C1zvktYWmpFMFc6Fn9RDPvvs8FFB7URm95VPcmBjuOJU4Ox6EfcpHfUfTPKjieuIq4IgDPpj9t7pe7FpXfz5cm_5ajn5oFwophpWXiyigQ52ttQehrn6J7cVIkFhftWUhIxLWTMazLm_OAMpcn9DCEUIB2o4CBTwTdr0q9WlDReimAl_hiDFrFgmJVddPzzn8DsEIyRR3g&sai=AMfl-YTNLQvuMmQNYW9M2aKPhdAViDRcR1H3e1_HNIo48OihBN3OEtODA8bqultJCo9zLMgh-ZneSATx2O_MsIxCAxdsLCXXUxQ0CTiq8kkfsJFoIZ_2Xa7Za8lNW6rNqgcv&sig=Cg0ArKJSzGBT9oT9jyb6EAE&urlfix=1&adurl=

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 15:36:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA93 124 KB
37 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Tue, 10 Aug 2021 15:36:23 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508781313717"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Tue, 10 Aug 2021 15:36:23 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 74ms
74ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021080501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

298297a283ef32eec9bb54897d146afbd4098f1b1b4bf42b3982108cbf87df12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 15:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0

GET
H2 206 16479852722086630351
tpc.googlesyndication.com/simgad/ Frame CA93 451 KB
451 KB 10ms
9ms Media
application/octet-stream 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/simgad/16479852722086630351?

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fd7d87f7206afb6b809a80f43ee5e7b2c9678303e267148769245fd66ee72b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 05 Aug 2021 07:37:28 GMT
x-content-type-options: nosniff
age: 460735
x-dns-prefetch-control: off
Content-Range: bytes 0-461857/461858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 461858
x-xss-protection: 0
last-modified: Tue, 01 Jun 2021 12:31:44 GMT
server: sffe
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 07:37:28 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=www.rt.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 15:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.rt.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 15:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 390ms
389ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2858366131693630&correlator=943366562686490&output=ldjh&impl=fifs&eid=31062072%2C31062188%2C31062203%2C20211866&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210810&iu_parts=144751494%2CRT_EN%2CEN_SIDEBANNER_1%2CBUSINESS&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C300x250%7C300x600&eri=1&cust_params=Section%3Dbusiness%26subsection%3D%26Page_type%3D&cookie=ID%3Df240365af5fd2c4e-2297e03a9cc8003c%3AT%3D1628609783%3AS%3DALNI_Ma_BHgSCyugUl_1_B8ROKHt8WzKiw&bc=31&abxe=1&lmt=1628609783&dt=1628609783872&dlt=1628609781275&idt=2111&frm=20&biw=1600&bih=1200&oid=3&adxs=1033&adys=305&adks=3698597948&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=386x0&msz=386x0&psts=AGkb-H9OHkmv2cy8E2DmIutpdpk6vTumFAoubGk8GQEvEmncd-bflvB77CTx_s716pP50mFeIoPfNSoBZp2wZdT9wfljaiznVg&ga_vid=869823800.1628609782&ga_sid=1628609783&ga_hid=1015800320&ga_fc=false&fws=4&ohw=386&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

15ac8a62d6a18ea8ee5a34000d75d41ccfae2bb9d68c074f61bf2f077ce812a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8647
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rt.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CA93 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e801554ae5f3c178c9486025670386126a2895a18ed7b8a321ccebb7622946fb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame CA93 0
0 72ms
71ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0nJhnSBSgz5PdlSGw5NHieP8mSt8DCLutqtGCQljFxrNCK3Sw8MqkFpBqQygEWRcFu9U-wTRqqzKqoKHn4H6MO55pxjQKWA9Nn_RtNw6WiFF3LGrN76KxpRuDKYByvjJ2ZC_HkZp-POcMybZ1BNk9Trv8mdi3Ch8fBT716JI3WlXCE4DXqEilCqNaw1w8Bfcm0vGdI8umWZi_umj2tpxvqOM8tMnQ05cQ7_sjEZ1lAuaVj0p8RHSZH4wMeI7z4LnCENN0CbL0cop2kHdmTXJfMtDEak0Gr6DFUMVCaVf0-zaBlRFmTQ3pu56i0eMKrzZXT8nDOhLwl1nSUow&sai=AMfl-YQ5BsczZzDmsFE6g_iOY3oNL68hJLdTiPEt-7k4l7pkvbR4obrXi4I4oX6LklHBUDc2zJckjYR5bdo003deyVJ1dHwL3mWBoyKjS4DNLAcUhaH4lvxq812Z4JhAPPJ-&sig=Cg0ArKJSzJU6kMGF5VN0EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 15:36:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 10 Aug 2021 15:36:23 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 83E1 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 15:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 10 Aug 2021 15:36:23 GMT

GET
H/1.1 200 jsapi Show response
mixi.media/newdata/ 27 B
1 KB 138ms
137ms Script
application/javascript 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/newdata/jsapi?action=viewability&payload=EjEIgP2UBRj7zgUgLjIkMmFlNjMwNjItYWU5ZC00YmExLTk2MGMtM2E4NjEwOTI2OGFj
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.3.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: a498f099f3222360113678dafd9646d1dc360e4cdc213bec664b07fb27f93b1c

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:24 GMT
Content-Encoding: gzip
Last-Modified: Tuesday, 10-Aug-2021 15:36:24 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
X-Node: ads4-2sselp12

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A179 156 B
142 B 228ms
227ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6650&description_url=https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4066953294270495&cust_params=domains%3Dwww.rt.com&vad_type=linear&sdkv=h.3.474.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=630346545&sdk_apis=2%2C8&sid=26AAD8CB-0A4F-4F9B-9F81-4877EF77D3E9&eid=44737473%2C44744588&top=https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F&url=https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F&loc=about%3Ablank&dlt=1628609781523&idt=1756&dt=1628609783987&cookie=ID%3Df240365af5fd2c4e-2297e03a9cc8003c%3AT%3D1628609783%3AS%3DALNI_Ma_BHgSCyugUl_1_B8ROKHt8WzKiw&scor=2310554937103501&ged=ve4_td2_tt1_pd2_la2000_er363.1077.515.1377_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1BE2 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.rt.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 10 Aug 2021 15:29:08 GMT
expires: Wed, 10 Aug 2022 15:29:08 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4A63 783 B
532 B 27ms
25ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e70e4c1c5fe049617156d765cc404e7464f18b07ef193cd51920f3ba0c1346d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N6a/nLAKIyNO5k5Ku0EL/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.rt.com/

Response headers

expires: Tue, 10 Aug 2021 15:36:24 GMT
date: Tue, 10 Aug 2021 15:36:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-N6a/nLAKIyNO5k5Ku0EL/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 iRicVbaePdLi90mWh_i3qmjfYPepQ9h53Asz6zNDGI4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BE2 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iRicVbaePdLi90mWh_i3qmjfYPepQ9h53Asz6zNDGI4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89189c55b69e3dd2e2f7499687f8b7aa68df60f7a943d879dc0b33eb3343188e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 01:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 481776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 01:46:48 GMT

GET
H2 200 json Show response
trc.taboola.com/rt-rtcom/trc/3/ 13 KB
5 KB 429ms
428ms XHR
application/javascript 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/rt-rtcom/trc/3/json?tim=17%3A36%3A24.046&route=AM:IL:V&lti=deflated&data=%7B%22id%22%3A673%2C%22ii%22%3A%22%2Fbusiness%2F516638-gamestop-short-sellers-losses%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_deb38483c69e7a17717d85c6cd92733e_8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276_1628609782_1628609782_CNawjgYQwus9GKnC1IWzLyABKAEwvwE4krUNQKidEEie4tgDUN_zLVgAYABosa_ptcr9986tAXAA%22%2C%22ui%22%3A%228f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276%22%2C%22uifp%22%3A%228f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276%22%2C%22lbt%22%3A1628596415650%2C%22vi%22%3A1628609782057%2C%22cv%22%3A%2220210810-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.rt.com%2Fbusiness%2F516638-gamestop-short-sellers-losses%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5916%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-anew%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2318.796875%2C%22mw%22%3A853.234375%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210810-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 714a02bedd57b25b4f6788f568b9c56d2d1f400d83ac9a8e5a3f4b0f269a93ee

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 370
date: Tue, 10 Aug 2021 15:36:24 GMT
content-encoding: gzip
server: nginx
x-timer: S1628609784.077853,VS0,VE370
x-served-by: cache-fra19172-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.rt.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021080501&jk=2858366131693630&bg=!HxylHFjNAAbOj6irzo87ACkAdvg8Wi-Tk16OfP1_bT0ihY6qZc2n8bd8yVUgHw9dpObNOs66l-o15wIAAABpUgAAAAxoAQcKAQ7gu5Nbe0XHycd-VU_umHnNEMGn1zgidYf22F2BBNMk0sdopT7oTbK8XZ0Q4lg0Pz9pd4LUCNHzWez5LFCPIN6VNrxhS45Qp6vQ96l2KSxhJqG_KWvfuNowuHPnmDdeHEGI716UDzRna0tRC6MRAO5Fg8zdgA-XSoI0_syu_iyG1ES_XWBbVgFqXdiJdcQUb8TQhuI8PhttYocahOIFcpD78V1gr4iX-_PiqA1ZLvv1THyZi2uTfHmWBI0ASkZZl40fvEkxnkGBM7bgpoJ9L84Hv3F_pg8ebw4aHvNc9MpOZtasxJoSRShjmn-c9FvNbHZh7kKoAnbChnEz2yOI8pwZ98dNTMaepDFWQvO259yZAmuBXRXsN6qQs_f9e7T58B-yz3YJrLYTIEZuwrAsUGbHkyWXaZapF0ArN-p07ni4VjxtQxo3opI8AEzMYOMfNBAS0PSee0wza4Ia8Y8v_yqS1VgFUOBOcttHVXO53kGMa2g0YOkZmtAfgqv2ZVheBrA7ignIHE86T4dLli1Zi4mMBUsCrNA_inSkYr2NYfjuIUBsb7sJ3cZZqI8qkUFD_7x3WYJ5pDDRHB7j0QJeBg59QBrXH9qWT-BsExE6L2xHL1Ls8j8GK47sXmCbt6hoKM_UvJrjnS_st-YNpf39zNZ6WZKgK8AUBcJvKOglfbH-UxtkDFC7HU22eb3eIgYMpgRN74TMfd8Tevib8szRtZ9Sq2PpyU7LarlS1sI9QoBZPI_nHi0zf5BQdbO8bUhh94mvPKu9scr2_w3N2LyjJrdLYPl88ud0-tbownYn5e1QvXfUrfcGqNmLRa56job06y8zx8XAuMj34k6jjILmtY-VAZu6qnWnyiNogGSLl4-Nj0JlrBRWfyM3wizQGCn-rKSeR130eBJV9l4dxHkflN6ygNKnob69OtaehDxDjKfhrhQ3JnueYWPOZqbSt-1RK62u9fTrB0MSReBHG7nEh4-2lSU81c3S-2oSH1f7z-t04WNcQ6lYG2dUCyR8TcdfJCHvWXc48CWTqXcAFN4RzJthZ0SICj6T_AGPMZU4Kk0b7_9G9oYrlILea9XDB2E6-xIGxBYlFInWc9JSy52dxqaNCnSaIEGwJjRpm495tESOgkVOW-4FCjhw0hQJe658rnbv5spc1cbeMKY0ObTnsTvVMb_BrnVUVwfmanyw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 6A89 0
239 B 240ms
58ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 6A89
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIjNbPfZXIiqCMcPUknE-1Y&google_cver=1

0
221 B

125ms
125ms

Image
text/plain

151.101.13.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIjNbPfZXIiqCMcPUknE-1Y&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 67
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628609784.363112,VS0,VE67
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19172-FRA

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIjNbPfZXIiqCMcPUknE-1Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 6A89 42 B
546 B 180ms
57ms Image
image/gif 185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276:$UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:22 GMT
cache-control: no-store, no-cache, private
x-lat: amspug005:0:345
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6A89
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=a4b74a1f-5f9f-4229-8d18-cb775de90efd-tuct80c2278

170 B
188 B

70ms
69ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=a4b74a1f-5f9f-4229-8d18-cb775de90efd-tuct80c2278

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=a4b74a1f-5f9f-4229-8d18-cb775de90efd-tuct80c2278
date: Tue, 10 Aug 2021 15:36:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 24651

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 6A89
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=41103279-b0ce-4872-8ea7-c02eb7f61181

0
184 B

125ms
125ms

Image
text/plain

151.101.13.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=41103279-b0ce-4872-8ea7-c02eb7f61181
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 68
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628609784.442962,VS0,VE68
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19172-FRA

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=41103279-b0ce-4872-8ea7-c02eb7f61181
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 6A89
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

67ms
67ms

Image
text/plain

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:24 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:24 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 6A89 49 B
406 B 404ms
147ms Image
image/gif 198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-84459f4bbf-95pzl
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 6A89 43 B
697 B 192ms
62ms Image
image/gif 185.86.139.89
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame 6A89 0
59 B 286ms
54ms Image
text/html 18.195.155.181

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN (),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:23 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 6A89
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3d1ddb19-d72e-4725-9542-c402af6b9293

0
230 B

57ms
55ms

Image
text/plain

141.226.228.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3d1ddb19-d72e-4725-9542-c402af6b9293
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 24646

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3d1ddb19-d72e-4725-9542-c402af6b9293
cache-control: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2951
content-type: text/html; charset=utf-8
content-length: 222
expires: Tue, 10 Aug 2021 00:00:00 GMT

GET

push
pixel.tapad.com/idsync/ex/ Frame 6A89
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOdBq2bS0lh-1IIAnSohSGwqq5I_PuyTj-P25A5g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOdBq2bS0lh-1IIAnSohSGwqq5I_PuyTj-P25A5g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=f5e7198d-af84-41c2-a2e7-c628dc67a982&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://match.adsby.bidtheatre.com/usersync?cb=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F487%2F5%2F3.gif%3Fpuid%3D%7Buid%7D%26gdpr%3D1%26gdpr_consent%3D&gpdr_consent=&gdpr=1
https://id5-sync.com/c/464/487/5/3.gif?puid=cfe04804-b36f-4753-9e61-e24c56c2f211&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDfyBjByXSl4KWXMGY4cFyM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1467449069197439855&opid=apx&ops=&utidl=tech:goo:CAESEDfyBjByXSl4KWXMGY4cFyM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A19751438018&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/3/5.gif?puid=d537ecbd498c72b1af70c120744a9a89&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/2/6.gif?puid=270b208d-3e59-4ae4-b0e6-650465378775&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...

0
0

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 6A89
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=taboola&bsw_custom_parameter=e75fa94b-273f-4ac3-9e6c-6837323c0658
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk631a821d-6d33-4029-9379-c0cfb7f66be4&expires=7&user_group=5&ssp=taboola&bsw_param=e75fa94b-273f-4ac3-9e6c-6837323c0658
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e75fa94b-273f-4ac3-9e6c-6837323c0658

0
230 B

55ms
55ms

Image
text/plain

141.226.228.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e75fa94b-273f-4ac3-9e6c-6837323c0658
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 24666

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e75fa94b-273f-4ac3-9e6c-6837323c0658
date: Tue, 10 Aug 2021 15:36:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 6A89
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=56057f64-54ed-43af-98dd-b19db6f6e6e2
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=56057f64-54ed-43af-98dd-b19db6f6e6e2&tbid=1eff32c6-aff1-45fd-88b6-e91348d09590-tuct80c2278&query=taboola_hm%3D56057f64-54ed-...

0
53 B

69ms
67ms

Image
text/plain

151.101.13.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=56057f64-54ed-43af-98dd-b19db6f6e6e2&tbid=1eff32c6-aff1-45fd-88b6-e91348d09590-tuct80c2278&query=taboola_hm%3D56057f64-54ed-43af-98dd-b19db6f6e6e2&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628609785.821984,VS0,VE10
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19172-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=56057f64-54ed-43af-98dd-b19db6f6e6e2&tbid=1eff32c6-aff1-45fd-88b6-e91348d09590-tuct80c2278&query=taboola_hm%3D56057f64-54ed-43af-98dd-b19db6f6e6e2&isDirect=0
date: Tue, 10 Aug 2021 15:36:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 24650

GET
H2 200 sd
u.openx.net/w/1.0/ Frame 6A89 43 B
106 B 59ms
58ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 101956
jadserve.postrelease.com/suid/ Frame 6A89 43 B
427 B 411ms
137ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 6A89
Redirect Chain

https://eb2.3lift.com/xuid?mid=7772&xuid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&dongle=tbla
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

51ms
51ms

Image
image/gif

13.248.245.213

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN (),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7772&xuid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
date: Tue, 10 Aug 2021 15:36:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 68ms
67ms Script
application/javascript 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210810-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 169
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by: cache-fra19172-FRA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1628609784.292005,VS0,VE0
date: Tue, 10 Aug 2021 15:36:24 GMT
vary: Accept-Encoding
x-amz-request-id: X0T5G34XC8D2QGE8
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 62
x-cache-hits: 1537

GET
H3-29 200 container.html Show response
459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5552 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.rt.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 10 Aug 2021 15:36:23 GMT
expires: Wed, 10 Aug 2022 15:36:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F67C 624 B
449 B 17ms
17ms Document
text/html 2a00:1450:4001:80e::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2qIxC1myQYhu2GrwEwAQ&v=APEucNUbw9ybYR3urCqbKqmyfiKoJgUZuvRT0LfXv6DImwE9WaXs4B_iOO-x2Of_1OKHFa_bTSGkjJCkYzePVOMPKxDqn9N9WK7TX6s36qkMCeiqfmsP3ptj8ArEmFmWuFJOl7OPTqYmM-viLdLc7xHWYIIk9I6BZFemfKB2Mb2Cvna5VoNsubA

Requested by

Host: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
URL: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CL2qIxC1myQYhu2GrwEwAQ&v=APEucNUbw9ybYR3urCqbKqmyfiKoJgUZuvRT0LfXv6DImwE9WaXs4B_iOO-x2Of_1OKHFa_bTSGkjJCkYzePVOMPKxDqn9N9WK7TX6s36qkMCeiqfmsP3ptj8ArEmFmWuFJOl7OPTqYmM-viLdLc7xHWYIIk9I6BZFemfKB2Mb2Cvna5VoNsubA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlkUwDoAsFX2ajV6myExv_7Gs7wsQkImJtaRI7ovx2CoOYk-l1TJCEvZFvTIGc; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 10 Aug 2021 15:36:24 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 10 Aug 2021 15:36:24 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5552 44 KB
22 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaNs7fE6Xd5JCF2rv9KkUWGZinY_k3qALuht8rSNf25JOLsJ_owHdMqeVsLwBqs6eZpHlZB4UVR7_g8XsejncJnaptFsAeAo9Dq4xFO_gpjXy6i4eN0yhJGRSfQXRXUSt_UKfI4Kd85i6ds9GdD1WkpwLPmg&dbm_d=AKAmf-CrjimhuUpi-zTtbI5AQU9c0zvCkZnhTeCuhNMXCs3oGl36ZUSxvPU1X80etlG1-4-8xkEaiij3EdWiYO9AE-phnduVAx1C0OH9SVPaJg-8DgCkKyx0y7rxz3d7DhO3OK9oGUagmv1avHu0Nm5-Z4dgAgDEZWUmpg3d-HMqROGeiqOidESIl_ve2VWXcPk-zLYCJl3n4cklLGirE4ygpCV5QXygrXItyhUzctLyidW8LNS9bPtpHlEDWNwTdtnNMZPGhCtl5POi-TXsxbSVcRUNUplsQ3TLc6C9OhjQGVCcQawh8734M9zgk9QacYWCYYNU1rLoczpdiLvRL0v-mV0CZAILY7zh9ebB30-hgcRadQBST4s_IRAiJ-Qk2KKGsUtpbwD8JF9K8kB-CACipjq5M4qR1GFDBN0pRMFOejI7ezlCmiVqXFwT9MY3V9dK3TTxINN0VElIqcyYB4kcVXYQFlel-J1uJgcUXfolWfO8n3ve2zoeSZNcq8GReqKb3XUj7uWpFqK3huYwKjWnR3dLoCR2GTDYDzNCYCBBMwlOrSxtYVU-1qIWvRy8RED17JF7oyq3tygj9nKXXgcKJGcR5BEv7i9QTMh7buKskcljx1g4vnXVxqnjhh_-6BYaUftLOojo9btuUKZP_721eCx5YueOZEhAZ51ok2urbVPUJXnMaZqYe7t8YgOZW_XCHMMsUYtUUCFzzsQSSzz6QEzutT7vENicaENytjbdEvPZeZhwQO1F4BJiJk_H_eIxJPg3S1eCntPo_f2kzI2G_YihbmbL0wLsTjPA88219R5rhbb8xSFS-DPcNsQGwYFyLvvbpP0s92N_X_CTLnh0mK-H3OZfyDA0EABxPkPcYVFsaFME4tbiYImMmQVKIxdK1AjlFx-xLjdaUL861-tMbotjl_wXUQQntub1Hc0kt4QE5oJZUeztiSABgATIRcBf6FGFf-MWl7zl_SoKHx7ijqgjbVqc4zusF-yBIqR80WenWycPzAm92wEz8IPXco3Yzrd5BfRIQxa5JEqf8E6JGVaKeHY2XQrI6PWkcszY_ckrlcu1s-GsHtodM1hcLNqHpJU22mRYjioJm2QTla2vTN31bnZ2nWxPnTX3EnoSJRPRMlntowc5qW0Z1Vr3sZF1hIpvfpSqx8TefbZpARemUjKZRUe8lvhNoBdurx0Rnft5G1oVirdU8slT7MVmPzOiOnORrgEhK55q3Rf2WTmDKe4iOuvzSSnkH0RCl9YsYpWC7I6SID44g-_hj-tZQmJuF47Qdbgsz4PgxkypgX1ERnZa9aD7Q5S9xyokHBDImBBPl2JLm7FzeueW4IA25T12y8VJm1Arg6Lr6Sk9PtitMJMe4TyQczM1Uap573owdm2Jf_0ACXM0asAGcqvDvOnUSByI0gXhTDiuqi4x2UO1qtPuLPysq7gjhkuDfigmNZuXt4p_gEEYa_UBg0hmRQmxEV7cEAISRPaBsiQdWhPIz7-KVI7ExI_8wph7ZJsaJftxr1IYKi0kDhQoa_ANPsj_J-KlckQ2sEWEzFfstrvRB9dfR9CYNXgU8_a_xJkoPwUHczoHlL_NnzhAv3FhgQ1a6PIUFT3c4-GFjtizP_U6I4Cd1MxOiE0svy-mVzp93uiD5PxxZLW02_x-ebRQbEWBe6NGZYq1EE9h_JZkHwqtfy_EQVhTIdVFx36pOj8Ihb9mnxJYpDEGnU8ep_Dg2G85xOnS9gCE_ISlNZhv-b93MglQQBxfv3NRpZSwZiafJY7VRP_rbLyd71WsMnVlor6RTICppKqua0n7YzJkiiq75qTW1YteYKTgV5AGA5QqatA7JgnxxvCYNsTa9UEr1hOVx9Ry2Qq5He3OrF32iURzoLLnE2RXcKS1A-NMKYewjYzT7nLW2YUGgPI_KQRvO9XlDjUp97gipLIzkoS5ijIvVMIvzJMKwLb_AmG9wyVSDfob19Je-CUMuUsOV9RyO9TWoeAv1vCjDGGyaCdZ9yhkOKJ4aWcYHxrTLYVkxTc-3qgiQ0-xAS2OI-vuTUtaW-DK5AEtnoFN-JFW1FAGqU8ku6dcKsEYznNGAwoBhs2yFWBm41OJHesG4wj_Za0VeO-aqlirOdlvAHVL-dCj0XKLfV2B9lQRFJkbqoIHEVA3tDPb9BEWp7ygx7ZUrQHbJzpGuCt6GqVk8qgJqHDmvuA4BaxQJtURRGOPJpM1BAdS4Sxf2YU86L9nqa3eNq-0F3Ey0xbXPofA16bwRVh532dM4S6v4xO6iK-XmDAAl5RUll-YGZ4Sntt0tus7FEyVzCUKXzF7nRoIyj-3ARtZ1S9aGMPNe75Grnu3PN4tH8Lnu9yj3qnC_cx07-s9VPvOsa0iS-8NUip2c8CQE1YDhCsABeOyP-dcKXV2y0EtLEXDZgK42JTi8Sim8HImF2NxW0ASFpS0l-LG4xRqTQn9hTeeDpGmggJeelpTx54nUAbIjTBOdot14DNiseuqrUwkPv7qylk4FXcz5JSIvA_S_tx3hNXyVVmFqXv0dzVfJJlsJyrKmvoeCUmqnP1o454e255e2XF6n3LLd1R9FYj4a4JDN2hMP9WnNtmWgu9cPcvYbyIT69ij3-pkOxfFzYWUxQxWu68xkBRwRfQJdCcwDF7eOwi2K_h6nRPBbU90m7V19ttaZSaT-5hUN_c3oGiysLdsIQt5qP-Ew41C3D6-7_QaZJaTFtONqMv5Pwzn9HYZUMJlLsrxB6rnqZlQwgElaCeYJQeujLXHBtwRl7f784myAjPmzMW735OT8CUgyB3PpOvhJmlK6ErSylgiYJNuyNg_9umFh6U26x_JkT5Yr6pQxXU2vo5Rk5oNqPtWiyeCKoBq_f162IC4dt3NgVt4gVbzEgmMG9VNxiW1s2SOPc0XoJ7EujCpFgG6WsyerHQ5MnMfJHH3a5Ui2oqcpSN2JjwN33sV1nwV&cid=CAASEuRoKjy7ONv6k1Y9f1RuaybvNw&rfl=1%2Chttps%253A%252F%252Fwww.rt.com%252F%240

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

0c44e64c9678862ef60aa0780030e5db95031a5a55aa16e9af648a603869d92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22189
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5552 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-E_0NY10M4IHDbGctupiDphTG2DVGu-D1GRpuoVdoKQfpOVI0qdDxNKUb9LAXQ_IVhKguIMDm-AISlvrIrBWH_eFWZnMi-sIlz3OujW_63KqT6fg

Requested by

Host: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
URL: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/ Frame 5552 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/window_focus_fy2019.js

Requested by

Host: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
URL: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 14:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Aug 2021 14:55:50 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5552 124 KB
37 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
URL: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:24 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Tue, 10 Aug 2021 15:36:24 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/ Frame 5552 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
URL: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:28:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Aug 2021 15:28:59 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F67C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZt8be6SdkgUMhrislLnUE&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZt8be6SdkgUMhrislLnUE&google_cver=1&C=1

43 B
1012 B

76ms
75ms

Image
image/gif

2.18.234.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZt8be6SdkgUMhrislLnUE&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2qIxC1myQYhu2GrwEwAQ&v=APEucNUbw9ybYR3urCqbKqmyfiKoJgUZuvRT0LfXv6DImwE9WaXs4B_iOO-x2Of_1OKHFa_bTSGkjJCkYzePVOMPKxDqn9N9WK7TX6s36qkMCeiqfmsP3ptj8ArEmFmWuFJOl7OPTqYmM-viLdLc7xHWYIIk9I6BZFemfKB2Mb2Cvna5VoNsubA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 10 Aug 2021 15:36:24 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZt8be6SdkgUMhrislLnUE&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 10 Aug 2021 15:36:24 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F67C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRKc.I3GwKcmGYDmNsoDIgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZt8be6SdkgUMhrislLnUE&google_cver=1&google_hm=2

43 B
892 B

80ms
80ms

Image
image/gif

2.18.234.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZt8be6SdkgUMhrislLnUE&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2qIxC1myQYhu2GrwEwAQ&v=APEucNUbw9ybYR3urCqbKqmyfiKoJgUZuvRT0LfXv6DImwE9WaXs4B_iOO-x2Of_1OKHFa_bTSGkjJCkYzePVOMPKxDqn9N9WK7TX6s36qkMCeiqfmsP3ptj8ArEmFmWuFJOl7OPTqYmM-viLdLc7xHWYIIk9I6BZFemfKB2Mb2Cvna5VoNsubA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 10 Aug 2021 15:36:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMZt8be6SdkgUMhrislLnUE&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame F67C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDENRYLNOMxj_AHppXfb-p4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDENRYLNOMxj_AHppXfb-p4%26google_cver%3D1

43 B
1 KB

62ms
61ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDENRYLNOMxj_AHppXfb-p4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL2qIxC1myQYhu2GrwEwAQ&v=APEucNUbw9ybYR3urCqbKqmyfiKoJgUZuvRT0LfXv6DImwE9WaXs4B_iOO-x2Of_1OKHFa_bTSGkjJCkYzePVOMPKxDqn9N9WK7TX6s36qkMCeiqfmsP3ptj8ArEmFmWuFJOl7OPTqYmM-viLdLc7xHWYIIk9I6BZFemfKB2Mb2Cvna5VoNsubA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:24 GMT
X-Proxy-Origin: 86.106.103.10; 86.106.103.10; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6c68cf58-b762-4b48-a80f-361036d7b1e0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:24 GMT
X-Proxy-Origin: 86.106.103.10; 86.106.103.10; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b581fe1a-f997-46da-a350-9807cdf78f4d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDENRYLNOMxj_AHppXfb-p4%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F67C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE5NTY3NjIzNDkxNjU4NTgwMg%3D%3D

170 B
188 B

70ms
70ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE5NTY3NjIzNDkxNjU4NTgwMg%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:24 GMT
X-Proxy-Origin: 86.106.103.10; 86.106.103.10; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3ad1591a-7037-4bb7-8ef3-502efd6cceee
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE5NTY3NjIzNDkxNjU4NTgwMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
pips.taboola.com/ 64 B
237 B 20ms
6ms XHR
text/plain 2a04:4e42:3::300

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN (),
Reverse DNS
Software: Varnish /
Resource Hash: b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19180-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://www.rt.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210805/r20110914/ Frame 5552 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210805/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaNs7fE6Xd5JCF2rv9KkUWGZinY_k3qALuht8rSNf25JOLsJ_owHdMqeVsLwBqs6eZpHlZB4UVR7_g8XsejncJnaptFsAeAo9Dq4xFO_gpjXy6i4eN0yhJGRSfQXRXUSt_UKfI4Kd85i6ds9GdD1WkpwLPmg&dbm_d=AKAmf-CrjimhuUpi-zTtbI5AQU9c0zvCkZnhTeCuhNMXCs3oGl36ZUSxvPU1X80etlG1-4-8xkEaiij3EdWiYO9AE-phnduVAx1C0OH9SVPaJg-8DgCkKyx0y7rxz3d7DhO3OK9oGUagmv1avHu0Nm5-Z4dgAgDEZWUmpg3d-HMqROGeiqOidESIl_ve2VWXcPk-zLYCJl3n4cklLGirE4ygpCV5QXygrXItyhUzctLyidW8LNS9bPtpHlEDWNwTdtnNMZPGhCtl5POi-TXsxbSVcRUNUplsQ3TLc6C9OhjQGVCcQawh8734M9zgk9QacYWCYYNU1rLoczpdiLvRL0v-mV0CZAILY7zh9ebB30-hgcRadQBST4s_IRAiJ-Qk2KKGsUtpbwD8JF9K8kB-CACipjq5M4qR1GFDBN0pRMFOejI7ezlCmiVqXFwT9MY3V9dK3TTxINN0VElIqcyYB4kcVXYQFlel-J1uJgcUXfolWfO8n3ve2zoeSZNcq8GReqKb3XUj7uWpFqK3huYwKjWnR3dLoCR2GTDYDzNCYCBBMwlOrSxtYVU-1qIWvRy8RED17JF7oyq3tygj9nKXXgcKJGcR5BEv7i9QTMh7buKskcljx1g4vnXVxqnjhh_-6BYaUftLOojo9btuUKZP_721eCx5YueOZEhAZ51ok2urbVPUJXnMaZqYe7t8YgOZW_XCHMMsUYtUUCFzzsQSSzz6QEzutT7vENicaENytjbdEvPZeZhwQO1F4BJiJk_H_eIxJPg3S1eCntPo_f2kzI2G_YihbmbL0wLsTjPA88219R5rhbb8xSFS-DPcNsQGwYFyLvvbpP0s92N_X_CTLnh0mK-H3OZfyDA0EABxPkPcYVFsaFME4tbiYImMmQVKIxdK1AjlFx-xLjdaUL861-tMbotjl_wXUQQntub1Hc0kt4QE5oJZUeztiSABgATIRcBf6FGFf-MWl7zl_SoKHx7ijqgjbVqc4zusF-yBIqR80WenWycPzAm92wEz8IPXco3Yzrd5BfRIQxa5JEqf8E6JGVaKeHY2XQrI6PWkcszY_ckrlcu1s-GsHtodM1hcLNqHpJU22mRYjioJm2QTla2vTN31bnZ2nWxPnTX3EnoSJRPRMlntowc5qW0Z1Vr3sZF1hIpvfpSqx8TefbZpARemUjKZRUe8lvhNoBdurx0Rnft5G1oVirdU8slT7MVmPzOiOnORrgEhK55q3Rf2WTmDKe4iOuvzSSnkH0RCl9YsYpWC7I6SID44g-_hj-tZQmJuF47Qdbgsz4PgxkypgX1ERnZa9aD7Q5S9xyokHBDImBBPl2JLm7FzeueW4IA25T12y8VJm1Arg6Lr6Sk9PtitMJMe4TyQczM1Uap573owdm2Jf_0ACXM0asAGcqvDvOnUSByI0gXhTDiuqi4x2UO1qtPuLPysq7gjhkuDfigmNZuXt4p_gEEYa_UBg0hmRQmxEV7cEAISRPaBsiQdWhPIz7-KVI7ExI_8wph7ZJsaJftxr1IYKi0kDhQoa_ANPsj_J-KlckQ2sEWEzFfstrvRB9dfR9CYNXgU8_a_xJkoPwUHczoHlL_NnzhAv3FhgQ1a6PIUFT3c4-GFjtizP_U6I4Cd1MxOiE0svy-mVzp93uiD5PxxZLW02_x-ebRQbEWBe6NGZYq1EE9h_JZkHwqtfy_EQVhTIdVFx36pOj8Ihb9mnxJYpDEGnU8ep_Dg2G85xOnS9gCE_ISlNZhv-b93MglQQBxfv3NRpZSwZiafJY7VRP_rbLyd71WsMnVlor6RTICppKqua0n7YzJkiiq75qTW1YteYKTgV5AGA5QqatA7JgnxxvCYNsTa9UEr1hOVx9Ry2Qq5He3OrF32iURzoLLnE2RXcKS1A-NMKYewjYzT7nLW2YUGgPI_KQRvO9XlDjUp97gipLIzkoS5ijIvVMIvzJMKwLb_AmG9wyVSDfob19Je-CUMuUsOV9RyO9TWoeAv1vCjDGGyaCdZ9yhkOKJ4aWcYHxrTLYVkxTc-3qgiQ0-xAS2OI-vuTUtaW-DK5AEtnoFN-JFW1FAGqU8ku6dcKsEYznNGAwoBhs2yFWBm41OJHesG4wj_Za0VeO-aqlirOdlvAHVL-dCj0XKLfV2B9lQRFJkbqoIHEVA3tDPb9BEWp7ygx7ZUrQHbJzpGuCt6GqVk8qgJqHDmvuA4BaxQJtURRGOPJpM1BAdS4Sxf2YU86L9nqa3eNq-0F3Ey0xbXPofA16bwRVh532dM4S6v4xO6iK-XmDAAl5RUll-YGZ4Sntt0tus7FEyVzCUKXzF7nRoIyj-3ARtZ1S9aGMPNe75Grnu3PN4tH8Lnu9yj3qnC_cx07-s9VPvOsa0iS-8NUip2c8CQE1YDhCsABeOyP-dcKXV2y0EtLEXDZgK42JTi8Sim8HImF2NxW0ASFpS0l-LG4xRqTQn9hTeeDpGmggJeelpTx54nUAbIjTBOdot14DNiseuqrUwkPv7qylk4FXcz5JSIvA_S_tx3hNXyVVmFqXv0dzVfJJlsJyrKmvoeCUmqnP1o454e255e2XF6n3LLd1R9FYj4a4JDN2hMP9WnNtmWgu9cPcvYbyIT69ij3-pkOxfFzYWUxQxWu68xkBRwRfQJdCcwDF7eOwi2K_h6nRPBbU90m7V19ttaZSaT-5hUN_c3oGiysLdsIQt5qP-Ew41C3D6-7_QaZJaTFtONqMv5Pwzn9HYZUMJlLsrxB6rnqZlQwgElaCeYJQeujLXHBtwRl7f784myAjPmzMW735OT8CUgyB3PpOvhJmlK6ErSylgiYJNuyNg_9umFh6U26x_JkT5Yr6pQxXU2vo5Rk5oNqPtWiyeCKoBq_f162IC4dt3NgVt4gVbzEgmMG9VNxiW1s2SOPc0XoJ7EujCpFgG6WsyerHQ5MnMfJHH3a5Ui2oqcpSN2JjwN33sV1nwV&cid=CAASEuRoKjy7ONv6k1Y9f1RuaybvNw&rfl=1%2Chttps%253A%252F%252Fwww.rt.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9343
x-xss-protection: 0
server: cafe
etag: 12459758733850244510
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Aug 2021 15:34:44 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210805/r20110914/elements/html/ Frame 5552 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210805/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Aug 2021 15:26:15 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5552 0
107 B 203ms
79ms Ping
image/gif 142.250.186.34

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssinnX7Q_6DB-TehMpxCgzgiUMR_978DfjgkV3J8KPh5ikYJlP5teXCVeQvEN-DOKNWJocOXJAcE6DHJYHFTk_cMnBwju_fKH8mlecCCA5bbavHFOqqWHpzJXzxNu5tecmEU1E8aKc-KimS3YYiyH5Qqno8pyOkVjsE25vpml_Zr6hiECGH6-B385jNkX1tyqyDKjyb-UVxDwUH7wLqiZVi7CQvbElgf5CqwV_f0OJCtKByORS3RW7XVcDMJ43_fZ6irbg2fuiGl9Ijr77Xc_ra0x02m3yw1kLgJ1Qon1DvzHmB9bCdRqUDVUpyP-d09D8_-iMMj1BC8rzUxerWx3LuZ7jKwdyso7d0_CzzXaK9b5V1_Lpkse0TL4esj1E1EOJJDrKI2HhMWnlojRKEsPQ-YRY2J_1Jz3bey6UJhu2MH7Fa_3aOUO1FSfdcYKOZXCqSROcTuVqACyEjvxdteP569SaYH2PKHgDXuga715LmeBLJA3OZFB4ZSy7HIQ2Gh2x347-kuIwsMkYLvhVVqfvjfhSEYJYsoscfEiOaGkp_MvL4tBLtCeSVMuw8OWI9eP8516lJ1AoY_rHJItNGtYxiDHPIJTFNEGhaiyGRs6n2kuwaIBcHGDqFUNkmyKVC0D7fdorVeF4OrwbAvsGRpkRHBzhYvv5cOo9s_6FUjwoGvUUsw5xibEEChg1ZHEo8C-h0tsNkQ8sZ8IuuOy4UPbsA1d1NvsEQc8Pexe3paVuNwSdUEx-H8WipGG8-4d06hiJUvZMO7Gutz_CeS-s5aUtw-VG_gCRT46sRqqxONNqMf65N4nERtv75Yc-mNbP9H5bVgeMolfVAdDq0yYnMIH0j38Ic7Tr9wrwMm26tAekBGVokcdoqa6Oeg-1O7l7dlvimkLup0296pod7-gV0pTZqpl82wiBEmJuC60PDLu4eZ7kJL6BuKXnaZh87NEaCcEHD22VwaegIl3EsjYJjDDNafz-3B5MYUlnKEjo60gtdDNz8HB625aS9EFeaDvZMF8B7Cc6faVpMPWrR6YsiVG8Xn2XTXG6XAoITXdB-yKUrPGeHRhJuQ7R3rTYlCbakJuKqcgVJCv7yxYC9UAFqnqDACX_DwEltSe42hhNRvDOkEFlNC03B2gyT3IyLgP73pj0tCZOZFmxAEOqRxxWWuq-TRxtxvaaE&sai=AMfl-YRtDhdkAuTbUj5pQUf3Tl95llzLDdP99ZoXkOTF04GdtS1cwE0IWCFO7hCKwoB5OcSV3K-OrsiT6d9YnwiRDYInttpCScqZ7sK8sZwY9rA3YajjEo4fOUKRd_mKfE7hnOoH9B67N5nCmemUyLkS4Yqb7-Hmlg&sig=Cg0ArKJSzLYOlNJqeTJTEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210805.46232&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN (),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 10 Aug 2021 15:36:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5552 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 12:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11922
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 12:17:42 GMT

GET
H3-29 200 kse_b2g_loot_q221_ext_300x250.jpg
s0.2mdn.net/4746336/ Frame 5552 84 KB
85 KB 17ms
13ms Image
image/jpeg 2a00:1450:4001:830::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4746336/kse_b2g_loot_q221_ext_300x250.jpg

Requested by

Host: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
URL: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5c741c67d913bf015fbd4913bf31d68c514a6c51bf9a7f6e6bc138295f5bb838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 14:24:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 02 Jul 2021 14:21:06 GMT
server: sffe
age: 4323
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86523
x-xss-protection: 0
expires: Wed, 11 Aug 2021 14:24:21 GMT

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 406ms
130ms XHR
text/plain 141.226.224.32

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 Aug 2021 15:36:24 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0430 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
URL: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 10 Aug 2021 11:56:19 GMT
expires: Wed, 11 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 13205
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5552 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f1675c14e276d61e6fc81c1f1ba0f57cace1af9ad3d40cc1b18c0d7fe8a6089

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A9FA 22 KB
8 KB 8ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 10 Aug 2021 12:34:29 GMT
expires: Wed, 10 Aug 2022 12:34:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5552 0
545 B 136ms
72ms Ping
image/gif 142.250.186.34

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN (),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 15:36:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET /
google2waycm.netmng.com/cm/ Frame 0430 0
0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 0430
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDoUbFcnW3-4OSG4ysgPVtk&google_cver=1&google_push=AYg5qPLDK0BHI3Iogp0mN0v-9Zg1XyWQrxBYxfiW50UUJE8k68NUfd6HuzW52yYHlB5Dd-KVIdW8VOI5Zcba_hI6Dlcl2cQLOdI&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDoUbFcnW3-4OSG4ysgPVtk&google_cver=1&google_push=AYg5qPLDK0BHI3Iogp0mN0v-9Zg1XyWQrxBYxfiW50UUJE8k68NUfd6HuzW52yYHlB5Dd-KVIdW8VOI5Zcba_hI6Dlcl2cQLOdI...

43 B
417 B

191ms
184ms

Image
image/gif

2606:4700::6812:c05

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDoUbFcnW3-4OSG4ysgPVtk&google_cver=1&google_push=AYg5qPLDK0BHI3Iogp0mN0v-9Zg1XyWQrxBYxfiW50UUJE8k68NUfd6HuzW52yYHlB5Dd-KVIdW8VOI5Zcba_hI6Dlcl2cQLOdI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLDK0BHI3Iogp0mN0v-9Zg1XyWQrxBYxfiW50UUJE8k68NUfd6HuzW52yYHlB5Dd-KVIdW8VOI5Zcba_hI6Dlcl2cQLOdI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
URL: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67ca4cb2094196fe-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 368
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67ca4cb0c89996fe-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDoUbFcnW3-4OSG4ysgPVtk&google_cver=1&google_push=AYg5qPLDK0BHI3Iogp0mN0v-9Zg1XyWQrxBYxfiW50UUJE8k68NUfd6HuzW52yYHlB5Dd-KVIdW8VOI5Zcba_hI6Dlcl2cQLOdI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLDK0BHI3Iogp0mN0v-9Zg1XyWQrxBYxfiW50UUJE8k68NUfd6HuzW52yYHlB5Dd-KVIdW8VOI5Zcba_hI6Dlcl2cQLOdI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0430 0
191 B 199ms
67ms Image
text/plain 66.155.71.149

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEP0nzdWW5YoXGhXksX0GVqw&google_cver=1&google_push=AYg5qPI-Wj0_8gCF_YKmGtZc4oLCLYtiE0oIxvsO45ig2hbrCK9G9gHKwHaRdLxUL_wudyL6MT1R-0Vyh7OX_S4FWvZesttGfTS_
Requested by: Host: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
URL: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN (),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0430
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDFD3fyFl_QDuub8FM9UDHU&google_cver=1&google_push=AYg5qPLdSbZkwrKJtZrAsSzVRKbBvxKDjuoMtOp95SalsqNhh3Swq-qy5ue3HB5zxNnSTSBMEFSSBeRDnAgY6G...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5NDgyNTc2MDI0MzUxMzQ4NQ%3D%3D&google_push=AYg5qPLdSbZkwrKJtZrAsSzVRKbBvxKDjuoMtOp95SalsqNhh3Swq-qy5ue3HB5zxNnSTSBMEFSSBeRDnAgY6GqbvV...

170 B
188 B

73ms
71ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5NDgyNTc2MDI0MzUxMzQ4NQ%3D%3D&google_push=AYg5qPLdSbZkwrKJtZrAsSzVRKbBvxKDjuoMtOp95SalsqNhh3Swq-qy5ue3HB5zxNnSTSBMEFSSBeRDnAgY6GqbvVdB6NDHR6Q1

Requested by

Host: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
URL: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5NDgyNTc2MDI0MzUxMzQ4NQ%3D%3D&google_push=AYg5qPLdSbZkwrKJtZrAsSzVRKbBvxKDjuoMtOp95SalsqNhh3Swq-qy5ue3HB5zxNnSTSBMEFSSBeRDnAgY6GqbvVdB6NDHR6Q1
Date: Tue, 10 Aug 2021 15:36:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0430
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENLaCDSozNNFskAUHPaXm6c&google_cver=1&google_push=AYg5qPK8U4n6Nv8yEAkMZiLge0x-EfoMqWOcoGTioNG2uUHhS6bsOtjTxWr92nb7nF1gt-7U66VHh_Xm...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjUzNTg3ODU0MjkwNDA3ODc5Mg&google_push=AYg5qPK8U4n6Nv8yEAkMZiLge0x-EfoMqWOcoGTioNG2uUHhS6bsOtjTxWr92nb7nF1gt-7U66VHh_...

170 B
188 B

70ms
70ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjUzNTg3ODU0MjkwNDA3ODc5Mg&google_push=AYg5qPK8U4n6Nv8yEAkMZiLge0x-EfoMqWOcoGTioNG2uUHhS6bsOtjTxWr92nb7nF1gt-7U66VHh_Xms5jiPiHbL86iQAR_aow

Requested by

Host: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
URL: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjUzNTg3ODU0MjkwNDA3ODc5Mg&google_push=AYg5qPK8U4n6Nv8yEAkMZiLge0x-EfoMqWOcoGTioNG2uUHhS6bsOtjTxWr92nb7nF1gt-7U66VHh_Xms5jiPiHbL86iQAR_aow
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0430
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOtRzZTPtQVsDfw3ikdg8Zg&google_cver=1&google_push=AYg5qPJ7RMWcms9SoYV6LG4s4Y5Au26XJXNjSPL655iIYHcUHKwmZRbX6BQdtUbnSdypjTMEl4c...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1M2ODdTOUQtMVItTTFMNA==&google_push=AYg5qPJ7RMWcms9SoYV6LG4s4Y5Au26XJXNjSPL655iIYHcUHKwmZRbX6BQdtUbnSdypjTMEl4c8SKNUgrWwh5a6dikXynQZlnny

170 B
188 B

70ms
70ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1M2ODdTOUQtMVItTTFMNA==&google_push=AYg5qPJ7RMWcms9SoYV6LG4s4Y5Au26XJXNjSPL655iIYHcUHKwmZRbX6BQdtUbnSdypjTMEl4c8SKNUgrWwh5a6dikXynQZlnny

Requested by

Host: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
URL: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1M2ODdTOUQtMVItTTFMNA==&google_push=AYg5qPJ7RMWcms9SoYV6LG4s4Y5Au26XJXNjSPL655iIYHcUHKwmZRbX6BQdtUbnSdypjTMEl4c8SKNUgrWwh5a6dikXynQZlnny
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0430
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGxYZ0OgZS-q_10vn_91Lqc&google_cver=1&google_push=AYg5qPLMYWoWqqdNWxxg2N2eUEEBm4H4rXEVEPyk_BkNkHgMOvyQv7HGrCpHGO4q5njXlZ_sQ4GppfzQ5imLrdcE2YV-yVzbBzeT
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLMYWoWqqdNWxxg2N2eUEEBm4H4rXEVEPyk_BkNkHgMOvyQv7HGrCpHGO4q5njXlZ_sQ4GppfzQ5imLrdcE2YV-yVzbBzeT&goog...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODk0Njk1MDM1MzUxNDg0ODI3Ng%3D%3D&google_push=AYg5qPLMYWoWqqdNWxxg2N2eUEEBm4H4rXEVEPyk_BkNkHgMOvyQv7HGrCpH...

170 B
188 B

71ms
71ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODk0Njk1MDM1MzUxNDg0ODI3Ng%3D%3D&google_push=AYg5qPLMYWoWqqdNWxxg2N2eUEEBm4H4rXEVEPyk_BkNkHgMOvyQv7HGrCpHGO4q5njXlZ_sQ4GppfzQ5imLrdcE2YV-yVzbBzeT

Requested by

Host: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
URL: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODk0Njk1MDM1MzUxNDg0ODI3Ng%3D%3D&google_push=AYg5qPLMYWoWqqdNWxxg2N2eUEEBm4H4rXEVEPyk_BkNkHgMOvyQv7HGrCpHGO4q5njXlZ_sQ4GppfzQ5imLrdcE2YV-yVzbBzeT
date: Tue, 10 Aug 2021 15:36:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 0430 0
12 B 68ms
68ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JmmALg0XycQoUiqAgwy8HtVYCyxqYV-fUJ3_M51nDU062vnOah7LKloaHlsfwU8EnV5DhD

Requested by

Host: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
URL: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 iRicVbaePdLi90mWh_i3qmjfYPepQ9h53Asz6zNDGI4.js Show response
pagead2.googlesyndication.com/bg/ Frame A9FA 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iRicVbaePdLi90mWh_i3qmjfYPepQ9h53Asz6zNDGI4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89189c55b69e3dd2e2f7499687f8b7aa68df60f7a943d879dc0b33eb3343188e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 01:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 481776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 01:46:48 GMT

GET
H2 200 userx.20210810-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
5 KB 58ms
58ms Script
application/javascript 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210810-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rt-rtcom/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 039b97e4bfe2db8f9edce5f00abd74d9993022a284efbf38eda37741b944910e

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tR8jqKu0iblKLCmXcOaWM.bBw_b05yo4
content-encoding: gzip
etag: "b5deb87adf8c565b58ae38a58ddb3fb6"
age: 14081
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5341
x-amz-id-2: utCQpv42uSiDxa0pwGEV3Wg77zsKLhjtL5w7ukefbXKC0jg0DHpqmF+H/RPBdFfYfwdlkARAH9c=
x-served-by: cache-fra19172-FRA
last-modified: Tue, 10 Aug 2021 11:41:37 GMT
server: AmazonS3
x-timer: S1628609785.550633,VS0,VE0
date: Tue, 10 Aug 2021 15:36:24 GMT
vary: Accept-Encoding
x-amz-request-id: FXP5YV4ABPTAQJTT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 52
x-cache-hits: 18204

GET
H2 200 18_twn.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.postfun.com/hivemedia-images/creatives/twn/ 16 KB
16 KB 65ms
63ms Image
image/webp 151.101.13.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.postfun.com/hivemedia-images/creatives/twn/18_twn.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7b8e10724225c3edb03bb7a23c80581a762a52316f817f28b5fa9a09526d31e3

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 1741829
edge-cache-tag: 565326265650694087913257113618666935456,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 118
expiration: expiry-date="Sat, 31 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.postfun.com/hivemedia-images/creatives/twn/18_twn.jpg
content-length: 15896
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Wed, 30 Jun 2021 23:46:43 GMT
server: nginx
x-timer: S1628609785.586152,VS0,VE1
etag: "1a68202267f9aaeabaa11a46c51cafbb"
x-served-by: cache-wdc5581-WDC, cache-dca17757-DCA, cache-fra19172-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 8e4dd95879be16c55f50e29c8b7071db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 62ms
60ms Image
image/webp 151.101.13.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7dbacd8208f06d94bb2b4926f5cb690d6787477a4c3cf2fbdbf03298ddb35553

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 2595202
edge-cache-tag: 322089413535885002890087190934422546620,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 128
expiration: expiry-date="Thu, 29 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
content-length: 14134
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Mon, 28 Jun 2021 18:04:08 GMT
server: nginx
x-timer: S1628609785.585858,VS0,VE1
etag: "e400b1487d8ac6c17f5173f9033ecf12"
x-served-by: cache-wdc5552-WDC, cache-dca17779-DCA, cache-fra19172-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
3 KB 79ms
77ms XHR
text/html 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210810-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 242518bfeedd5cb48b159034afb9b8af9855d4554918b3b43652b43169bab9a4

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Aug 2021 15:36:24 GMT
content-encoding: gzip
access-control-allow-origin: https://www.rt.com
machineid: 1447
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19172-FRA
pragma: no-cache
server: nginx
x-timer: S1628609785.586980,VS0,VE19
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cabaa59558fa77d7a212f522383b1682.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 68ms
67ms Image
image/webp 151.101.13.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cabaa59558fa77d7a212f522383b1682.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 107d5370a6c9dec71176ad9ef4f8446b37244afb16ca9b5594465068eae2c47d

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 1668287
edge-cache-tag: 343851889384258460902099353140354606138,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 44
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cabaa59558fa77d7a212f522383b1682.jpg
content-length: 13808
x-request-id: 7f0f8f6e3494124ebc024e085477a0da
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Mon, 28 Jun 2021 10:30:07 GMT
server: nginx
x-timer: S1628609785.586301,VS0,VE1
etag: "7b1091452f3d005e17b57ecc4c1e9b25"
x-served-by: cache-wdc5548-WDC, cache-dca17778-DCA, cache-fra19172-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 8c214bd72fbff49fafd553e2c6d33076.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 65ms
65ms Image
image/webp 151.101.13.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c214bd72fbff49fafd553e2c6d33076.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 274cd2cbfcb7f9476d481453d726c6802d06b3251d2426e1a2e56ab6c36d8516

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 594866
edge-cache-tag: 615207047820542085543737278533944836122,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 599
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c214bd72fbff49fafd553e2c6d33076.jpg
content-length: 13484
x-request-id: bc56291484ee3981c36fb6d6a78b4dca
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Thu, 29 Jul 2021 15:20:53 GMT
server: nginx
x-timer: S1628609785.586474,VS0,VE1
etag: "1ef4a767dbc75e405d2c45648bab777a"
x-served-by: cache-wdc5556-WDC, cache-dca17730-DCA, cache-fra19172-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 6b8db19f7f05eb271675c3f76f2efc6f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
11 KB 61ms
61ms Image
image/webp 151.101.13.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b8db19f7f05eb271675c3f76f2efc6f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: d6adc7cf8bc9027ebe6b5434a0b1420b9926a09835c0d5645d9d2257dd550e2c

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 538011
edge-cache-tag: 310123829435760231267553375806623080014,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 426
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b8db19f7f05eb271675c3f76f2efc6f.jpg
content-length: 10784
x-request-id: 049c39eef989a371749bd3f7c3d5cfd4
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Thu, 15 Jul 2021 05:22:49 GMT
server: nginx
x-timer: S1628609785.648256,VS0,VE1
etag: "d1c7f71bc33c82f41b215b466721c5d0"
x-served-by: cache-wdc5577-WDC, cache-dca17738-DCA, cache-fra19172-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 2548bf6d6ff14313daa936a58f96f227.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 63ms
62ms Image
image/webp 151.101.13.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2548bf6d6ff14313daa936a58f96f227.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 07885aebbfe566d1d8cb891f5dcce784aaf84dd28b07b89927e3452ec3bd6817

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 2522431
edge-cache-tag: 386926675769270356370907382436491624951,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 32
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2548bf6d6ff14313daa936a58f96f227.jpg
content-length: 7638
x-request-id: a006d48f5f586bb4e9a479050be2ae1e
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Sun, 27 Jun 2021 07:07:15 GMT
server: nginx
x-timer: S1628609785.650801,VS0,VE3
etag: "698f1cba6543a4bdfe42daed34e83799"
x-served-by: cache-wdc5571-WDC, cache-dca17776-DCA, cache-fra19172-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7dbacd8208f06d94bb2b4926f5cb690d6787477a4c3cf2fbdbf03298ddb35553

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 2595202
edge-cache-tag: 322089413535885002890087190934422546620,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 128
expiration: expiry-date="Thu, 29 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
content-length: 14134
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Mon, 28 Jun 2021 18:04:08 GMT
server: nginx
x-timer: S1628609785.656308,VS0,VE0
etag: "e400b1487d8ac6c17f5173f9033ecf12"
x-served-by: cache-wdc5552-WDC, cache-dca17779-DCA, cache-fra19172-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 creative_js.js Show response
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 4 KB
2 KB 74ms
71ms Script
application/javascript 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210810-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront), 1.1 varnish
age: 3754416
x-amz-meta-mtime: 1580720676
x-cache: Miss from cloudfront, HIT
x-amz-meta-ctime: 1580720957
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 1904
x-served-by: cache-fra19172-FRA
last-modified: Mon, 03 Feb 2020 09:09:18 GMT
server: AmazonS3
x-timer: S1628609785.679148,VS0,VE0
etag: "d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: fAeHO52Fy78UbxheIVGwTQpabLzTVzA-RHX2HcKYyUH5P0SAs1-vKA==
x-cache-hits: 1197152

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.postfun.com/hivemedia-images/creatives/twn/18_twn.jpg
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7b8e10724225c3edb03bb7a23c80581a762a52316f817f28b5fa9a09526d31e3

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 1741829
edge-cache-tag: 565326265650694087913257113618666935456,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 118
expiration: expiry-date="Sat, 31 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.postfun.com/hivemedia-images/creatives/twn/18_twn.jpg
content-length: 15896
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Wed, 30 Jun 2021 23:46:43 GMT
server: nginx
x-timer: S1628609785.679130,VS0,VE0
etag: "1a68202267f9aaeabaa11a46c51cafbb"
x-served-by: cache-wdc5581-WDC, cache-dca17757-DCA, cache-fra19172-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cabaa59558fa77d7a212f522383b1682.jpg
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 107d5370a6c9dec71176ad9ef4f8446b37244afb16ca9b5594465068eae2c47d

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 1668287
edge-cache-tag: 343851889384258460902099353140354606138,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 44
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cabaa59558fa77d7a212f522383b1682.jpg
content-length: 13808
x-request-id: 7f0f8f6e3494124ebc024e085477a0da
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Mon, 28 Jun 2021 10:30:07 GMT
server: nginx
x-timer: S1628609785.694290,VS0,VE0
etag: "7b1091452f3d005e17b57ecc4c1e9b25"
x-served-by: cache-wdc5548-WDC, cache-dca17778-DCA, cache-fra19172-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c214bd72fbff49fafd553e2c6d33076.jpg
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 274cd2cbfcb7f9476d481453d726c6802d06b3251d2426e1a2e56ab6c36d8516

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 594866
edge-cache-tag: 615207047820542085543737278533944836122,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 599
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c214bd72fbff49fafd553e2c6d33076.jpg
content-length: 13484
x-request-id: bc56291484ee3981c36fb6d6a78b4dca
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Thu, 29 Jul 2021 15:20:53 GMT
server: nginx
x-timer: S1628609785.709778,VS0,VE0
etag: "1ef4a767dbc75e405d2c45648bab777a"
x-served-by: cache-wdc5556-WDC, cache-dca17730-DCA, cache-fra19172-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A9FA 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAAAW-JwSYdGjE5v13wOuy5BYAAAAADgB4AQC&bg=!0NOl05fNAAbOj6irzo87ACkAdvg8WsrGV-udET1Mq_X6j1eTPSiQ2qypIikievrJ9RtKKqpO2KpMmgIAAADAUgAAAAxoAQcKAMzNOWDRZ_NF4qz2a6IAWz_syHR4R1yI1iX-3XKuejPRsu0FdZXXX34SPTi2t9czKAOEQLcQkpOjKWrFifr5DVi0n82cip4SyrIigfUyOz6_Uro3aEAf4YGiLuuaH_OM_jEtuVnoR052xR5UcUeuzhONcNt-BnSFdhF8igOHwbPNdN6Ebd8uJaX4lpdBpzU7UrRybEBIxwg79claOjv9aMw14A6QXF5LCxRHUoW4wNE0PIC-slwIh3JE7WvUMNAVKweleGGr68dgTspQi1CZAsSYMamsCw4qosP0wm8rJ5JGTkI9hmivJ6uPuusBhp-aM9SYBd9fLYKvNu4g9mrDokQMn2yvnmQQX8Vh1PWdT-jDXPgXiZtEzOfcV2sSH-x7k5R4EfS8QS9CpjtQIeJavIZPg7PqYqmd2g0APW-SY1t_lUDzyIXysca3D7YYGpwpg545LsiefslW27P583lLWSrD4K02-m8-wo4qrdBM9nkYtfDeqMebiBI3JnUs95WuJvwxQz8u0pAxi6dQ3JWzQpUoLpJXUuhqSN5YdhMtc87pX377MnjVbGPYleBvxTe3qy_Flyy19KmmENekn67zpHPPwhCe2seQ8eoI6wqV-ZPowpm4R3ZHEqs7Mo8Ao9CCtNru93wPXt-dcqubFR1RtUyjFpD_BjKHalya41M12y1vXiRk0C2U-i07OUDncvdRBrrjlhfxs8DuMdLbIOAv3m-vfm4BRZSHxBl1xA6OuIrNhnVF6bWdMizjaiyy-yuoRsZA25_cS_1oDsOxQuBgSxK4DKm6kNR4FX6l25EhIZCJYkkIqFN7RbYBztY-TZEQJaoEELx695Dsw0czE-RDnVXm881S0Efo12rskXvysM9NS6Kz1YFA9K6Yl7UkjvlKxNH-XNEKNgJ_OzZGPHFY_jWqgjA637TgUSPxCnmL1AMslGkvFqBs_HzOuoUt2BIAnTw5uHDhtvDl1Yb5GfKPGKgqv4JvrVYm5yGYxmagJ40HT5koluDyhiJz6Glle2YpnJ_Fc8kgiG_NkqjnlOf0Alz5KjLz6uNnj2fF0BR-aBFjD-Wbf1IpT3T1-gkS5AlxhDiJ83B_ZxGU_yKW6MLqeV-zZjNZOcK94kWm85JsmJvunz4vhx0L-4mymXn2ewzXYc_Qq3Dy5yKq6ElDuyY-yEtrw-GfpJ6gaZvRPGz5a6gVm8pzgP3buYZuQFPUJ5Jr0LMztC0

Requested by

Host: 459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
URL: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b8db19f7f05eb271675c3f76f2efc6f.jpg
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: d6adc7cf8bc9027ebe6b5434a0b1420b9926a09835c0d5645d9d2257dd550e2c

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 538011
edge-cache-tag: 310123829435760231267553375806623080014,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 426
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b8db19f7f05eb271675c3f76f2efc6f.jpg
content-length: 10784
x-request-id: 049c39eef989a371749bd3f7c3d5cfd4
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Thu, 15 Jul 2021 05:22:49 GMT
server: nginx
x-timer: S1628609785.722418,VS0,VE0
etag: "d1c7f71bc33c82f41b215b466721c5d0"
x-served-by: cache-wdc5577-WDC, cache-dca17738-DCA, cache-fra19172-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2548bf6d6ff14313daa936a58f96f227.jpg
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 07885aebbfe566d1d8cb891f5dcce784aaf84dd28b07b89927e3452ec3bd6817

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 2522431
edge-cache-tag: 386926675769270356370907382436491624951,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 32
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2548bf6d6ff14313daa936a58f96f227.jpg
content-length: 7638
x-request-id: a006d48f5f586bb4e9a479050be2ae1e
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Sun, 27 Jun 2021 07:07:15 GMT
server: nginx
x-timer: S1628609785.722635,VS0,VE0
etag: "698f1cba6543a4bdfe42daed34e83799"
x-served-by: cache-wdc5571-WDC, cache-dca17776-DCA, cache-fra19172-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 4EBD 0
67 B 82ms
80ms Document
text/plain 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=6838976ADE40840782757999234&cicmp=1337627&cijs=1&dast=V7N4cCFgMXCHoGg06f_QQXCHoGg06f_QUAAAAGBugHGzbcDJe72YLEIg2Go8FuuFgMJ5PlaDNZTMFgC5_T3d2GCTSdDp_rXq_7_e6S013jd_vlAAAAAPAAQNQSDbHj29AeAQAAACDBM3KtQBFQ8W8hcAEAAACAAUAgFq4B4MxRUF6X5e8PAICHAhAAAAEMEgCBxMISAIe7xRMAAICDOpmnbZb_____GIC89yYZAIq0jRuDHoAHH4AHIQAAgIshtnVq8BHSU1SigtMiRgAAAABWamcKR5M6obKo-v___7cCuAIACNiDqV25yLo5KWYNAwAAABhboIfF7zc77Bq_22X__________2b_ZwBoQm0euGlBjlHsajwj1wprv4AAAGzvBgDwJgAXcwB2AAAAAHf_____eQAAAAZ7lGyv1Xj2KOt9Blv4nO7u-k3YYrSaTDbL4Wy5mAyGo-FotD8BXA5wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDREmVjabZ7KxrRU2m2MtWs1MbuFwYlurnIvNaDgyLFfLwVr0-piOg41lshvusQFnc8VgNlcMNnPFYJUAAAAAAAAAAJYwZd4EAAAA4DSI2Wyy26248WbPBLFWq2UNAAAAwK0bOQ!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=7991117&ttype=0&cirid=6838976ADE40840782757999234&cicmp=1337627&cijs=1&dast=V7N4cCFgMXCHoGg06f_QQXCHoGg06f_QUAAAAGBugHGzbcDJe72YLEIg2Go8FuuFgMJ5PlaDNZTMFgC5_T3d2GCTSdDp_rXq_7_e6S013jd_vlAAAAAPAAQNQSDbHj29AeAQAAACDBM3KtQBFQ8W8hcAEAAACAAUAgFq4B4MxRUF6X5e8PAICHAhAAAAEMEgCBxMISAIe7xRMAAICDOpmnbZb_____GIC89yYZAIq0jRuDHoAHH4AHIQAAgIshtnVq8BHSU1SigtMiRgAAAABWamcKR5M6obKo-v___7cCuAIACNiDqV25yLo5KWYNAwAAABhboIfF7zc77Bq_22X__________2b_ZwBoQm0euGlBjlHsajwj1wprv4AAAGzvBgDwJgAXcwB2AAAAAHf_____eQAAAAZ7lGyv1Xj2KOt9Blv4nO7u-k3YYrSaTDbL4Wy5mAyGo-FotD8BXA5wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDREmVjabZ7KxrRU2m2MtWs1MbuFwYlurnIvNaDgyLFfLwVr0-piOg41lshvusQFnc8VgNlcMNnPFYJUAAAAAAAAAAJYwZd4EAAAA4DSI2Wyy26248WbPBLFWq2UNAAAAwK0bOQ!&excid=22&tst=1&docw=0&cs=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=1eff32c6-aff1-45fd-88b6-e91348d09590-tuct80c2278
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.rt.com/

Response headers

server: nginx
accept-ranges: bytes
date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish
x-served-by: cache-fra19172-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1628609785.753800,VS0,VE9
content-length: 0

GET
H2 200 cmTagCUSTOM.js Show response
vidstat.taboola.com/vpaid/units/28_3_10/infra/ 727 KB
132 KB 61ms
60ms Script
application/javascript 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish
age: 227654
x-amz-meta-mtime: 1605697226
x-cache: HIT
x-amz-meta-ctime: 1605697428
x-amz-meta-mode: 33188
content-encoding: br
content-length: 135037
x-amz-id-2: 5ZEK05RyjWXa97qptTPBSENaZ0pc6jcL83hmVOcr2fb6bBsVEaYB8SNmG5+2XhxOHKu5gLWx8+c=
x-served-by: cache-fra19172-FRA
accept-ranges: bytes
last-modified: Wed, 18 Nov 2020 11:03:50 GMT
server: AmazonS3-br
x-timer: S1628609785.752659,VS0,VE0
etag: "37b0b0415484e88063c945bde767ba70"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: Z5B1SHCEPKEDXX46
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 6057

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/28_3_10/assets/css/ 44 KB
7 KB 75ms
74ms Stylesheet
text/css 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/28_3_10/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 varnish
age: 229227
x-amz-meta-mtime: 1605697226
x-cache: HIT
x-amz-meta-ctime: 1605697397
x-amz-meta-mode: 33188
content-encoding: br
content-length: 6493
x-amz-id-2: 2yWZZvT6gWp6l0uX9pHoFWIk2Hv8VbMXoRsq99K3IClzKkG/QKZ3jaeaCwqUOso5plrCYiz2g4g=
x-served-by: cache-fra19172-FRA
accept-ranges: bytes
last-modified: Wed, 18 Nov 2020 11:03:19 GMT
server: AmazonS3-br
x-timer: S1628609785.752840,VS0,VE0
etag: "083925e970a05bed26a70ecbfde9c0ca"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 7VRTW61VG1AQ808K
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 26499

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/2.2.1/ 51 KB
16 KB 59ms
59ms Script
application/javascript 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:24 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront), 1.1 varnish
age: 2269163
x-amz-meta-mtime: 1542789750
x-cache: Miss from cloudfront, HIT
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 15795
x-served-by: cache-fra19172-FRA
last-modified: Wed, 21 Nov 2018 08:42:31 GMT
server: AmazonS3
x-timer: S1628609785.904867,VS0,VE0
etag: "57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: oi7QB5C8BA-557rR6kkZ3x1Oul_9ZzX57MiZnxZZQZZUyJL57XdM5A==
x-cache-hits: 460480

POST
H/1.1 200
OK sv Show response
capi.connatix.com/tr/ Frame 83E1 0
291 B 147ms
146ms XHR
multipart/form-data 18.224.231.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sv?v=126004
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.231.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-231-234.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 10 Aug 2021 15:36:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rt.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cabaa59558fa77d7a212f522383b1682.jpg
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 107d5370a6c9dec71176ad9ef4f8446b37244afb16ca9b5594465068eae2c47d

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 10 Aug 2021 15:36:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 1668287
edge-cache-tag: 343851889384258460902099353140354606138,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 44
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cabaa59558fa77d7a212f522383b1682.jpg
content-length: 13808
x-request-id: 7f0f8f6e3494124ebc024e085477a0da
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Mon, 28 Jun 2021 10:30:07 GMT
server: nginx
x-timer: S1628609785.012637,VS0,VE0
etag: "7b1091452f3d005e17b57ecc4c1e9b25"
x-served-by: cache-wdc5548-WDC, cache-dca17778-DCA, cache-fra19172-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 3

GET
BLOB 206
Partial Content 0f6d4cfb-ea38-42ab-b14c-2b544d98e74c
https://www.rt.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.rt.com/0f6d4cfb-ea38-42ab-b14c-2b544d98e74c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 133fc613-f6be-450f-b7aa-585a4e9a6a52
https://www.rt.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.rt.com/133fc613-f6be-450f-b7aa-585a4e9a6a52
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 206 nq63vget2wb4el73kmyb.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1606481947/ 301 KB
301 KB 160ms
159ms Media
video/mp4 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1606481947/nq63vget2wb4el73kmyb.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77b3bf5f5d3dc853e29245065f8d05121e19b37fcf049d8746c96650aad6795e

Request headers

Referer: https://www.rt.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: J8DdFrNqpRX.8TUfkfX2fckk.IV6F_Yp
via: 1.1 varnish
etag: "9cef83eb3db7d4d7d60a78923c9257fa"
age: 0
x-cache: MISS
Content-Range: bytes 0-307985/307986
x-amz-replication-status: COMPLETED
Content-Length: 307986
x-amz-id-2: 68CbcrdJevpm2ES/37PER/mfh6ese8Ls7npQptetqtpj8SR5wE1DeKI0lOdfpfwa+M9W3xSW1V8=
x-served-by: cache-fra19172-FRA
last-modified: Fri, 27 Nov 2020 12:59:12 GMT
server: AmazonS3
x-timer: S1628609785.020786,VS0,VE99
date: Tue, 10 Aug 2021 15:36:25 GMT
x-amz-request-id: W5GNW2MYMKF9RCHA
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 35
x-cache-hits: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CA93 42 B
64 B 70ms
70ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuujoZPAso4YIPSqUFAOMLguVsL9Hdj6kLDSTLYzbqwuEfW_MssRNougfxzVo9SM8snsP4SibVExrZcD9uGlPOZf9Zny1ZprUajSjuvzgD6a3y0VEBV&sig=Cg0ArKJSzApFzOA5z5HpEAE&id=lidar2&mcvt=1027&p=152,180,242,1420&asp=152,180,242,1420&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20210809&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1624839184&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628609783851&rpt=101&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 jsapi Show response
mixi.media/newdata/ 27 B
1 KB 159ms
159ms Script
application/javascript 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/newdata/jsapi?action=viewability&payload=CAESMwjg_JQFGPvOBSAuMiQyYWU2MzA2Mi1hZTlkLTRiYTEtOTYwYy0zYTg2MTA5MjY4YWM4ARIzCOH8lAUY-84FIC4yJDJhZTYzMDYyLWFlOWQtNGJhMS05NjBjLTNhODYxMDkyNjhhYzgB
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.3.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 6112cddb910e088b93080c33f381f4be23bfeefbb49e831cb994392187b7e299

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 15:36:25 GMT
Content-Encoding: gzip
Last-Modified: Tuesday, 10-Aug-2021 15:36:25 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
X-Node: sser7

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 75ms
75ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

d88f506ca05b17dc2be1ba3751bbfbf2359483ddd2020ca3b94d236ec4fbef6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "954 / 334 of 1000 / last-modified: 1628593816"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25143
x-xss-protection: 0
expires: Tue, 10 Aug 2021 15:36:25 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50e9370507aafca78515f47d855cb4f397fde7dcf8e8f2e6c01adc471f113c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "954 / 708 of 1000 / last-modified: 1628593736"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25142
x-xss-protection: 0
expires: Tue, 10 Aug 2021 15:36:25 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5552 42 B
64 B 76ms
75ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuR_DRo6bNee1wnJcYZZjuZvzc6VNg_jm9DP_gptKoWLoI7IAazPMNroePw65R_J-6kXC_p6USiEZNdZG68z2BHb7-NGWAwLZF1QM6Xu9Z5MKokQyx9tvOal4RWeQ&sai=AMfl-YRzlpVUEh8pUpu-U0qW4de5q9iYfCn9HP4WrT77NL3Ns7HRn0yIFA4sxXyViVaLqMJMYpFajs3xTOAGoH9zJu3IZGt-ADGaQHfD3xOAXSSgUruY7b0geEBZ5aqH&sig=Cg0ArKJSzBCdSDsiRhdqEAE&cid=CAASEuRoKjy7ONv6k1Y9f1RuaybvNw&id=lidar2&mcvt=1000&p=305,1077,559,1377&asp=305,1077,559,1377&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210809&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3698597948&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628609784275&dlt=22&rpt=141&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 15:36:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bulk Show response
trc.taboola.com/rt-rtcom/log/3/ 0
252 B 127ms
126ms XHR
image/gif 151.101.13.44

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/rt-rtcom/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210810-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 68
pragma: no-cache
date: Tue, 10 Aug 2021 15:36:25 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628609786.583482,VS0,VE68
x-served-by: cache-fra19172-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.rt.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
643 B 63ms
63ms Image
image/png 151.101.13.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 28721
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: mouaSx+zLz+daByqFPTyWftjEEWVx2Ra4QTNy9MPIUClTT4jaqZDUS1ZHFYvQA07FPAY+M6uW30=
x-served-by: cache-fra19172-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1628609786.622565,VS0,VE0
date: Tue, 10 Aug 2021 15:36:25 GMT
x-amz-request-id: 6P8Y14FA9N2SAAH6
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 35
x-cache-hits: 31684

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame 83E1 0
291 B 148ms
148ms XHR
multipart/form-data 18.224.231.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=126004
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.231.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-231-234.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 10 Aug 2021 15:36:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rt.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 playlist.m3u8 Show response
vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/ Frame 83E1 309 B
295 B 31ms
31ms XHR
application/x-mpegurl 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/playlist.m3u8
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:27 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 18:44:49 GMT
age: 1698671
etag: "8a966507b13615ecdc1330a4bc9dcfe1"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges: bytes
content-length: 164

GET
H2 200 0.m3u8 Show response
vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/ Frame 83E1 1 KB
499 B 31ms
31ms XHR
application/x-mpegurl 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/0.m3u8
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3a433782be5af67244d1751bf65276ce6390e359daf9f957bd37d9f12e9ca68a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 15:36:27 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 18:44:48 GMT
age: 486585
etag: "4f3dfbb5a2646e073085e75afcf159a1"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges: bytes
content-length: 407

OPTIONS
H2 200 0.mp4
vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/ Frame 0
0 31ms
31ms Preflight 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/0.mp4
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.rt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
access-control-allow-methods: *
access-control-allow-headers: range
accept-ranges: bytes
date: Tue, 10 Aug 2021 15:36:28 GMT
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
access-control-allow-origin: *
content-length: 0

GET
H2 206 0.mp4 Show response
vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/ Frame 83E1 1 KB
1 KB 31ms
31ms XHR
video/mp4 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/0.mp4
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 638268027374998c4be2b8998270b59a7b8b3020af2e07a0333f984a464721a3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-1328

Response headers

date: Tue, 10 Aug 2021 15:36:28 GMT
last-modified: Mon, 07 Jun 2021 18:44:48 GMT
age: 2293478
etag: "21a6b9772c104c39c3237c04a0ce8b00"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1328/11764662
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1329

GET
H2 206 0.mp4 Show response
vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/ Frame 83E1 520 KB
520 KB 31ms
31ms XHR
video/mp4 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/0.mp4
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: db76deba860a5b232f1a6dbb2dd000aa0a670bb63f9dc9283b5a06122822f172

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=1329-533634

Response headers

date: Tue, 10 Aug 2021 15:36:28 GMT
last-modified: Mon, 07 Jun 2021 18:44:48 GMT
age: 2293478
etag: "21a6b9772c104c39c3237c04a0ce8b00"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 1329-533634/11764662
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 532306

OPTIONS
H2 200 0.mp4
vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/ Frame 0
0 31ms
31ms Preflight 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/0.mp4
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.rt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
access-control-allow-methods: *
access-control-allow-headers: range
accept-ranges: bytes
date: Tue, 10 Aug 2021 15:36:28 GMT
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
access-control-allow-origin: *
content-length: 0

OPTIONS
H2 200 0.mp4
vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/ Frame 0
0 31ms
31ms Preflight 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/0.mp4
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.rt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
access-control-allow-methods: *
access-control-allow-headers: range
accept-ranges: bytes
date: Tue, 10 Aug 2021 15:36:28 GMT
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
access-control-allow-origin: *
content-length: 0

GET
H2 206 0.mp4 Show response
vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/ Frame 83E1 558 KB
559 KB 32ms
31ms XHR
video/mp4 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/c3c198ee-f3d8-4278-8d87-65aaf3fcd12e/0.mp4
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 859993273dc305e1ae006d17929e97f0125f64d2a78c3d6ffe4b55d33f29f142

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=533635-1105304

Response headers

date: Tue, 10 Aug 2021 15:36:28 GMT
last-modified: Mon, 07 Jun 2021 18:44:48 GMT
age: 2293478
etag: "21a6b9772c104c39c3237c04a0ce8b00"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 533635-1105304/11764662
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 571670

GET
H2 200 video_info Show response
context.iris.tv/ 234 B
578 B 213ms
62ms XHR
application/json 13.32.22.75

General

Check archive.org

Show headers Download Go to

Full URL: https://context.iris.tv/video_info?access_token=b439b1dba684dd546a773ff4132f7ad4201e794f9825514c577bed254ec131b9&client_token=0EMNO1LMPKY33QR&platform_id=c3c198ee-f3d8-4278-8d87-65aaf3fcd12e
Requested by: Host: www.rt.com
URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.75 , United States, ASN (),
Reverse DNS: server-13-32-22-75.fra56.r.cloudfront.net
Software: Zer01ne /
Resource Hash: cb6600669772087709a4a4202ede1cc8852480fc38ae81914d548c0017b1b326

Request headers

Referer: https://www.rt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 14:55:43 GMT
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
server: Zer01ne
age: 2445
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop: FRA56-C2
x-robots-tag: noindex, follow
x-amz-cf-id: DPzj85-Ub-hk4kSNFmCf34lHzlHlG5v9UA93QZPDy9OlHrh0aFkTUQ==

POST
H2 200 me Show response
l9bjkkhaycw6f8f4.soundcloud.com/ Frame 36E7 0
292 B 240ms
98ms XHR
application/json 54.192.216.62

General

Check archive.org

Show headers Download Go to

Full URL

https://l9bjkkhaycw6f8f4.soundcloud.com/me

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-945f28c53669.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.216.62 , United States, ASN (),

Reverse DNS

server-54-192-216-62.mrs52.r.cloudfront.net

Software

am/2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 10 Aug 2021 15:36:28 GMT
via: 1.1 1b866e6eb5f6e3ef570f3588da8a7b3a.cloudfront.net (CloudFront)
server: am/2
x-amz-cf-pop: MRS52-P2
strict-transport-security: max-age=63072000
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 0
x-amz-cf-id: _Z0o08Fn7XjozbvGem5Cayd-2TT2FAG_SKZ_uIJddCEu_xbB_8V-BQ==

POST
H2 200 me Show response
l9bjkkhaycw6f8f4.soundcloud.com/ Frame D814 0
292 B 222ms
98ms XHR
application/json 54.192.216.62

General

Check archive.org

Show headers Download Go to

Full URL

https://l9bjkkhaycw6f8f4.soundcloud.com/me

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-945f28c53669.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.216.62 , United States, ASN (),

Reverse DNS

server-54-192-216-62.mrs52.r.cloudfront.net

Software

am/2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 10 Aug 2021 15:36:28 GMT
via: 1.1 1b866e6eb5f6e3ef570f3588da8a7b3a.cloudfront.net (CloudFront)
server: am/2
x-amz-cf-pop: MRS52-P2
strict-transport-security: max-age=63072000
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 0
x-amz-cf-id: wAV92k9MT-La6EFmTWQCR3xSO6l3KCoxhiT7eMxO5sq9SyOPsH516g==

POST
H/1.1 200
OK mq Show response
capi.connatix.com/tr/ Frame 83E1 0
291 B 147ms
146ms XHR
multipart/form-data 18.224.231.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/mq?v=126004
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.231.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-231-234.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 10 Aug 2021 15:36:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rt.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame 83E1 0
291 B 147ms
146ms XHR
multipart/form-data 18.224.231.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=126004
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.231.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-231-234.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 10 Aug 2021 15:36:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rt.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.tapad.com
URL: https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESED8QLJLefN-GeE3x97Lwh-o&google_cver=1&google_push=AYg5qPIGEPj3gx1lucTLsWdbKL3aXNr-58k17wRyzhwPmhwTl7YaEV8gw7Qr-0lIDNH8vqiOpaI35AepIu96vNUXhGSVBHX57VfH

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.rt.com/	1970-01-20 05:09:05	Name: trc_cookie_storage Value: rt-rtcom%253Asession-data%3Dv2_deb38483c69e7a17717d85c6cd92733e_8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276_1628609782_1628609782_CNawjgYQwus9GKnC1IWzLyABKAEwvwE4krUNQKidEEie4tgDUN_zLVgAYABosa_ptcr9986tAXAA%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522rt-rtcom%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3D8f764b90-a198-4a47-aafc-e245cddcdaa7-tuct80c2276
.rt.com/	1970-01-20 13:54:41	Name: _ga Value: GA1.1.869823800.1628609782
www.rt.com/	1970-01-19 20:23:30	Name: OX_sd Value: 1
.rt.com/	1970-01-19 20:23:29	Name: _gat Value: 1
.rt.com/	1970-01-20 13:54:41	Name: _ga_07ZGQT7GK0 Value: GS1.1.1628609781.1.0.1628609781.0
.rt.com/	1970-01-19 20:24:56	Name: _gid Value: GA1.2.257733066.1628609782

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://cdnen.rt.com/static/js/pushes/notification.js?v=3(Line 63) Message: Notification not supported
console-api	warning	URL: https://cdnen.rt.com/static/js/pushes/notification.js?v=3(Line 74) Message: This browser does not support desktop notification.
console-api	log	URL: https://cdnen.rt.com/static/js/pushes/notification.js?v=3(Line 75) Message: Is HTTPS true
console-api	log	URL: https://cdnen.rt.com/static/js/pushes/notification.js?v=3(Line 76) Message: Support Notification false
console-api	log	URL: https://cdnen.rt.com/static/js/pushes/notification.js?v=3(Line 77) Message: Support ServiceWorker true
console-api	log	URL: https://cdnen.rt.com/static/js/pushes/notification.js?v=3(Line 78) Message: Support LocalStorage true
console-api	log	URL: https://cdnen.rt.com/static/js/pushes/notification.js?v=3(Line 79) Message: Support fetch true
console-api	log	URL: https://cdnen.rt.com/static/js/pushes/notification.js?v=3(Line 80) Message: Support postMessage true
console-api	log	URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/(Line 1851) Message: Service Worker Registered
console-api	log	URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/(Line 1356) Message: [object Object]
console-api	log	URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/(Line 1380) Message: [object Object]
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210810-9-RELEASE.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - rbox-tracking
console-api	log	URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/(Line 578) Message: EN_BILLBOARD_CONFIG
console-api	log	URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/(Line 584) Message: EN_SIDEBANNER_1_CONFIG
console-api	log	URL: https://www.rt.com/business/516638-gamestop-short-sellers-losses/(Line 590) Message: EN_SIDEBANNER_2_CONFIG
console-api	log	URL: https://widget.sndcdn.com/widget-9-945f28c53669.js(Line 56) Message: SoundCloud Embed Player (api-web)
console-api	log	URL: https://widget.sndcdn.com/widget-9-945f28c53669.js(Line 56) Message: SoundCloud Embed Player (api-web)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
459b82b98341592299f847b2f965cf03.safeframe.googlesyndication.com
a.tribalfusion.com
adservice.google.com
adservice.google.se
api-widget.soundcloud.com
beacon.tru.am
bh.contextweb.com
c1.adform.net
c3.taboola.com
capi.connatix.com
cd.connatix.com
cdn.taboola.com
cdnen.rt.com
cdni.rt.com
cds.connatix.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
context.iris.tv
counter.yadro.ru
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
event.clientgear.com
fonts.gstatic.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i1.sndcdn.com
ib.adnxs.com
il-trc-events.taboola.com
images.taboola.com
imasdk.googleapis.com
img.connatix.com
imprammp.taboola.com
jadserve.postrelease.com
l9bjkkhaycw6f8f4.soundcloud.com
match.adsrvr.org
match.taboola.com
mc.yandex.ru
mixi.media
nbc.rt.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pubads.g.doubleclick.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
ruptly-d.openx.net
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
socialstat.rt.com
stat.media
static.mixi.media
static1.mixi.media
static3.mixi.media
static4.mixi.media
static5.mixi.media
static7.mixi.media
static8.mixi.media
stats.g.doubleclick.net
sync-t1.taboola.com
sync.mathtag.com
sync.taboola.com
target.mixi.media
tpc.googlesyndication.com
trc.taboola.com
tru.am
u.openx.net
unpkg.com
us-u.openx.net
vid.connatix.com
vidstat.taboola.com
w.soundcloud.com
wave.sndcdn.com
widget.perfectmarket.com
widget.sndcdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.rt.com
www.tns-counter.ru
x.bidswitch.net
google2waycm.netmng.com
pixel.tapad.com
13.224.92.56
13.224.96.37
13.224.96.76
13.248.242.197
13.248.245.213
13.32.22.75
136.243.217.162
136.243.42.249
141.226.224.32
141.226.228.48
142.250.186.130
142.250.186.34
142.250.186.98
151.101.13.181
151.101.13.44
151.101.2.137
151.101.66.137
178.250.2.151
18.195.155.181
18.195.66.88
18.224.231.234
185.106.33.48
185.29.135.226
185.33.221.13
185.64.189.110
185.79.236.168
185.86.139.89
198.148.27.140
2.18.234.21
2001:6d0:4001::226
216.52.2.39
2604:9a00:2100:a017::179
2606:4700:20::681a:274
2606:4700::6810:7caf
2606:4700::6812:c05
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::2004
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9c
2a00:1450:400f:807::2002
2a02:6b8::1:119
2a03:90c0:41:2801::254
2a04:4e42:3::300
3.126.15.128
35.244.159.8
37.157.6.247
47.252.78.131
52.84.45.48
54.192.216.62
54.192.219.37
65.9.71.76
66.155.71.149
69.173.144.165
75.101.244.20
85.114.159.118
88.212.201.204
00a04aa8b5c1edcb39a4dd34121a4779adccc0a33c6c337da5eed7525b2304ce
0110b17fc4f574b960bb8bf1729e64992d215f27ab8a58e169e86e2ca046aec0
024da1d314ab0eb376d8871b1df98af36436f044975d02ab2d0eae9b1db8d5a3
039b97e4bfe2db8f9edce5f00abd74d9993022a284efbf38eda37741b944910e
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
07885aebbfe566d1d8cb891f5dcce784aaf84dd28b07b89927e3452ec3bd6817
09a7449f1b62dd74d9b124ec89ca3338f59e86ec8016b8e22569f9c78cdc6ad9
0a0783be720feb66901e2799c5ec32fe2f976dc743730b898565360e5392885c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c44e64c9678862ef60aa0780030e5db95031a5a55aa16e9af648a603869d92b
0cb46af5dfac6a4f8315df6d367b620e16e2b76029d8306555f87b97da3e2cd3
0fa20202cef5b5d9e5bd40342eeec822cb60c40e63d50b10d6b1e0f16f3dc7cc
107d5370a6c9dec71176ad9ef4f8446b37244afb16ca9b5594465068eae2c47d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1420f87ff3d4e3f0a504fdeca92e448bb437bc09311f8f8ccab5540021f0195c
153eb9e02d8ed1d473a48099a28d201974cb80e1b43d4802d1457f95dd9431fd
15ac8a62d6a18ea8ee5a34000d75d41ccfae2bb9d68c074f61bf2f077ce812a8
1940b26925eb0e8e46f4ebae07b5415f29263db8612d07f150ff463a24f574da
1bdbcc8707396dcd446cd847e71d87cd5e26d34e9a67abbdf8141a8fff4b44ea
1d6d3b9f8e0313f53a32160e14ffb19c80aa84fc2534b3d4acdfe8880059d83f
1e75071b75864bde0aee273b736ad29cb077a42d7648096229a9bbf07f5f34bc
205d7f8f1f9fe59b6b690ee1587310a5a07d8984f2f0f396ca902678575c66f1
20a1c4b20cb61a72b4ec5c49da4eb5ed99e8f324db8804b59cdd649364bd48df
20ce6608c05dcf64e5a0b4306782a06a7778c20efa2055a9b1ee9222ef61bae2
242518bfeedd5cb48b159034afb9b8af9855d4554918b3b43652b43169bab9a4
245fe27886f6e6d08e65e41f2eb0e17efd30273699a9fe3cb0bb9ed59ffffdd2
24e8175a092a603c3d5474ea3b1df7d0150270a44cf2e9858852c58962ec7178
256dcd25efceb57914dd7fbb366e8ef93aa299bcd26d161a52883d387b714b9f
274cd2cbfcb7f9476d481453d726c6802d06b3251d2426e1a2e56ab6c36d8516
298297a283ef32eec9bb54897d146afbd4098f1b1b4bf42b3982108cbf87df12
2a3669e0cd9ca45b4909d892a3d4a011bac0af33b175db75dafd252199156c2c
2a4a64c9a77edfde7faedb906007d3acde8a69fb884ec4659c18fbcad7b4cbc8
2b68b12dd28e2eb60decfcc1aee672ceced2684badecd7a07e75567afda2577b
2beb0fdea647dc5e2861b1bf8f78f3767713bfc17e09a01bd935fe2674f5876e
2c32661482af7095514a8b2b5ce196b031ea746c113cb41f25a2b78c4973cf3a
2ce64e7933469e1da3f4a036094f57b191bc66f877991e61c24781fdad1590e9
2ddc992b8d6d27d8ca637c02c5924f6e5cd41131a8e90f58e806ce0e278876b5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fd7d87f7206afb6b809a80f43ee5e7b2c9678303e267148769245fd66ee72b3
30ffa528c2265a5b93b002af7b7a4dc66227facb219bf41c0053e417da86275d
316428641361f48a61052ea435aa2a1476f4e94c512ff8cf4cfe6c79d70a7c65
34d6478be15fadde340d9ac03791342358e96990e23fadba6f6288cd008bf2ea
382873874381a9138712c2cf69ee03f11b96009cae5fe33d2647c414e9712f6f
38814c5240d913c5270db8b8c3eae9f192489b2d2752b63c30562c4287f70015
3a433782be5af67244d1751bf65276ce6390e359daf9f957bd37d9f12e9ca68a
3acbdd552763b0b541b58f39e907d582372833618251106d089628f8b5c63fc2
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3d519cdbd6c838d5f6f88b2f64e4f52ac295d6535eb57d170a1bc2d11eb5dd89
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40a6c37311076841d4b64a6919423a262266798e3d5776c88ab994631546446d
452dca1d1185b2d864184bf3b49b4826feeb27ffe67a138123dad66fdc1f7770
45a4e4446e78289f9dd2218b0a590e48c6065dab0675dfbf5b5a02aa9b9d2864
46dc7588b8ddf1bd6548845eaa2e2a848f9d3e329bda7155e9982c7c76c4692e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c36edc29e41874a1deee4a869844a176f9758db81c0b455b1dfe96d005a1ce6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e9370507aafca78515f47d855cb4f397fde7dcf8e8f2e6c01adc471f113c33
53ef2f1b20680799a9b9b91957b72ca5e538cc622771c99f72bf337a16545b4c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55728f81d691005b6eefd01424f0ae5051df5ec5664d9600aae376c1835735ea
5a7d9179c3bc5e50800997de515dce4c68a34aeb961deb354bcf75ecfff55ee4
5c4092ea428668798f9b1c2acf0b246f7c96c2012a055f0f2cb29c65eea38e86
5c741c67d913bf015fbd4913bf31d68c514a6c51bf9a7f6e6bc138295f5bb838
5deddcf3c33551cc238c9632492d8007d36ae9df7474375f857780bee373d028
5e4f5b617fb7834bc83faf9fcc20f32d01c8ba8d1d7d7aa071218d0663570e4e
607dbeb67a18901cfff479c23f04fe0e8ae64d11ab3e4d3b6e67f2b05bc271fa
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60ea776b54fc7245919c6dc6dd8bc09e9f6fa90d815e3959794bcfa21dc1cba1
6112cddb910e088b93080c33f381f4be23bfeefbb49e831cb994392187b7e299
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
62599bca8bdfadadd9829a129c3ec8f948ef78cc8f5812ca6ffd0ce749163d01
638268027374998c4be2b8998270b59a7b8b3020af2e07a0333f984a464721a3
642360414edbbf3b377184d94cc5ce4d197e2a723909914a2831556ac7944981
64cea54e4443df86b1b5d951ed7014f6c03adae0748b9fbd83af599f738c9b79
6630f428d21b16f1cbd52c7066fa2b34b6c7708ae7abb9a69bc82624ef0c4c38
6827ac528ded78425f584499a25ac85e6103451fb13e2e5a0a39d745081c7049
6a14c5ffe3de43da3a2c7f52c28be717f0722545756e941f2ca08e3c337162f0
6cd8edbf389e02371d88a857d35fe18225d03d8fa676274509bde04d8048585d
6da7ac25e7c13905a29629c5e7e8bd11f63462a65f74cbd47d6dc6d97119b4ed
6e70e4c1c5fe049617156d765cc404e7464f18b07ef193cd51920f3ba0c1346d
6f1675c14e276d61e6fc81c1f1ba0f57cace1af9ad3d40cc1b18c0d7fe8a6089
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
714a02bedd57b25b4f6788f568b9c56d2d1f400d83ac9a8e5a3f4b0f269a93ee
731d2da90f17aebd8ed017a967237bec11040bed9f836010179c7e987b9d1545
73442042723599bce8535f591fa5ecde187d59fa2c24498fa27d93db9c09d6fb
73f501fc27fedbc938e3b122ade22318a96b26d208dc9f686a50fbcfec88db3a
77b3bf5f5d3dc853e29245065f8d05121e19b37fcf049d8746c96650aad6795e
7b8e10724225c3edb03bb7a23c80581a762a52316f817f28b5fa9a09526d31e3
7bf2fe177d65e758281456b90ae919559031a7dcdc8460a0259cbefd866744bf
7dbacd8208f06d94bb2b4926f5cb690d6787477a4c3cf2fbdbf03298ddb35553
7e234b43a45b719a607228464cf9bd7db056ec971072e9b6311c01c43820c34d
7ec3ce8433295d9af76d8559fe5ca991051401c64fa781365c94f9edf7c2fcdc
7f4ec3ba814461d9af04b81c80bb4b5153145a550d8649b1be6d2f06db39937f
7f96ddd320c84a1f34ca18d23f82f94009c2b2e076ee832b4689828d9840d4f1
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
81d4ddb8dbb2b76c7fdeb62b6018aecd72e75206d47ea26a397263c2446f63ef
82c29c841e58e6aaaa06385aa4a791adf0b72e88b97439452e7964e53033e638
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84136660f3fe4b1dae0fc3e1f43995cf8c82527ff6764c6548406fc53a2df5c2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859993273dc305e1ae006d17929e97f0125f64d2a78c3d6ffe4b55d33f29f142
87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad
89189c55b69e3dd2e2f7499687f8b7aa68df60f7a943d879dc0b33eb3343188e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8addba557956c39dfb0d04ddad5a86ef7aaec8038d7dd60ef7583cb4aea1c2c1
8ba195fd9856b34f40709120bc1338d4bceaaa0d50bcde9cb96ce0fc5b90b142
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
97a71f66fc850e01d8055107c0dd85128358b51f131966292ee05a1f9856f2ae
98f28ffb9107b22e4190592ea281c151371017f1f34aefb9fdfda522070a893b
999dd215435801026f51fb5847df0b1127bd49541ef7d9aeb8b799a9669d8c56
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9abaf74ff6501b55a5f6b77cca50bdff263b12c8dfd33e5783fac456cfe6ed9c
9ac27ed883a0df28810d998581a791e35183b82004d75ba922c0b73a65d14f54
9b01d2160fc4faa66e40f8a86b7d81ca0c0c9e14969987a793ba1aec17b7231a
9ca0d13ba13079188d19f996ac9b9bc39b35ebd01053cde1c0bbb394b757fa92
9cef241bf695fc9dd2b515838b3155a44e8f4b6cae237037733d67fcaf87b410
9e615a4aaff51112e7a99a67f43803977484797a4602685ca96f093e87a1ea6d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0fe2fd87d4116d0ccbcb708eb81fe8070a612131ca258cec1d564e61d147cc7
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1fe36f0564aaef0ae578254f84691566d9432d0c02b51ff512031bd318acc04
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a34f750c924980128fea4ff5629ee85df47222741cc2002acafb6ede10471d8e
a44682aa3fdacbd02411548399f1e854028ff1180f7ea7e2e1e2d298e3249ec5
a44a3392430e257a20543b7bb315df373b17dcc7e3b2ad2314bec8b2386b1c64
a498f099f3222360113678dafd9646d1dc360e4cdc213bec664b07fb27f93b1c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a563daba4fe68c9942305b575d7ffb5521aaf723f7c0439ff16706d2e073ce9e
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6667b45713f6bd87b9a24bff242adcf81dc97a7b917377ec362dd32547a6fba
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7f8acd4db4af0901f21e78ab396afd16ca6b6db8b6b98e727e3b1bada4914f1
a9e23dcec7b7d492b11006586bea4e4fe7de01f647f89c6aa84e186567b9da50
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c
ab17ddac12b7de4011d5d291708a4890367684178de570623362a3316033549a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b00c0eaa396353b0a6527744862873326180d3659b94aa38658017dfc6f234e7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f4dad6ef0fe636cc10fc12e15f7c774083209a11075bd92fbeea4d573d363a
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8b19af75b77e8d96706f9c314513e0a15cd1093c3c59a0bb99c8ba2839ffebf
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783
b93dc28e453320f021269ce14d25c62c8b21c3bf39557e335ce9642c0cd49c33
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be3e74dbd9087c9f65fc9dd5ee31569b89224f667cab7edafd6ba15890201c2d
bfacb51c7e0885f8f53d0c224d45a0d465396600aa03090fa02a5fcf491d8a39
c81971e19b11a9ae41a77ddda670e802aa70c8e3efaf8ad4d75691c1b0957b65
cb43e017223e2a531fa7b866d1968ec3a68cd52ccf5849a282de351aa3cd56ec
cb6600669772087709a4a4202ede1cc8852480fc38ae81914d548c0017b1b326
cb8f4223d001f1e3235cb74d09e952217df7a067f1fb723b6b5720bda52ab92b
cf008ea50216e14d67c03a9a37519774dbcb1f03a17767ee63e4f1ed967a25fc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d09e255043f49dc8e8457829826dd4c4db091f857a7ca6fca26613266bd82b41
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d235c24d60876585a1949942248f4b5ed7e936829a4706bf70e00483a0270f54
d44de562bca74762c1fe38491057b654bf67752cc14396a0f08d6da696159bdd
d4cb55e40214fff2a9d0c6d60a114800493f95afb896262d286cd395da7511c5
d4fb0d427ce09b9ae2ffd00c427fb2da298e16bb30cf77a3de7d6b30ad21e322
d5cc7d71efaf00b363b33b835fa050a71bf6c65698622f0635866c8a24a24ed3
d64b05fc43fc4c439d6d5f3b9e81f9bbb182b04c146dd8847f5723907600f79d
d6adc7cf8bc9027ebe6b5434a0b1420b9926a09835c0d5645d9d2257dd550e2c
d719d906c16377af549e87a0c0128872143ded1478c372b4dc2268d9e207299a
d88f506ca05b17dc2be1ba3751bbfbf2359483ddd2020ca3b94d236ec4fbef6a
d9d8c24c62c219b81212de073edabf87daa25db193a82272578819c7b8223775
db128b9a0a279a178ebefa264101fcf8c0e722488f048a9b27b33e30dfc6d597
db76deba860a5b232f1a6dbb2dd000aa0a670bb63f9dc9283b5a06122822f172
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d9117e8001a95c85738c65619f13e1e9f363d72ac04725c48f96abbf9b4dbb
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e801554ae5f3c178c9486025670386126a2895a18ed7b8a321ccebb7622946fb
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4
ea7dfcdc42377aef75d4ce41c49630d0ceb149b92d681d928909034c40151fd0
ed9dccbab3c367d75315ef5dd60dc9c8a14d4c9113ba3157a254f5bcda4e7356
ee3ff8f17971dfbb97829280552c3bc404b34d3b92d2ddccabd17c5c529a20ca
eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12847ee6a53c64a74234fcb5547474a0bd7813f38dac4685322a4228b03882c
f1288a1480b86548d31fa33fe5b29de98e90250e24758f5f79461d9ca08e34ee
f4d9115104dc3086ffd82eba09aca64df61b5614cc9beedc2f3716455a2bceed
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b
fa2f121ec9dd0d5b0d523ff61e37089fdeb595c2d4ebe34be4e67d8bee6a7e25
fa715b659ac04819187bf153e25b5f6230dafc5870bd4ad5a91a93b5c7c264f3

www.rt.com Open in urlscan Pro 2604:9a00:2100:a017::179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

266 Requests

98 %HTTPS

41 %IPv6

50 Domains

95 Subdomains

66 IPs

10 Countries

5876 kBTransfer

13638 kBSize

6 Cookies

32 Outgoing links

Redirected requests

266 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rt.com Open in urlscan Pro
2604:9a00:2100:a017::179 Public Scan

Screenshot
Live screenshot

Full Image

266
Requests

98 %
HTTPS

41 %
IPv6

50
Domains

95
Subdomains

66
IPs

10
Countries

5876 kB
Transfer

13638 kB
Size

6
Cookies

266 HTTP transactions
15 data transactions