www.btimesonline.com Open in urlscan Pro
138.91.226.25 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.btimesonline.com/
Submission: On November 25 via api (November 25th 2024, 6:54:48 am UTC) from CA — Scanned from CA

Summary HTTP 254 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 42 IPs in 4 countries across 25 domains to perform 254 HTTP transactions. The main IP is 138.91.226.25, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.btimesonline.com.
TLS certificate: Issued by R11 on October 22nd 2024. Valid for: 3 months.

This is the only time www.btimesonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	138.91.226.25 138.91.226.25	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
61	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
4 8	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:6ea0:c45... 2a02:6ea0:c454::1	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
2	2606:4700::68... 2606:4700::6810:e1f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
22	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:806::2002	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
3	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
1	104.18.28.101 104.18.28.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:214... 2600:9000:2141:d800:1c:2afd:fb00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	141.95.33.120 141.95.33.120	16276 (OVH OVH SAS) (OVH OVH SAS)
1	13.226.34.99 13.226.34.99	16509 (AMAZON-02) (AMAZON-02)
1 2	2600:9000:284... 2600:9000:2840:1800:1b:6b7d:2300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
1 2	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
1	3.221.57.175 3.221.57.175	14618 (AMAZON-AES) (AMAZON-AES)
20	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
3	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
2	18.238.49.74 18.238.49.74	16509 (AMAZON-02) (AMAZON-02)
20	2606:4700:440... 2606:4700:4400::6812:25cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.51.58.26 23.51.58.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	52.73.131.229 52.73.131.229	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:116:800b... 2620:116:800b:21:a021:b886:81cc:55cf	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2620:116:800b... 2620:116:800b:21:b08a:1dc5:659b:4055	14618 (AMAZON-AES) (AMAZON-AES)
1	192.184.68.228 192.184.68.228	14618 (AMAZON-AES) (AMAZON-AES)
1	209.204.229.80 209.204.229.80	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3	2600:9000:247... 2600:9000:247b:5400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.65.198 142.250.65.198	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2006	15169 (GOOGLE) (GOOGLE)
1	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:1f18:730... 2600:1f18:730:b130:6a2e:9644:9d1:f0f2	14618 (AMAZON-AES) (AMAZON-AES)
1	34.193.58.216 34.193.58.216	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:1f13:800... 2600:1f13:800:7781:6056:61c2:f314:9e75	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:808::2004	15169 (GOOGLE) (GOOGLE)
254	42

1 138.91.226.25 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.btimesonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn.btimesonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
datacdn.btimesonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:f6cb (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 Datacamp Limited, GB)

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tradingview-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:e1f0 (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3021.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

rt3021.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.101 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2141:d800:1c:2afd:fb00:93a1 (United States)

ASN16509 (AMAZON-02, US)

d-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.120 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3203256.ip-141-95-33.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-99.ewr53.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2840:1800:1b:6b7d:2300:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

96489a2c2a9ad550b591b4d6e7a95ecb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.221.57.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-57-175.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.49.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-74.jfk52.r.cloudfront.net

content.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:4400::6812:25cf (United States)

ASN13335 (CLOUDFLARENET, US)

media.adcanvas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.adcanvas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.51.58.26 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-58-26.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.73.131.229 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-131-229.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:a021:b886:81cc:55cf (United States)

ASN14618 (AMAZON-AES, US)

pixel.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:b08a:1dc5:659b:4055 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

exch.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.184.68.228 (United States)

ASN14618 (AMAZON-AES, US)

pixel-ssn.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.204.229.80 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a5637.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:247b:5400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.198 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:6a2e:9644:9d1:f0f2 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.58.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-58-216.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7781:6056:61c2:f314:9e75 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	btimesonline.com www.btimesonline.com cdn.btimesonline.com datacdn.btimesonline.com	2 MB
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 96489a2c2a9ad550b591b4d6e7a95ecb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 173	906 KB
25	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 6954 router.infolinks.com — Cisco Umbrella Rank: 2853 rt3021.infolinks.com — Cisco Umbrella Rank: 76470	301 KB
22	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 ad.doubleclick.net — Cisco Umbrella Rank: 145	237 KB
20	adcanvas.com media.adcanvas.com — Cisco Umbrella Rank: 25277 analytics.adcanvas.com — Cisco Umbrella Rank: 25829	610 KB
12	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 680 static.adsafeprotected.com — Cisco Umbrella Rank: 639 dt.adsafeprotected.com — Cisco Umbrella Rank: 537	112 KB
11	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 www.google.com — Cisco Umbrella Rank: 3 Failed	73 KB
8	unpkg.com 4 redirects unpkg.com — Cisco Umbrella Rank: 740	978 KB
5	quantcount.com 1 redirects content.quantcount.com — Cisco Umbrella Rank: 5185 pixel.quantcount.com — Cisco Umbrella Rank: 3431 exch.quantcount.com — Cisco Umbrella Rank: 3834 pixel-ssn.quantcount.com — Cisco Umbrella Rank: 41371	4 KB
4	liadm.com 1 redirects d-code.liadm.com — Cisco Umbrella Rank: 3414 idx.liadm.com — Cisco Umbrella Rank: 1368 rp.liadm.com — Cisco Umbrella Rank: 966 rp4.liadm.com — Cisco Umbrella Rank: 5689	48 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	quantserve.com pixel.quantserve.com — Cisco Umbrella Rank: 1059	543 B
3	intentiq.com 1 redirects api.intentiq.com — Cisco Umbrella Rank: 2238 sync.intentiq.com — Cisco Umbrella Rank: 1052	3 KB
3	33across.com 1 redirects cdn-ima.33across.com — Cisco Umbrella Rank: 1329 lexicon.33across.com — Cisco Umbrella Rank: 1453	7 KB
3	gstatic.com fonts.gstatic.com	68 KB
2	casalemedia.com a5637.casalemedia.com — Cisco Umbrella Rank: 67830 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 521	303 B
2	getclicky.com static.getclicky.com — Cisco Umbrella Rank: 12927 in.getclicky.com — Cisco Umbrella Rank: 11405	6 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 506	146 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	46 KB
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 1848
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946	292 B
1	tradingview-widget.com www.tradingview-widget.com — Cisco Umbrella Rank: 27723
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 332	33 KB
1	tradingview.com s3.tradingview.com — Cisco Umbrella Rank: 16886	5 KB
0	id5-sync.com Failed id5-sync.com Failed
254	25

	Domain	Requested by
50	datacdn.btimesonline.com	www.btimesonline.com
34	pagead2.googlesyndication.com	www.btimesonline.com pagead2.googlesyndication.com securepubads.g.doubleclick.net blank googleads.g.doubleclick.net
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com
16	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net imasdk.googleapis.com www.btimesonline.com pagead2.googlesyndication.com
13	analytics.adcanvas.com	blank www.btimesonline.com
11	rt3021.infolinks.com	resources.infolinks.com
11	resources.infolinks.com	www.btimesonline.com router.infolinks.com resources.infolinks.com
11	cdn.btimesonline.com	www.btimesonline.com cdn.btimesonline.com
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
8	unpkg.com	4 redirects www.btimesonline.com
7	media.adcanvas.com	blank media.adcanvas.com
5	dt.adsafeprotected.com	www.btimesonline.com
4	pixel.adsafeprotected.com	1 redirects blank www.btimesonline.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com blank
3	static.adsafeprotected.com	pixel.adsafeprotected.com blank
3	pixel.quantserve.com	blank www.btimesonline.com
3	router.infolinks.com	resources.infolinks.com
3	fonts.gstatic.com	fonts.googleapis.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	ad.doubleclick.net	googleads.g.doubleclick.net
2	content.quantcount.com	blank
2	lexicon.33across.com	1 redirects www.btimesonline.com
2	sync.intentiq.com	1 redirects www.btimesonline.com
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	rp4.liadm.com	www.btimesonline.com
1	rp.liadm.com	1 redirects
1	ssum-sec.casalemedia.com	blank
1	s0.2mdn.net	blank
1	a5637.casalemedia.com	blank
1	pixel-ssn.quantcount.com	blank
1	exch.quantcount.com	1 redirects
1	pixel.quantcount.com	blank
1	z.moatads.com	blank
1	www.google.com	securepubads.g.doubleclick.net ep2.adtrafficquality.google
1	idx.liadm.com	d-code.liadm.com
1	96489a2c2a9ad550b591b4d6e7a95ecb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	imasdk.googleapis.com	resources.infolinks.com
1	api.intentiq.com	resources.infolinks.com
1	lb.eu-1-id5-sync.com	resources.infolinks.com
1	d-code.liadm.com	resources.infolinks.com
1	cdn-ima.33across.com	resources.infolinks.com
1	in.getclicky.com	static.getclicky.com
1	www.tradingview-widget.com	s3.tradingview.com
1	www.googletagservices.com	www.btimesonline.com
1	static.getclicky.com	www.btimesonline.com
1	s3.tradingview.com	www.btimesonline.com
1	fonts.googleapis.com	www.btimesonline.com
1	www.btimesonline.com
0	id5-sync.com Failed	resources.infolinks.com
254	49

This site contains links to these domains. Also see Links.

Domain
www.businesstimeschina.com
www.tradingview.com

Subject Issuer	Validity	Valid
www.btimesonline.com R11	`2024-10-22` - `2025-01-20`	3 months	crt.sh
cdn.btimesonline.com DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.tradingview.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-11` - `2025-11-10`	a year	crt.sh
datacdn.btimesonline.com DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.getclicky.com E6	`2024-11-21` - `2025-02-19`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
infolinks.com WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.tradingview-widget.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-03-19`	8 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-30`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2024-10-31` - `2025-11-28`	a year	crt.sh
eu-1-id5-sync.com R11	`2024-11-11` - `2025-02-09`	3 months	crt.sh
*.intentiq.com Amazon RSA 2048 M03	`2024-03-26` - `2025-04-24`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
quantserve.com R11	`2024-10-22` - `2025-01-20`	3 months	crt.sh
adcanvas.com Cloudflare Inc ECC CA-3	`2024-02-14` - `2024-12-31`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2024-09-27` - `2025-09-27`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M03	`2024-02-28` - `2025-03-28`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2024-11-04` - `2025-12-06`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M03	`2024-04-08` - `2025-05-08`	a year	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://www.btimesonline.com/
Frame ID: E715BF52BC1ACCBFADC74720578E8CA9
Requests: 137 HTTP requests in this frame

Frame: https://www.tradingview-widget.com/embed-widget/ticker-tape/?locale=en
Frame ID: 817D9E3AA4013F7719DB5C804349E4F3
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3296558&wsid=1&pdom=www.btimesonline.com&purl=https%3A%2F%2Fwww.btimesonline.com%2F
Frame ID: 486680EA7D68F1F72BCC3E54B502778D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: AE55BB6F6548106E068B82251A4B3131
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6972463087035118&output=html&adk=1812271804&adf=3025194257&abgtt=10&lmt=1732517679&plaf=1%3A1&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&fba=1&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.btimesonline.com%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aipaq=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732517679281&bpp=4&bdt=814&idt=196&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4850998781738&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088729%2C31088961%2C95335246%2C95345967&oid=2&pvsid=3907910928481&tmod=1462561367&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=220
Frame ID: CA548DB1354854D51A6860CDC8959BC2
Requests: 1 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-4.0.html
Frame ID: F8FE1DDA28E680289E70FCDE9EA460F8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 84D7EAD64C82E4E4813DAD37A9185660
Requests: 1 HTTP requests in this frame

Frame: https://96489a2c2a9ad550b591b4d6e7a95ecb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 075121A6258916B07F2E9922E246BE46
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3-evm7zqiPk5wHdi4Qw6BjEC5_oYWRTd9nUkBmWVUytdNR0mwjJPGPkDi9OGDOzcQXcglk6PdCjPtsyJdCeI0QhZH5XKkqtnMIBXhuHQkQY4WFWwI4U2hFkdDdxirws0SaOGvonCmhzCfjuYXmFPbXz3-AtjDL64jIeovY8uqL_QjH9arughLm6VxD585Oqns2JbgX8p-yLLFfviYrRD6k3c6mrR85noQ19JGvZLeDtG6wPSLOjxsTTk_-wj6oY0jZtO4ycDNEUZCawmfyt7Otq7EpO-fc8Kcvf0yVY6SDiw-0ETEBHGsi2_40tKE3O0Zl6ausALFquZ650Im_W2cj52gf_TkAPkdfu5uLJUsDo_krV04tHR1NlPDpeSsKvkh59knHsZ8KvVxJ4ogYo2rBw&sai=AMfl-YQU6hcHBoLqbzQlXQrd-yylJfRZF5irYYGsRUubxBF9fcr-mDtN6fNrnqfG3N28zUFiMSM312r1xyW0ehYjPkLv4o5pC9kqRtnShgD-0cqqcNXFpHeZKwckU9s&sig=Cg0ArKJSzCILVumwGT38EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: F139670413D299863B03323361F0C9BC
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstj5UEJi0a5DIY2SDiztfSC5_jlJla6KFETykIJkjF6UxSbBPNPfvyTRTUZB57iqMGNNSiEI8vWMAEi26O1_FevgYwuZbJEZN8ms4Yh90-lc1AGcKDJIhNgquwx1U_upozBVgVhbppw6El0eJ0r-Sb6kMqUbzaw3OKpeiEQr0OL9Sxr1AyDRBlTBV44d2_Vdm1EaPbnxVMysHZDJHBV9JF1tqX5UKMG5pJ_isDqQiohQkP1BZuQCrvjsJf5Bu2aFB3pKdn26GUL2bAsC93vshtvZV5r3HX0bZsXxlddeO0q95zWwkRtF90xLkSIks-NSG08Ve3Xy_V2f1eomQ3dFoClZYDDKHL8CFAQIR-yRQ5QJ9piHo7XKHEH-f28P6XxYKqt16wvLO_Rzyv5R-dBvA&sai=AMfl-YTo8Dh40LcV3MdjCBXkNRd9hxDwN4OOzoB5wibDQEkKugKUdPjb_o5P90QGV6iNdJahibiqOGEqvvmebWWu4gebyx9KihDfoKD9qT66ZedodGyOjhyRjAHgPo8&sig=Cg0ArKJSzGf02q0JYyDYEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 82AD9F5A96F746C0E4A678EFF1D2C8A0
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIQTL8NQPkZlyXZu6nXJpKKRA50UQDMyXGnG1quPa9eeM87SyEzZ0p9zWgypYbDqpqf9pyxvgkqvHjm1iQ6k6305pezGX4PPIetggWc1khPu1eIcSGhI6foehsA5pAQ_yOzRFKobhpx_k6-3xLnb9P9-ZqDb6FNVpZ7xa0cTdizlVVylT-rl3agEcXXbBsUBETCXzoLj8XAnx0Aj0xuvujlABrfHpyuU-C-9jMZCSsFXs7BdH58-jttGjKkKG74JaroJ-5w9--U8hhOX0CmAfixhiVC567OP2370l5tp0TV0xmLM19EKsVFFzSq_5iyIvYzyCUwu38LrF0diT5rBA8fkuUKQLpMCDvxTcI7iTb2ljql0rja-Q4jjmZnIJ5naMAhG5CA9BcHIv_OcQ&sai=AMfl-YR9R5oH4z5WU6HSTbEbuNWN5rRm4A0hauvoyNsOfu_qcpZ3Zc4lZFi0cJOGWCsmlyZKaDxz-NpsbTH5r1mWnIV7Pl_9J4kRLhLluHmLUiJb4zPt4v5WFJI0d5A&sig=Cg0ArKJSzI1TXw3e3rEyEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: D8E19A9159665B892FCDD5E00B63F145
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulLMARXnC0dcQ9JdkLgszdfEslQ5QDcGnsK_QF1qr3U8em5iB9Previ3xUd5EggjBpK8ZGRbf2L6hqKoHuk1KZJ9f9HuTudfgWbT-nVdTpU_zdogO2XWaie3IouXZtdbbp0tNi8zQzg3RCteiuOsLyBNz_1e551m9fqrzF7Tljx9hQVBO1MgRbmBREi14zFaxe1QkBy3R1x45VAZNmAf04ejBMUNUbCS2Q8MLHJczPMfCuHodVIgSl-HRZFTZSJPQUqOi0KNPdAuhbrZZ1G9_1Rv-_F8zfAx4ddqADbtFSw7tP-2BQn5ma4qDJ5JRvAlbegUuX8CfbQFT-x__i0eDMXSoJS86yi7g6slnvWEtVMz_EP6ACz1bKVAFFisXlOUuy8MUExuTjY6A&sai=AMfl-YSL-yqjm0I9YNc8BOLuIQaJ5VvfIed__ECji0CNWaa1lUiBXRVp4vsythpVTCaejMZFE3-YaWCnB5uwlOhDfRfPHTvK1ITw5l96GIMoqEl5z3d5hJy9k9B9MKc&sig=Cg0ArKJSzETRBZrxVP8WEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: C7087B467E6DEF8428E397E1F70A73DC
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoGpm0J4WL_FBbITLBU-V2n-aRGz3U-55C5ibjAi0ARsOoBA_K44agAWKCbJT8NI-EqflAJjSnTCQApmRrl4suingNAy3zNFUHyfwOdvxISYhkQW2XCOD8b3n0MrPQsaqaWTk_z-y1ja28bUFsLGbpk1DkTo86hWCytMflZj7XvKjIvj34zWmz8XtLW0srUqBCIS-OxcjOLWkaUEffdS4_3kLX4csXCbf-mXp8Id0MwEBo5Y090cG-c5dj4low9SoEWkfHOwPjBXRl9eRo10TkXgdXl1hYvD7V64V_wrpg5i9Jf4u_zZKHkxX6dsYLE0ujSyna247nMIWFuRmjg8xpyvfcs4ukAr0y3mLIn_oi8XfVeXoIs70lArx2krkyyFFQryxdud2rmDNOt-s&sai=AMfl-YR8_8CS2kt1azEbdmy2K-3V9_AYatQLyaeZmJsqM0eM2ypaxKF7B6E16vuOdWypoQ72sjNrL02J2KAuSLqgcSCEJSmV_ZRBdfdcJe77ZZvAjBFtvlOS_YmK4Xw&sig=Cg0ArKJSzAijJ6kG6yckEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: CD834531540F94AB456CC61077E3876F
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEc1GHWs9qH832uukk0To0nZb49T8UPAywC-0jsEbErmHZXmw8YH7U5SWtlzA7A3ioIhOwjmzVQVUzsGGGSQFbK7bF3zKVWFRLbVKnuTYJsQ0fvth9302K0xQlbF5QPqEfIwgi7gfOqkOk8Pt5iFwfcImHauHSO3nu0J9ohqigBkrbwb-uwc0siojsYMZXo2ykXXA207ehDvDn6cHQFAJXpdKD-Se-8Ky250aPRrTqTPEk3ySlDE3WKV9V5LwUImXx3-DeztJoNv4nQYUhjL_olV4LBrRl5h_OIOupOxYIpxe9aruCdScDJIpMPfl2g7QbnDCjt4hsywby3Z0KGk9-vm7Kkuo05WIA1NtYUqo6sixA18c13wac79K4tgHbOwlLTWxph07O952ijkY&sai=AMfl-YSZPJAh2rx78jLmXjz4AzcvxK_CzG9yp2e2yAKZ9S67TIYWzfpRfjBDCpvDb9qqGEwUJWyZrjbOI_Wu3dM_bjLciDGA5ZTwrqgV9NHQIE3qqwgasti4KV1aSxQ&sig=Cg0ArKJSzEg_59xKvia9EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: AFEBD837C16787795601B101FB065B95
Requests: 10 HTTP requests in this frame

Frame: https://pixel.quantserve.com/pixel/p-y6Nyh2U0YDhwK.gif?&media=ad&p=0.427&r=758704&rand=858187888&labels=_qc.imp,_imp.adserver.rtb,_imp.qccampaign.9059957,_imp.flight.0,_imp.lineitem.0&rtbip=192.184.73.143&rtbdata2=EBc6HGh0dHBzOi8vd3d3LmJ0aW1lc29ubGluZS5jb21aJDZqbzNfX2RvTThXcWYyckg2WGxLX3NZNFVjbnNXbXFRNFpBPYABqqS3nAW6ASQ3OTNhY2FkNy1hZWE2LTQ0MjEtOTkxYi1kNDBjYTZjMmNiMTXAAfiHGsgBmKfnkLYy2gEqNmRmZjQzZTUtMjc5ZS00YzI0LWJhMmEtYzNlMTMzMjhiMDVjfjI5Mn4xsAIOyAIA0ALO4Yb7-J_3zKkB6AKmAfICDgimARD_kIzVsPrU1a0B8gIOCIG7KBDhqrr4sarJyEX4AgCKAwczMjk2NTU4kgMJaW5mb2xpbmtzmAMAqAMAsgMEpgDNDboDEgkNQMeUzQ8lsxHIjrchoX6mosIDEgmaT_5ICdq3DRFiDbqmpLgDpMgDoIDAE9gD8NCbmQPiAw9wLXk2TnloMlUwWURod0vqAwYIrAIQ-gHyAwloM2glMjAwYTH4AwCABPIYigQCNzeaBBIJfkFZIgFDxBERIcUb3FQCqaeiBBIJDUDHlM0PJbMRyI63IaF-pqKqBBIJDUDHlM0PJbMRyI63IaF-pqK4BPAQ0AQZ8gQCQ0GABQGKBSoyMGU3Y2FmODM3ZDUzZWNmMWViOTBjMTM3OWI3NTYwYjI0ZDYxYWI3ZGGQBQGaBRUg58r4N9U-zx65DBN5t1YLJNYat9qiBSQ2am8zX19kb004V3FmMnJINlhsS19zWTRVY25zV21xUTRaQT24BQDABZCv5OYMyAX1_KgE0gUGCAIQAhgK6AUHmgYUChIJfkFZIgFDxBERIcUb3FQCqaegBgC1BkKALjm6Bj4KAkNBEgJRQxiuzAciCG1vbnRyZWFsKgloM2glMjAwYTE6G2FjZSUyMGRhdGElMjBjZW50ZXJzJTIwaW5jLskGLEgymGs0kgfqBhVodHRwczovL2ZseXBvcnRlci5jb23xBgAAMphrNJIH-AYBgAcA&fpan=0&fpa=I0-916056253-1732517680714&d=www.btimesonline.com&et=1732517680714&sr=1600x1200x24&tzo=480
Frame ID: 32CF578978BA93D3E4D74C2F42CC2DCE
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COzZ3AIQ9PjnAhjhgKydAjAB&v=APEucNUIbCOue6CWDtlYTcvH_EgiVMXD3xb7kDfjQXZgWKEghJVZbH4bwLHHFA1eQfcM7XXgiSo84bGOPObVmFHYwybPoL0vbA
Frame ID: 74C2421400A76DF785CE6743652EB24F
Requests: 1 HTTP requests in this frame

Frame: https://a5637.casalemedia.com/impression/v2/460422/85/ct21uc7pdr6f2do4r08g/57a6b102-af55-4aa7-a8a1-9962296a7c51?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1732518280&profileIDs=&creativeID=32e9d74&pubID=191306&format=banner&channel=site&ap=0.39&ee=1
Frame ID: 71FF6898FC69D58508111848A8856E27
Requests: 18 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=191306&gdpr=0
Frame ID: 92A7245D56C4451DC6524F586B05F6BD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4E141433F1A3A2963C2C42521EE10F0A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 90B08EB6EA56FB53F7D55F74C858F3AD
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 547F35CAAEF07FE0FDFBB10E5B0CE8FD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C1C6187F1B1D0657D66DAC82CD0F5999
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Business Times - Business & Financial News, China & International Breaking News

Detected technologies

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

254
Requests

92 %
HTTPS

63 %
IPv6

25
Domains

49
Subdomains

42
IPs

4
Countries

5581 kB
Transfer

13219 kB
Size

161
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.businesstimeschina.com/
Title: 中文

Search URL Search Domain Scan URL

URL: https://www.tradingview.com/
Title: Ticker Tape

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://unpkg.com/video.js/dist/video-js.css HTTP 302
https://unpkg.com/video.js@8.19.1/dist/video-js.css

Request Chain 6

https://unpkg.com/video.js/dist/video.js HTTP 302
https://unpkg.com/video.js@8.19.1/dist/video.js

Request Chain 7

https://unpkg.com/videojs-flash/dist/videojs-flash.js HTTP 302
https://unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js

Request Chain 8

https://unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js HTTP 302
https://unpkg.com/videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js

Request Chain 97

https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=852122&iiqidtype=2&iiqpcid=dd19615b-2bff-45f6-b47c-8d08a7a658b3&iiqpciddate=1732517679776&tsrnd=181_1732517679777&fbp=2785070349&jsver=5.36&abtp=100&abtg=A HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=852122&iiqidtype=2&iiqpcid=dd19615b-2bff-45f6-b47c-8d08a7a658b3&iiqpciddate=1732517679776&tsrnd=181_1732517679777&fbp=2785070349&jsver=5.36&abtp=100&abtg=A&ckls=true&ci=npBofoQFvH&nc=false&trid=-1329716359

Request Chain 103

https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.14.0 HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.14.0&b=1&tp=HE1%2FF5XE0WT0F1H7dmbiSLPJAfw%2Fy%2FA%2F9N0AfxZLlH4%3D

Request Chain 187

https://exch.quantcount.com/pixel/p-y6Nyh2U0YDhwK.gif?iid=545556141584809984&labels=_qc.extra_user_agent&platform=&platformVersion=&model= HTTP 302
https://pixel-ssn.quantcount.com/pixel/p-y6Nyh2U0YDhwK.gif?iid=545556141584809984&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=a799192b-624e-4308-9e81-f8d597db4e00

Request Chain 218

https://rp.liadm.com/j?dtstmp=1732517681194&did=did-004d&se=e30&duid=9f1e706a1e4b--01jdh1kn1x5yabyk2235n1rng5&tv=v3.5.0&pu=https%3A%2F%2Fwww.btimesonline.com%2F&wpn=lc-bundle&wpv=v3.5.0&cd=.btimesonline.com&c=PHRpdGxlPkJ1c2luZXNzIFRpbWVzIC0gQnVzaW5lc3MgJmFtcDsgRmluYW5jaWFsIE5ld3MsIENoaW5hICZhbXA7IEludGVybmF0aW9uYWwgQnJlYWtpbmcgTmV3czwvdGl0bGU-PGgxIHN0eWxlPSJkaXNwbGF5Om5vbmU7Ij5CdXNpbmVzcyBUaW1lcyAtIEJ1c2luZXNzICZhbXA7IEZpbmFuY2lhbCBOZXdzLCBDaGluYSAmYW1wOyBJbnRlcm5hdGlvbmFsIEJyZWFraW5nIE5ld3M8L2gxPg&pv=433a0b7f-382f-4e9b-bf1b-b4a321836a95 HTTP 302
https://rp4.liadm.com/j?dtstmp=1732517681194&did=did-004d&se=e30&duid=9f1e706a1e4b--01jdh1kn1x5yabyk2235n1rng5&tv=v3.5.0&pu=https%3A%2F%2Fwww.btimesonline.com%2F&wpn=lc-bundle&wpv=v3.5.0&cd=.btimesonline.com&c=PHRpdGxlPkJ1c2luZXNzIFRpbWVzIC0gQnVzaW5lc3MgJmFtcDsgRmluYW5jaWFsIE5ld3MsIENoaW5hICZhbXA7IEludGVybmF0aW9uYWwgQnJlYWtpbmcgTmV3czwvdGl0bGU-PGgxIHN0eWxlPSJkaXNwbGF5Om5vbmU7Ij5CdXNpbmVzcyBUaW1lcyAtIEJ1c2luZXNzICZhbXA7IEZpbmFuY2lhbCBOZXdzLCBDaGluYSAmYW1wOyBJbnRlcm5hdGlvbmFsIEJyZWFraW5nIE5ld3M8L2gxPg&pv=433a0b7f-382f-4e9b-bf1b-b4a321836a95&i6=MjAwMTo0OTU4OjE0MjA6MTUxOjoxMw%3D%3D

Request Chain 239

https://pixel.adsafeprotected.com/rfw/st/2184108/81709832/skeleton.js?ias_advId=${ACCOUNT_ID}&ias_creativeId=0&ias_campId=9059957&ias_placementId=9160212&adsafe_par&ias_impId=545556141584809984&custom=0db7da09-48fe-4f9a-a403-b8a4a6ba0d62&custom2=b3250fcd-94c7-400d-a2a6-7ea121b78ec8&custom3=p-y6Nyh2U0YDhwK&adsafe_url=https%3A%2F%2Fwww.btimesonline.com%2F&adsafe_type=abeq&adsafe_jsinfo=,id:bf260958-3f8f-b78c-5ac4-93fa4788eb73,c:v1stIN,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-5c6979c97f-wfcnk,rg:va,pt:1-5-15,wc:30.30.1600.1200,ac:30.980.300.250,am:i,cc:30.980.300.250,piv:88,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:ctKpc1,mtim:490,mot:0,app:0,maw:0,tdt:s,fm:uv7tCZm+11%7C12%7C13%7C14%7C15%7C16111%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i*.2184108-81709832%7C1j1%7C1j2%7C1j3,idMap:1i*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:CANVAS.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:514,oid:24eaacef-aafa-11ef-809a-ca4675d93f38,v:19.8.553,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ff:1,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

254 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.btimesonline.com/ 71 KB
19 KB 710ms
311ms Document
text/html 138.91.226.25
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.btimesonline.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.91.226.25 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

766c3439f344d25bf4e05390b8e864fc2592cbe8696f9799d0c66c7aca4bf28b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Nov 2024 06:54:38 GMT
Keep-Alive: timeout=5, max=100
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Server: Apache/2.4.29 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H2 200 grid.css
cdn.btimesonline.com/static/common/_v2.0.1/css/ 9 KB
2 KB 288ms
47ms Stylesheet
text/css 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.btimesonline.com/static/common/_v2.0.1/css/grid.css

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

52cffae81b3ccf41a12d6099b6ab8e205275bce418c8ec20a5e4b826350c0f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L1_T2
content-encoding: gzip
etag: "250d-5a18fde15f9e0-gzip"
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Mon, 25 Nov 2024 06:54:38 GMT
content-type: text/css
last-modified: Tue, 24 Mar 2020 01:42:41 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=864000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1582
x-azure-ref: 20241125T065438Z-r1d48674995qtf95hC1YMQzxfn00000005pg0000000097ax

GET
H2 200 css
fonts.googleapis.com/ 5 KB
990 B 268ms
131ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i&display=swap

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c353208f8905170fd926a52de793e7dedb9e3c6079d1e6be1681fca8cbe8f2c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 06:54:38 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 25 Nov 2024 06:54:38 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 common-v3.css
cdn.btimesonline.com/static/common/_v2.0.1/css/ 23 KB
5 KB 288ms
48ms Stylesheet
text/css 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.btimesonline.com/static/common/_v2.0.1/css/common-v3.css

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cc259e56f86bfe8da892c5a6301b262b2ecde56fbdbac1de00e59b99472bf85f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L1_T2
content-encoding: gzip
etag: "5c46-5b09eda4c1d81-gzip"
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Mon, 25 Nov 2024 06:54:38 GMT
content-type: text/css
last-modified: Thu, 01 Oct 2020 16:53:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=864000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4732
x-azure-ref: 20241125T065438Z-r1d48674995qtf95hC1YMQzxfn00000005pg0000000097b0

GET
H2 200 popup-v3.css
cdn.btimesonline.com/static/common/_v2.0.1/css/ 6 KB
2 KB 286ms
46ms Stylesheet
text/css 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.btimesonline.com/static/common/_v2.0.1/css/popup-v3.css

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3190d521e2af2986503394c423d289e53d53965dcd6ca6595d36d76a0fafb29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: public, max-age=864000
content-encoding: gzip
etag: "16e4-5b378a2d9a63b-gzip"
x-fd-int-roxy-purgeid: 0
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_HIT
content-length: 1463
date: Mon, 25 Nov 2024 06:54:38 GMT
content-type: text/css
last-modified: Fri, 06 Nov 2020 23:33:13 GMT
vary: Accept-Encoding
x-azure-ref: 20241125T065438Z-r1d48674995qtf95hC1YMQzxfn00000005pg0000000097az
x-frame-options: SAMEORIGIN

GET
H2 200 homepage.css
cdn.btimesonline.com/static/common/_v2.0.1/css/ 12 KB
2 KB 331ms
91ms Stylesheet
text/css 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.btimesonline.com/static/common/_v2.0.1/css/homepage.css

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ec09d5c9109ac007e730e19c240d8d11f8364d34a6e057aa316c8115cc200364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
content-encoding: gzip
etag: "31b2-5a18fde15f9e0-gzip"
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:38 GMT
content-type: text/css
last-modified: Tue, 24 Mar 2020 01:42:41 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=864000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2096
x-azure-ref: 20241125T065438Z-r1d48674995qtf95hC1YMQzxfn00000005pg0000000097ay

GET
H2

200

video-js.css
unpkg.com/video.js@8.19.1/dist/
Redirect Chain

https://unpkg.com/video.js/dist/video-js.css
https://unpkg.com/video.js@8.19.1/dist/video-js.css

52 KB
16 KB

138ms
137ms

Stylesheet
text/css

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/video.js@8.19.1/dist/video-js.css

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7bb783f4efc4ea8b8f1e92aa3b91b6296686f5ecd02c3402a3aff653e5714cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "d076-QOqMU74dicZAtNRTmxifqhEQEpc"
age: 2781151
x-content-type-options: nosniff
date: Mon, 25 Nov 2024 06:54:38 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JAY59G2CS5VAMGSQHQF5W94T-lga
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8e7fba844c58de9b-EWR
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /video.js@8.19.1/dist/video-js.css
content-encoding: br
cf-cache-status: HIT
age: 218
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8e7fba83cbcdde9b-EWR
access-control-allow-origin: *
date: Mon, 25 Nov 2024 06:54:38 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JDH1CY9T6RFGA03QG2RK6C85-lga
server: cloudflare

GET
H2

200

video.js Show response
unpkg.com/video.js@8.19.1/dist/
Redirect Chain

https://unpkg.com/video.js/dist/video.js
https://unpkg.com/video.js@8.19.1/dist/video.js

2 MB
735 KB

61ms
61ms

Script
application/javascript

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/video.js@8.19.1/dist/video.js

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0e3e360dae8b6889e5b7572b4f781ee7519c4f7a5076e36ed2cd7335d562009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "23e91d-NK6RhI3Q9zYxfF3ksqOUNnMxlnA"
age: 1715549
x-content-type-options: nosniff
date: Mon, 25 Nov 2024 06:54:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JBXXGMDSX95CHW9JX44T7ZXE-lga
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8e7fba844c5ede9b-EWR
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /video.js@8.19.1/dist/video.js
content-encoding: br
cf-cache-status: HIT
age: 174
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8e7fba83cbd2de9b-EWR
access-control-allow-origin: *
date: Mon, 25 Nov 2024 06:54:38 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JDH1E9F46EYK2Y5P4MSVFRTW-lga
server: cloudflare

GET
H2

200

videojs-flash.js Show response
unpkg.com/videojs-flash@2.2.1/dist/
Redirect Chain

https://unpkg.com/videojs-flash/dist/videojs-flash.js
https://unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js

38 KB
13 KB

61ms
60ms

Script
application/javascript

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/videojs-flash@2.2.1/dist/videojs-flash.js

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9162832cc3ed9507d8f869dd0d4fd0dacde05a078172d82a98b05e0aef1f1a34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "99ef-EigKzOQZJEjpPjsu+eGt9sbrqUo"
age: 1991124
x-content-type-options: nosniff
date: Mon, 25 Nov 2024 06:54:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JBNPQ8XBVW3YN68V0NRWEM87-lga
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8e7fba844c5cde9b-EWR
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /videojs-flash@2.2.1/dist/videojs-flash.js
content-encoding: br
cf-cache-status: HIT
age: 197
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8e7fba83cbd4de9b-EWR
access-control-allow-origin: *
date: Mon, 25 Nov 2024 06:54:38 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JDH1DK6JECD64D1NB0KB7K54-lga
server: cloudflare

GET
H2

200

videojs-contrib-hls.js Show response
unpkg.com/videojs-contrib-hls@5.15.0/dist/
Redirect Chain

https://unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js
https://unpkg.com/videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js

700 KB
212 KB

138ms
138ms

Script
application/javascript

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa938226e6eddc96da5a52d7a9aba85c6b4eed0e56ad1ca66fd8f5ee8bb0acd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "af180-yddBL+N7CRgyB07pxWVoSeh+9Bw"
age: 1711623
x-content-type-options: nosniff
date: Mon, 25 Nov 2024 06:54:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JBY190KERX2RSE1T6TBDKKZ0-lga
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8e7fba844c5bde9b-EWR
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js
content-encoding: br
cf-cache-status: HIT
age: 151
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8e7fba83cbd5de9b-EWR
access-control-allow-origin: *
date: Mon, 25 Nov 2024 06:54:38 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JDH1EZN6CMWS952Z2F29EW62-lga
server: cloudflare

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 13 KB
5 KB 208ms
41ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 186bcc05f5b870b7654a13f0263704082b3fbbce560aed44cdcb1b948cc1a081

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cdn-status: 200
access-control-max-age: 3000
content-encoding: br
etag: "6680cd1b6251560dd16b72be492888c7"
access-control-allow-methods: GET
date: Mon, 25 Nov 2024 06:54:39 GMT
last-modified: Fri, 22 Nov 2024 20:05:25 GMT
content-type: text/javascript
vary: Accept-Encoding
cdn-cache: HIT
x-amz-id-2: uwbtUhI1U723ao0Kj24sPW9ekAfgtK/ICXZEKHWIn6o5s7ZflQrKettlv08ZHdDlM4XKuk2edhUu+WVigJ47Ox+JFj5R85BmYjxMi+GWeCE=
cdn-requestpullcode: 200
cdn-cachedat: 11/22/2024 23:55:31
cache-control: public, max-age=300
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 0e2daf09-b694-4906-9f20-7c3ca5f9a6a3
cdn-requestid: 6727d4d94e46f06e3963938434cccd99
cdn-pullzone: 1837468
cdn-proxyver: 1.06
x-amz-request-id: TDF1Y5S99T8C7CVX
access-control-allow-origin: *
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: CA
x-amz-server-side-encryption: AES256

GET
H2 200 amazon-bets-on-black-friday-deals-in-early-holiday-shopping-push.jpg
datacdn.btimesonline.com/data/thumbs/full/124367/437/262/50/40/ 30 KB
31 KB 628ms
374ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/124367/437/262/50/40/amazon-bets-on-black-friday-deals-in-early-holiday-shopping-push.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

51c506717ecb4851d11f652abd558d74176d875e7ba8ffb6808d62f84df05890

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:38 GMT
access-control-allow-origin: *
x-cache: TCP_MISS
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065438Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arpm
x-frame-options: SAMEORIGIN

GET
H2 200 ground-beef-recall-expands-as-15-minnesotans-fall-ill-from-e-coli.jpg
datacdn.btimesonline.com/data/thumbs/full/129919/106/64/50/40/ 4 KB
4 KB 105ms
67ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129919/106/64/50/40/ground-beef-recall-expands-as-15-minnesotans-fall-ill-from-e-coli.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dd2d36f2b48bce7913b5a6624f56c7c903fe231853bf56e9b390d06891ace197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:50 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
content-length: 3689
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arpz
x-frame-options: SAMEORIGIN

GET
H2 200 bitcoin-rises.jpg
datacdn.btimesonline.com/data/thumbs/full/124006/106/64/50/40/ 5 KB
6 KB 95ms
57ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/124006/106/64/50/40/bitcoin-rises.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9a76a639d637e399b87ab07182a4c89b14021c5fe6d6314e5b37f59f94032282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:51 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
content-length: 5473
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arq0
x-frame-options: SAMEORIGIN

GET
H2 200 exxon.jpg
datacdn.btimesonline.com/data/thumbs/full/109063/106/64/50/40/ 4 KB
5 KB 103ms
66ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/109063/106/64/50/40/exxon.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9970196d4556b329f03aea66cc72c05c884b21112d5065a67568f505586c838e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:51 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
content-length: 4529
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arq1
x-frame-options: SAMEORIGIN

GET farther-lower.jpg
datacdn.btimesonline.com/data/thumbs/full/123573/106/64/50/40/ 0
0

GET
H2 200 u-s-pushes-google-to-sell-chrome-amidst-major-antitrust-crackdown.jpg
datacdn.btimesonline.com/data/thumbs/full/129882/106/64/50/40/ 7 KB
7 KB 131ms
94ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129882/106/64/50/40/u-s-pushes-google-to-sell-chrome-amidst-major-antitrust-crackdown.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

05e1f9f91de1ef95a9342e1334773712a3974dcf67dc96bed52c3beb22807b91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:51 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
content-length: 6963
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arq3
x-frame-options: SAMEORIGIN

GET
H2 200 u-s-vetoes-un-resolution-on-gaza-ceasefire.jpg
datacdn.btimesonline.com/data/thumbs/full/129904/237/142/50/40/ 9 KB
9 KB 545ms
290ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129904/237/142/50/40/u-s-vetoes-un-resolution-on-gaza-ceasefire.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f3e72d7afabac1453d62986ca12915c3c3bce0369dc918ce57814042515e46d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:38 GMT
access-control-allow-origin: *
x-cache: TCP_MISS
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065438Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arpk
x-frame-options: SAMEORIGIN

GET
H2 200 file-photo-representative-matt-gaetz-r-fl-speaks-during-a-hearing-in-the-rayburn-house-office-building-on-capitol-hill-in-washington-u-s-july-29-2020.jpg
datacdn.btimesonline.com/data/thumbs/full/121324/237/142/50/40/ 10 KB
10 KB 614ms
572ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/121324/237/142/50/40/file-photo-representative-matt-gaetz-r-fl-speaks-during-a-hearing-in-the-rayburn-house-office-building-on-capitol-hill-in-washington-u-s-july-29-2020.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

86751bd24ab09f1eea1d360463a73021fa37719d2918fb96480f37fc6e84cb2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:39 GMT
access-control-allow-origin: *
x-cache: TCP_MISS
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arpw
x-frame-options: SAMEORIGIN

GET
H2 200 donald-trump.jpg
datacdn.btimesonline.com/data/thumbs/full/119634/237/142/50/40/ 12 KB
12 KB 109ms
66ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/119634/237/142/50/40/donald-trump.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0aa24a01b9433cc569a55203b2ddbc4d7c25166a1ce1b76ee83b87a49c7e315f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:51 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arpx
x-frame-options: SAMEORIGIN

GET
H2 200 edgar-bronfman-jr-raises-5-5b-in-high-stakes-bid-to-acquire-paramount.jpg
datacdn.btimesonline.com/data/thumbs/full/129391/130/75/50/40/ 5 KB
6 KB 315ms
273ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129391/130/75/50/40/edgar-bronfman-jr-raises-5-5b-in-high-stakes-bid-to-acquire-paramount.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

72416b4586eaaba37f1914180fb89e6e6696762ff8221fc5c460d6c0accbd2e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:39 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 5429
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arpy
x-frame-options: SAMEORIGIN

GET
H2 200 eu-china-agree-to-hold-summit-michel-says-after-xi-call.jpg
datacdn.btimesonline.com/data/thumbs/full/124538/130/75/50/40/ 5 KB
6 KB 103ms
68ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/124538/130/75/50/40/eu-china-agree-to-hold-summit-michel-says-after-xi-call.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

50413da2813556d9b988747639dff3a0174d15eab37ba2a680153412b7129eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:52 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
content-length: 5500
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arq4
x-frame-options: SAMEORIGIN

GET
H2 200 whistleblower-fired-after-exposing-alleged-transgender-medicaid-fraud-at-texas-childrens-hospital.jpg
datacdn.btimesonline.com/data/thumbs/full/129386/130/75/50/40/ 6 KB
6 KB 309ms
274ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129386/130/75/50/40/whistleblower-fired-after-exposing-alleged-transgender-medicaid-fraud-at-texas-childrens-hospital.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3b28a6339fd05794b5f04baa18295ac71dc6cc99304adf62327793564ac82366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:39 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 6122
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arq5
x-frame-options: SAMEORIGIN

GET
H2 200 lvs-shanghai-chocolate-store.png
datacdn.btimesonline.com/data/thumbs/full/129384/130/75/50/40/ 14 KB
14 KB 144ms
109ms Image
text/plain 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129384/130/75/50/40/lvs-shanghai-chocolate-store.png

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

81a5de2317089c54e96d5b2c5a8107f774ec981e822b7eb9aaf0b1448a991418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:56 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: png
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arq6
x-frame-options: SAMEORIGIN

GET
H2 200 ex-president-trump-heads-to-nyc-for-court-appearance-amid-heightened-security-measures.jpg
datacdn.btimesonline.com/data/thumbs/full/127262/370/222/50/40/ 22 KB
23 KB 2378ms
2345ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/127262/370/222/50/40/ex-president-trump-heads-to-nyc-for-court-appearance-amid-heightened-security-measures.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

77286fe495961a84896891eaa6d0a0362adcfb3766caf55e1448ad55d66e277d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:41 GMT
access-control-allow-origin: *
x-cache: TCP_MISS
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arq7
x-frame-options: SAMEORIGIN

GET terrified-king-charles-already-sees-prince-harry-as-emotionally-unstable-and-volatile-prior-to-royal-rift.jpg
datacdn.btimesonline.com/data/thumbs/full/129329/370/222/50/40/ 0
0

GET
H2 200 indian-politician-baba-siddique-shot-dead-in-mumbai-amid-election-tensions-and-criminal-links.jpg
datacdn.btimesonline.com/data/thumbs/full/129701/370/222/50/40/ 32 KB
32 KB 142ms
110ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129701/370/222/50/40/indian-politician-baba-siddique-shot-dead-in-mumbai-amid-election-tensions-and-criminal-links.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e37e2bf3051ee04d768a7ae7874dce7176d43294e4935fe4dee6c24bd8bcf32c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:52 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arq9
x-frame-options: SAMEORIGIN

GET
H2 200 u-s-to-deploy-thaad-missile-system-and-troops-to-israel-amid-rising-tensions-with-iran.jpg
datacdn.btimesonline.com/data/thumbs/full/129700/370/222/50/40/ 28 KB
28 KB 195ms
163ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129700/370/222/50/40/u-s-to-deploy-thaad-missile-system-and-troops-to-israel-amid-rising-tensions-with-iran.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

af31eeaf585dcb946cb1a78eb02626c1c7e1b603568031ec880e29c81cdd4d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:56 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqa
x-frame-options: SAMEORIGIN

GET
H2 200 crisis.jpg
datacdn.btimesonline.com/data/thumbs/full/119343/370/222/50/40/ 26 KB
27 KB 641ms
610ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/119343/370/222/50/40/crisis.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a5a628bc985210918a628179365e51cc9c281c7e756169306931834fef74d760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:39 GMT
access-control-allow-origin: *
x-cache: TCP_MISS
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqb
x-frame-options: SAMEORIGIN

GET donald-trump.png
datacdn.btimesonline.com/data/thumbs/full/129070/370/222/50/40/ 0
0

GET
H2 200 nobel-prize-in-economics-awarded-to-economists-for-groundbreaking-research-on-global-wealth-disparity.jpg
datacdn.btimesonline.com/data/thumbs/full/129704/370/222/50/40/ 27 KB
27 KB 157ms
126ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129704/370/222/50/40/nobel-prize-in-economics-awarded-to-economists-for-groundbreaking-research-on-global-wealth-disparity.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

330af96a4be10f64e6554c25c437ca8bfa379552887565535144eba67d28303a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:57 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqd
x-frame-options: SAMEORIGIN

GET
H2 200 drinks-section.jpg
datacdn.btimesonline.com/data/thumbs/full/89459/370/222/50/40/ 56 KB
56 KB 3409ms
3379ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/89459/370/222/50/40/drinks-section.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

db691e7b19d5fe304c6b01c4cc4a11e17082e81dbb3a0dca34cce24ed2443b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:42 GMT
access-control-allow-origin: *
x-cache: TCP_MISS
date: Mon, 25 Nov 2024 06:54:42 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqe
x-frame-options: SAMEORIGIN

GET
H2 200 jobless-claim.jpg
datacdn.btimesonline.com/data/thumbs/full/117633/370/222/50/40/ 40 KB
40 KB 156ms
126ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/117633/370/222/50/40/jobless-claim.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b3a6fd34d8c6fd988158f99379bde3b5f0a20ebc3fa8c04e78eddb9574d49726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:59 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqf
x-frame-options: SAMEORIGIN

GET
H2 200 solid-exports.jpg
datacdn.btimesonline.com/data/thumbs/full/116999/370/222/50/40/ 37 KB
37 KB 3318ms
3288ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/116999/370/222/50/40/solid-exports.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6d8a5ab37c434762e02d67b453d56d4bca7d4472f90957afad78f764042a9c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:42 GMT
access-control-allow-origin: *
x-cache: TCP_MISS
date: Mon, 25 Nov 2024 06:54:42 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqg
x-frame-options: SAMEORIGIN

GET
H2 200 deteriorating-ties.jpg
datacdn.btimesonline.com/data/thumbs/full/124365/370/222/50/40/ 17 KB
18 KB 141ms
112ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/124365/370/222/50/40/deteriorating-ties.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d3457614398b40b4c94d0de11b4bb00ad65942eb56746a5cf35d995d6e394cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:57 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqh
x-frame-options: SAMEORIGIN

GET
H2 200 china-and-vietnam-boost-economic-cooperation-with-agreements-on-trade-payments-and-rail-links.jpg
datacdn.btimesonline.com/data/thumbs/full/129702/370/222/50/40/ 17 KB
17 KB 177ms
148ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129702/370/222/50/40/china-and-vietnam-boost-economic-cooperation-with-agreements-on-trade-payments-and-rail-links.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6e73ac1aab0225fdd479b4cdfc0c2542306b9204a640347b0b27ad38a6326da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:57 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqk
x-frame-options: SAMEORIGIN

GET
H2 200 hammered.jpg
datacdn.btimesonline.com/data/thumbs/full/112656/370/222/50/40/ 27 KB
27 KB 139ms
110ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/112656/370/222/50/40/hammered.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b4bc8415f36e80f8baa9f1431c6cab31d52d8195dc2ab938362249d058ca493e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:57 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqm
x-frame-options: SAMEORIGIN

GET
H2 200 jamie-dimon-ceo-of-jpmorgan-chase.jpg
datacdn.btimesonline.com/data/thumbs/full/106135/370/222/50/40/ 29 KB
29 KB 108ms
79ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/106135/370/222/50/40/jamie-dimon-ceo-of-jpmorgan-chase.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ba8b3932dbf9da5b3796e86987a42289bfd94dae25b7cd95f844df6ab518fcdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:57 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqn
x-frame-options: SAMEORIGIN

GET
H2 200 wells-fargo-scandal.jpg
datacdn.btimesonline.com/data/thumbs/full/106832/370/222/50/40/ 35 KB
36 KB 139ms
111ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/106832/370/222/50/40/wells-fargo-scandal.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2283e9267edd8f78bf73bdb238aff08823b6e58593bcaec0138c93fc8041af58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:57 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqp
x-frame-options: SAMEORIGIN

GET
H2 200 macbook-pro-cc-by-nd-2-0.jpg
datacdn.btimesonline.com/data/thumbs/full/94630/370/222/50/40/ 31 KB
31 KB 140ms
112ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/94630/370/222/50/40/macbook-pro-cc-by-nd-2-0.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3e194a03e320afda119786a142797e1823140ab2f8558c771329dae572364301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:57 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqq
x-frame-options: SAMEORIGIN

GET
H2 200 best-picture.jpg
datacdn.btimesonline.com/data/thumbs/full/115960/370/222/50/40/ 20 KB
20 KB 121ms
94ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/115960/370/222/50/40/best-picture.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

594d1b9f9e71babbb9cd32cd0dff40b5be08c3b9333f0ae1f44476e6ff31a4d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:58 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqr
x-frame-options: SAMEORIGIN

GET
H2 200 elon-musk.jpg
datacdn.btimesonline.com/data/thumbs/full/122254/370/222/50/40/ 26 KB
27 KB 140ms
113ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/122254/370/222/50/40/elon-musk.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3be7a25cd1088b2e516fcda725c417dc6acbef02b77423e4b178ddacc12c4ca5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:57 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqs
x-frame-options: SAMEORIGIN

GET
H2 200 file-photo-singer-justin-bieber-performs-a-medley-of-songs-at-the-2016-billboard-awards-in-las-vegas-nevada-u-s-may-22-2016-reuters-mario-anzuoni-file-photo.jpg
datacdn.btimesonline.com/data/images/full/105421/ 353 KB
354 KB 2648ms
2621ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/images/full/105421/file-photo-singer-justin-bieber-performs-a-medley-of-songs-at-the-2016-billboard-awards-in-las-vegas-nevada-u-s-may-22-2016-reuters-mario-anzuoni-file-photo.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1af4226844b0d44966810101dd4306d26114f256e179dddaf1ea210c99f695ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: public, max-age=864000
etag: "58503-59c9deaa8ac95"
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 361731
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: image/jpeg
last-modified: Tue, 21 Jan 2020 03:22:24 GMT
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqt
x-frame-options: SAMEORIGIN

GET
H2 200 leonardo-dicaprio.jpg
datacdn.btimesonline.com/data/images/full/127177/ 168 KB
169 KB 3044ms
3018ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/images/full/127177/leonardo-dicaprio.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6105da26d83e4a8f430191acd5c5d15db8540279a4a08f6075f40234df56e270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: public, max-age=864000
etag: "2a14e-5f6bebbaf2aa5"
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 172366
date: Mon, 25 Nov 2024 06:54:42 GMT
content-type: image/jpeg
last-modified: Mon, 13 Mar 2023 02:18:56 GMT
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqu
x-frame-options: SAMEORIGIN

GET
H2 200 jordan-chiles-ordered-to-return-olympic-bronze-medal-after-appeal-rejected-despite-new-evidence.jpg
datacdn.btimesonline.com/data/thumbs/full/129335/370/222/50/40/ 24 KB
25 KB 139ms
112ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129335/370/222/50/40/jordan-chiles-ordered-to-return-olympic-bronze-medal-after-appeal-rejected-despite-new-evidence.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fc395d0d7d7b75e2194c1c837592ecedd6980fa6b6dee7225bab5b8979aca1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:57 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqv
x-frame-options: SAMEORIGIN

GET
H2 200 olympic-gold-medalist-imane-khelif-sues-j-k-rowling-and-elon-musk-after-facing-cyber-harassment-over-gender-allegations.jpg
datacdn.btimesonline.com/data/thumbs/full/129344/370/222/50/40/ 45 KB
45 KB 464ms
438ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129344/370/222/50/40/olympic-gold-medalist-imane-khelif-sues-j-k-rowling-and-elon-musk-after-facing-cyber-harassment-over-gender-allegations.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f3f8458e0537b01f6c4832d01053e9391a6d3d247bdd2e38c4877c3252e03275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:39 GMT
access-control-allow-origin: *
x-cache: TCP_MISS
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqw
x-frame-options: SAMEORIGIN

GET u-s-and-global-anti-doping-agencies-clash-over-undercover-tactics.jpg
datacdn.btimesonline.com/data/thumbs/full/129304/370/222/50/40/ 0
0

GET
H2 200 nearly-10-million-pounds-of-poultry-recalled-over-listeria-fears-schools-and-retailers-affected.jpg
datacdn.btimesonline.com/data/thumbs/full/129696/370/222/50/40/ 40 KB
41 KB 2902ms
2876ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129696/370/222/50/40/nearly-10-million-pounds-of-poultry-recalled-over-listeria-fears-schools-and-retailers-affected.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aee0d01202c426494bc76a931bd5395e1f6f55b140f9aca38616aa5645d1613f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:41 GMT
access-control-allow-origin: *
x-cache: TCP_MISS
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqy
x-frame-options: SAMEORIGIN

GET
H2 200 scientists-behind-ai-breakthrough-in-protein-structure-prediction-win-nobel-prize-in-chemistry.jpg
datacdn.btimesonline.com/data/thumbs/full/129672/370/222/50/40/ 38 KB
38 KB 100ms
75ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129672/370/222/50/40/scientists-behind-ai-breakthrough-in-protein-structure-prediction-win-nobel-prize-in-chemistry.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3be6b19e3cb1f7b0a781973aedf6611bdc4b50d2ef0caaec34b61714d2a17b9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 0
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:58 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arqz
x-frame-options: SAMEORIGIN

GET
H2 200 american-biologists-victor-ambros-and-gary-ruvkun-win-nobel-prize-for-discovery-of-microrna.png
datacdn.btimesonline.com/data/thumbs/full/129656/370/222/50/40/ 186 KB
186 KB 135ms
110ms Image
text/plain 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129656/370/222/50/40/american-biologists-victor-ambros-and-gary-ruvkun-win-nobel-prize-for-discovery-of-microrna.png

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

92e2e930b525ee731efb1934e31bb0febf29b4df8f2f50887b8a7a218d760f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:57 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: png
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arr0
x-frame-options: SAMEORIGIN

GET
H2 200 china-to-pilot-property-tax-scheme-in-some-regions-xinhua.jpg
datacdn.btimesonline.com/data/thumbs/full/124634/370/222/50/40/ 22 KB
23 KB 135ms
111ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/124634/370/222/50/40/china-to-pilot-property-tax-scheme-in-some-regions-xinhua.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

16ea4d9b470482e5cf209a66fa223974fab62906f0859fbc1555fc82ac7e2d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:57 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arr1
x-frame-options: SAMEORIGIN

GET
H2 200 u-s-mortgage-rates-plunge-to-6-55-sparking-surge-in-refinancing-applications.png
datacdn.btimesonline.com/data/thumbs/full/129289/370/222/50/40/ 124 KB
124 KB 1446ms
1423ms Image
text/plain 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129289/370/222/50/40/u-s-mortgage-rates-plunge-to-6-55-sparking-surge-in-refinancing-applications.png

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

618ecda038710d0c086d23ba55f4e348e90824f0df05482980f4922a6831651a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:40 GMT
access-control-allow-origin: *
x-cache: TCP_MISS
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: png
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arr2
x-frame-options: SAMEORIGIN

GET
H2 200 home-sales.jpg
datacdn.btimesonline.com/data/thumbs/full/101444/370/222/50/40/ 42 KB
42 KB 131ms
109ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/101444/370/222/50/40/home-sales.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e9a1e173c5d22953b14b81ab7c2ea27688c2dd35090b29654db2b2d4d5134645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:57 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arr3
x-frame-options: SAMEORIGIN

GET
H2 200 elon-musks-30k-cybercab-and-robovan-unveiled-experts-doubt-teslas-bold-autonomy-claims.png
datacdn.btimesonline.com/data/thumbs/full/129691/370/222/50/40/ 104 KB
104 KB 105ms
83ms Image
text/plain 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129691/370/222/50/40/elon-musks-30k-cybercab-and-robovan-unveiled-experts-doubt-teslas-bold-autonomy-claims.png

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

953346c7651b5a2c180049708aad09ec457716bf62e0f64256365a36f9348fb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:57 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: png
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arr4
x-frame-options: SAMEORIGIN

GET
H2 200 chinese-electric-vehicle-maker-nio-incs-product-launch-event-in-chengdu.jpg
datacdn.btimesonline.com/data/thumbs/full/119067/370/222/50/40/ 23 KB
24 KB 135ms
113ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/119067/370/222/50/40/chinese-electric-vehicle-maker-nio-incs-product-launch-event-in-chengdu.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d08a73bfa46d6d9f303d0deef9923ba20785ee644722f49d2bdf296b30f24b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:58 GMT
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arr5
x-frame-options: SAMEORIGIN

GET
H2 200 tesla.jpg
datacdn.btimesonline.com/data/thumbs/full/124982/370/222/50/40/ 42 KB
42 KB 2642ms
2621ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/124982/370/222/50/40/tesla.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

597a805493b978f26f68bc716e50fdb0ad6ade4cc7e2e486fb05658107cdd23e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:41 GMT
access-control-allow-origin: *
x-cache: TCP_MISS
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arr6
x-frame-options: SAMEORIGIN

GET
H2 200 u-s-deploys-task-force-ayungin-to-support-philippine-maritime-operations-amid-south-china-sea-disputes.jpg
datacdn.btimesonline.com/data/thumbs/full/129916/340/229/50/40/ 19 KB
19 KB 375ms
354ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129916/340/229/50/40/u-s-deploys-task-force-ayungin-to-support-philippine-maritime-operations-amid-south-china-sea-disputes.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

791c3d1384e7390a8a560168651e4bf79d4ee906ab2a7951da9b8c3eb2c3d050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:39 GMT
access-control-allow-origin: *
x-cache: TCP_MISS
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arr7
x-frame-options: SAMEORIGIN

GET
H2 200 volodymyr-zelenskyy.jpg
datacdn.btimesonline.com/data/thumbs/full/126654/340/229/50/40/ 21 KB
22 KB 4317ms
4296ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/126654/340/229/50/40/volodymyr-zelenskyy.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

14bc0af75865d9421446cb13184b9e124710c8c67ac0c1187cc18f1b08441a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:43 GMT
access-control-allow-origin: *
x-cache: TCP_MISS
date: Mon, 25 Nov 2024 06:54:43 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arr8
x-frame-options: SAMEORIGIN

GET
H2 200 putin-vows-support-to-north-korea-against-u-s-sanctions-in-historic-visit.jpg
datacdn.btimesonline.com/data/thumbs/full/129021/119/80/50/40/ 5 KB
5 KB 303ms
283ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129021/119/80/50/40/putin-vows-support-to-north-korea-against-u-s-sanctions-in-historic-visit.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a3c6972644eaf712e1478a85836b3730ab7500df9f695fd31acd1d26718b624a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:39 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 5000
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arr9
x-frame-options: SAMEORIGIN

GET iran-activates-advanced-centrifuges-after-iaea-censure-threatens-npt-exit.jpg
datacdn.btimesonline.com/data/thumbs/full/129914/119/80/50/40/ 0
0

GET
H2 200 suspicious-package-at-u-s-embassy-in-london-declared-hoax-after-controlled-explosion.jpg
datacdn.btimesonline.com/data/thumbs/full/129915/119/80/50/40/ 5 KB
5 KB 3212ms
3192ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/129915/119/80/50/40/suspicious-package-at-u-s-embassy-in-london-declared-hoax-after-controlled-explosion.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f3ba91fdeaf4fe0c9cbd9bbc3c67008a63e811a6f475996e8d60d8e801c276f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 5131
date: Mon, 25 Nov 2024 06:54:42 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arrb
x-frame-options: SAMEORIGIN

GET
H2 200 no-show.jpg
datacdn.btimesonline.com/data/thumbs/full/119234/119/80/50/40/ 4 KB
4 KB 3205ms
3186ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/119234/119/80/50/40/no-show.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ef865186ee223fb4cac8311f1028985ecc8c519836731e605048daa4cadde850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 0
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 3924
date: Mon, 25 Nov 2024 06:54:42 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arrc
x-frame-options: SAMEORIGIN

GET
H2 200 fast-diagnosis.jpg
datacdn.btimesonline.com/data/thumbs/full/125207/123/74/50/40/ 5 KB
5 KB 98ms
80ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/125207/123/74/50/40/fast-diagnosis.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fd174a6e8ff96849b1cfde7775f547a90e23450980ffcef02650cf9d42872c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 0
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
content-length: 4611
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arrd
x-frame-options: SAMEORIGIN

GET
H2 200 india.jpg
datacdn.btimesonline.com/data/thumbs/full/124761/123/74/50/40/ 5 KB
5 KB 131ms
113ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/124761/123/74/50/40/india.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e1f4ef7827fde3f068ae7647827a144bc3099f32bc0474dc576fbfbfc0fa5304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
content-length: 5185
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arre
x-frame-options: SAMEORIGIN

GET
H2 200 cdc.jpg
datacdn.btimesonline.com/data/thumbs/full/117637/123/74/50/40/ 6 KB
6 KB 93ms
75ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/117637/123/74/50/40/cdc.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

32ff625a498b91fca847f692e883069e75034c59847d4daa22050cc5d9976dfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
content-length: 6323
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arrf
x-frame-options: SAMEORIGIN

GET
H2 200 file-photo-a-woman-holds-a-small-bottle-labeled-with-a-coronavirus-covid-19-vaccine-sticker-and-a-medical-syringe.jpg
datacdn.btimesonline.com/data/thumbs/full/121437/123/74/50/40/ 5 KB
5 KB 98ms
80ms Image
image/jpeg 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacdn.btimesonline.com/data/thumbs/full/121437/123/74/50/40/file-photo-a-woman-holds-a-small-bottle-labeled-with-a-coronavirus-covid-19-vaccine-sticker-and-a-medical-syringe.jpg

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

25a0fbe6722f46cbac080ea242360d25828b9cdc634105af1e1b0a5b49c67c09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L2_T2
cache-control: max-age=31536000
pragma: cache
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 02:46:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_REMOTE_HIT
content-length: 5146
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/jpeg
x-azure-ref: 20241125T065439Z-r1d48674995zxr5mhC1YMQcnxg000000055g00000000arrg
x-frame-options: SAMEORIGIN

GET
H2 200 jquery-3.4.0.min.js Show response
cdn.btimesonline.com/static/common/_v2.0.1/js/ 86 KB
30 KB 71ms
29ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.btimesonline.com/static/common/_v2.0.1/js/jquery-3.4.0.min.js

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L1_T2
content-encoding: gzip
etag: "15857-5a18fde160980-gzip"
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Tue, 24 Mar 2020 01:42:41 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=864000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30668
x-azure-ref: 20241125T065439Z-r1d48674995qtf95hC1YMQzxfn00000005pg0000000097b4

GET
H2 200 jquery.sticky-kit.min.js Show response
cdn.btimesonline.com/static/common/_v2.0.1/js/ 3 KB
2 KB 80ms
63ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.btimesonline.com/static/common/_v2.0.1/js/jquery.sticky-kit.min.js

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L1_T2
content-encoding: gzip
etag: "aee-5a18fde160980-gzip"
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Tue, 24 Mar 2020 01:42:41 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=864000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1295
x-azure-ref: 20241125T065439Z-r1d48674995qtf95hC1YMQzxfn00000005pg0000000097b9

GET
H2 200 scripts.js Show response
cdn.btimesonline.com/static/common/_v2.0.1/js/ 8 KB
2 KB 75ms
33ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.btimesonline.com/static/common/_v2.0.1/js/scripts.js

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

133ecdae6e58daf3ad8c6f3126caec528fb1cde6478346c37b0d8373485d11e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-cache-info: L1_T2
content-encoding: gzip
etag: "200e-5a18ffae4ffb2-gzip"
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Tue, 24 Mar 2020 01:50:45 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=864000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2103
x-azure-ref: 20241125T065439Z-r1d48674995qtf95hC1YMQzxfn00000005pg0000000097b5

GET
H2 200 popup.js Show response
cdn.btimesonline.com/static/common/_v2.0.1/js/ 2 KB
1 KB 71ms
29ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.btimesonline.com/static/common/_v2.0.1/js/popup.js

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fd07e88139a8399bdf2e98f108b6d62134223974ef1fd72050e0c2028fe3e00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: public, max-age=864000
content-encoding: gzip
etag: "7fd-5b3372538d1c1-gzip"
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_HIT
content-length: 886
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Tue, 03 Nov 2020 17:25:12 GMT
vary: Accept-Encoding
x-azure-ref: 20241125T065439Z-r1d48674995qtf95hC1YMQzxfn00000005pg0000000097b6
x-frame-options: SAMEORIGIN

GET
H2 200 lazyload.min.js Show response
cdn.btimesonline.com/static/common/_v2.0.0/js/ 2 KB
1 KB 90ms
50ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.btimesonline.com/static/common/_v2.0.0/js/lazyload.min.js

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: public, max-age=864000
content-encoding: gzip
etag: "8a2-59b3dfc12d6cb-gzip"
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_HIT
content-length: 937
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Fri, 03 Jan 2020 15:30:07 GMT
vary: Accept-Encoding
x-azure-ref: 20241125T065439Z-r1d48674995qtf95hC1YMQzxfn00000005pg0000000097b8
x-frame-options: SAMEORIGIN

GET
H3 200 js Show response
static.getclicky.com/ 15 KB
6 KB 194ms
64ms Script
text/javascript 2606:4700::6810:e1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:e1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d1df41dafdc363341e9ec774163c4aa95f0808140fcbc1f8c42574c6ac84436

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 372990
cf-ray: 8e7fba86a88643a9-EWR
x-proxy-cache: MISS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Wed, 20 Nov 2024 23:18:09 GMT
priority: u=2,i=?0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
52 KB 201ms
68ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c582a4eeb59692c7bc63ca6d0bf107bcef0bfb474d04411d18df29f5aeee1cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 16541518939359696811
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53636
x-xss-protection: 0
server: cafe

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 4 KB
3 KB 241ms
50ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2aaaf8171a701189f4fd0e480156dec1d2c5856cf81f3d24756faf431f061a1f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"110d-62766e98f2ae0"
age: 13618
via: 1.1 google
cf-ray: 8e7fba86fee7a250-YYZ
expires: Mon, 25 Nov 2024 04:07:41 GMT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Thu, 21 Nov 2024 07:06:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 logo.png
cdn.btimesonline.com/static/common/_v2.0.1/images/ 17 KB
18 KB 77ms
63ms Image
image/png 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.btimesonline.com/static/common/_v2.0.1/images/logo.png

Requested by

Host: cdn.btimesonline.com
URL: https://cdn.btimesonline.com/static/common/_v2.0.1/css/common-v3.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8429ce86bafc3a22ba5436b930e276c4f6a0ab691ee3444648980c4c2274ab10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cdn.btimesonline.com/static/common/_v2.0.1/css/common-v3.css

Response headers

x-cache-info: L1_T2
cache-control: public, max-age=864000
etag: "449a-5a18fde160980"
x-fd-int-roxy-purgeid: 4027326
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_HIT
content-length: 17562
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/png
last-modified: Tue, 24 Mar 2020 01:42:41 GMT
x-azure-ref: 20241125T065439Z-r1d48674995qtf95hC1YMQzxfn00000005pg0000000097ba
x-frame-options: SAMEORIGIN

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 173ms
52ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.btimesonline.com
Referer: https://fonts.googleapis.com/

Response headers

age: 247659
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 10:07:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 10:07:00 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 181ms
60ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.btimesonline.com
Referer: https://fonts.googleapis.com/

Response headers

age: 281447
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 00:43:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:43:52 GMT
last-modified: Tue, 02 May 2023 15:12:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22504
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 177ms
57ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.btimesonline.com
Referer: https://fonts.googleapis.com/

Response headers

age: 242959
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 11:25:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 11:25:20 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 107 KB
33 KB 236ms
61ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61415cfd0290ede87a2fa8bd8dad8b4f4ef04f05c3ad590fcd1f11a297df774e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 404 / 20052 / m202411180101 / config-hash: 79477889192541496
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33386
x-xss-protection: 0
server: cafe

GET
H2 200 /
www.tradingview-widget.com/embed-widget/ticker-tape/ Frame 817D 0
0 224ms
63ms Document
text/html 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tradingview-widget.com/embed-widget/ticker-tape/?locale=en

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),

Reverse DNS

Software

BunnyCDN-NY1-885 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://static.tradingview.com/static/ blob: https://.ampproject.org/ https://.paypal.com/ https://platform.twitter.com https://platform.x.com https://songbird.cardinalcommerce.com/edge/v1/ https://checkout.razorpay.com/ https://cdn.checkout.com/ https://www.tradingview-widget.com/static/bundles/embed/ 'nonce-8NNidar2PC8tQUqM9IRZNg=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.btimesonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: max-age=120
cdn-cache: HIT
cdn-cachedat: 11/25/2024 06:53:06
cdn-edgestorageid: 885
cdn-proxyver: 1.06
cdn-pullzone: 2118568
cdn-requestcountrycode: CA
cdn-requestid: 5fddbc188cc123d873668ca9a3cf0a8f
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-status: 200
cdn-uid: 0e2daf09-b694-4906-9f20-7c3ca5f9a6a3
content-encoding: br
content-security-policy: script-src https://static.tradingview.com/static/ blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://platform.x.com https://songbird.cardinalcommerce.com/edge/v1/ https://checkout.razorpay.com/ https://cdn.checkout.com/ https://www.tradingview-widget.com/static/bundles/embed/ 'nonce-8NNidar2PC8tQUqM9IRZNg=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'; object-src 'none'
content-type: text/html; charset=utf-8
date: Mon, 25 Nov 2024 06:54:39 GMT
expires: Mon, 25 Nov 2024 06:54:13 GMT
referrer-policy: origin-when-cross-origin
server: BunnyCDN-NY1-885
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1970.003-4.011/ 194 KB
59 KB 54ms
52ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdfa5618d1b43e123fa394f1f52a20379ff4eabca85c9db42852842ae869fff5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=2592000
content-encoding: br
cf-cache-status: HIT
etag: W/"30795-6272c7fe560af"
age: 4004
via: 1.1 google
cf-ray: 8e7fba877f27a250-YYZ
expires: Wed, 25 Dec 2024 05:47:55 GMT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Mon, 18 Nov 2024 09:25:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 434 KB
144 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a059b8eeb772a50435eb517b600f8e3c98688cb03b741d60fd33308f65ec421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 11450720416681512858
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147586
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 492 KB
152 KB 192ms
43ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 3756
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 05:52:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 25 Nov 2024 05:52:03 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H2 200 manage
router.infolinks.com/usync/ Frame 4866 0
0 273ms
123ms Document
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3296558&wsid=1&pdom=www.btimesonline.com&purl=https%3A%2F%2Fwww.btimesonline.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.btimesonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8e7fba898b5cab1e-YYZ
content-encoding: br
content-type: text/html;charset=UTF-8
date: Mon, 25 Nov 2024 06:54:39 GMT
p3p: CP="NON DSP NID OUR COR"
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 283 B
260 B 154ms
141ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3296558&wsid=1&pdom=www.btimesonline.com&purl=https%3A%2F%2Fwww.btimesonline.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4206b3946e97ae57792d994c29f277ec12e6cfa043f9fc46d8ab7ed1996c9a86

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-store
content-encoding: br
cf-cache-status: DYNAMIC
via: 1.1 google
cf-ray: 8e7fba888fa8a250-YYZ
p3p: CP="NON DSP NID OUR COR"
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript;charset=ISO-8859-1
server: cloudflare

GET
H2 200 gsd Show response
router.infolinks.com/ 323 B
512 B 85ms
73ms Script
text/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3296558&wsid=1&pdom=www.btimesonline.com&purl=https%3A%2F%2Fwww.btimesonline.com%2F&jsv=1970.003-4.011&_cb=17325176794160
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74d12b26a6735ac2ecff94107f2b6e0ff2f451a7f6ab494251bc3991d11f23c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=0
content-encoding: br
cf-cache-status: DYNAMIC
pragma: no-cache
via: 1.1 google
cf-ray: 8e7fba888faaa250-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP NID OUR COR"
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: text/javascript;charset=UTF-8
server: cloudflare

GET
H3 200 in.php Show response
in.getclicky.com/ 131 B
374 B 152ms
133ms Script
text/javascript 2606:4700::6810:e1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101119494&href=%2F&title=Business%20Times%20-%20Business%20%26%20Financial%20News%2C%20China%20%26%20International%20Breaking%20News&res=1600x1200&lang=en-CA&tz=America%2FVancouver&tc=&ck=1&x=2mmolk
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:e1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=0, must-revalidate, no-cache, no-store, private
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-ray: 8e7fba88fa1f43a9-EWR
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame AE55 0
0 171ms
35ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.btimesonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 4083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 05:46:36 GMT
etag: 17661348622971093804
expires: Mon, 09 Dec 2024 05:46:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame CA54 0
0 193ms
72ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6972463087035118&output=html&adk=1812271804&adf=3025194257&abgtt=10&lmt=1732517679&plaf=1%3A1&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&fba=1&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.btimesonline.com%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aipaq=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732517679281&bpp=4&bdt=814&idt=196&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4850998781738&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088729%2C31088961%2C95335246%2C95345967&oid=2&pvsid=3907910928481&tmod=1462561367&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.btimesonline.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 06:54:39 GMT
expires: Mon, 25 Nov 2024 06:54:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 doq.htm Show response
rt3021.infolinks.com/action/ 3 KB
2 KB 284ms
105ms XHR
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3021.infolinks.com/action/doq.htm?pcode=utf-8&r=17325176795881
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de02d09cd2185b8303b66937156b15062f79b7d5e5b2cc6af21972ea299a8eca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache,no-store
content-encoding: br
cf-cache-status: DYNAMIC
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8e7fba8aac6aebb9-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.btimesonline.com
p3p: CP="NON DSP NID OUR COR"
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: text/html;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: cloudflare
content-language: en-CA

GET
H2 200 iqusync-1.32.min.js Show response
resources.infolinks.com/static/usync/ 2 KB
1003 B 48ms
45ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/usync/iqusync-1.32.min.js
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/lcmanage?pid=3296558&wsid=1&pdom=www.btimesonline.com&purl=https%3A%2F%2Fwww.btimesonline.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ddba0922a45957701891711e9f25d998cb23fc853271bba573dc0bc96dc64fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=2592000
content-encoding: br
cf-cache-status: HIT
etag: W/"906-61fa30c22522c"
age: 8141
via: 1.1 google
cf-ray: 8e7fba898829a250-YYZ
expires: Wed, 25 Dec 2024 04:38:58 GMT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Wed, 14 Aug 2024 11:30:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 90814396 Show response
fundingchoicesmessages.google.com/i/ 196 KB
65 KB 224ms
91ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/90814396?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8609f646da0eb30343e20f60e45a27d45f275e90399982458a854c58010dfec

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9Hl38VRChsnFabD43HnCSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0pBiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIDZUuMTqDMSORZdYPYFYtecSqzkQ3193ifU5EM84f5l1ARAXSVxhbQHi201XWB8DMcPXK6wcQCzEw7F-34RdbAI_Vm1czKykkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmhoaKlnYBhfYAAAaTtHBw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9Hl38VRChsnFabD43HnCSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 iquid-01.js Show response
resources.infolinks.com/static/ 68 KB
14 KB 53ms
51ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/iquid-01.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.32.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f60c8e46ff2161132091c8bdaf0628c161918a67a1d65854c21bc6bdff7eb91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=2592000
content-encoding: br
cf-cache-status: HIT
etag: W/"11007-613231db6db5c"
age: 13829
via: 1.1 google
cf-ray: 8e7fba8a388fa250-YYZ
expires: Wed, 25 Dec 2024 03:04:10 GMT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Fri, 08 Mar 2024 09:50:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ 16 KB
6 KB 208ms
45ms Script
application/javascript 104.18.28.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.32.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ee7d90acfcf61e37a67097a1f97ddb90fd685f3e9dcb6ed34931f2b94713d8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"671a7171-403e"
age: 203534
cf-ray: 8e7fba8b490454a9-YYZ
expires: Thu, 28 Nov 2024 06:54:39 GMT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 16:10:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 id5.js Show response
resources.infolinks.com/static/ 58 KB
17 KB 50ms
50ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/id5.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.32.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=2592000
content-encoding: br
cf-cache-status: HIT
etag: W/"e65f-5f7cf3aed6f0f"
age: 1342
via: 1.1 google
cf-ray: 8e7fba8a3891a250-YYZ
expires: Wed, 25 Dec 2024 06:32:17 GMT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Sun, 26 Mar 2023 15:25:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 did-004d.min.js Show response
d-code.liadm.com/ 137 KB
47 KB 200ms
41ms Script
application/javascript 2600:9000:2141:d800:1c:2afd:fb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d-code.liadm.com/did-004d.min.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.32.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2141:d800:1c:2afd:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c016ae81681aa024b9f246d58196402fa80d99d08402ebd00fef802803ea366b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: public,max-age=86400
content-encoding: gzip
age: 50681
via: 1.1 cfc9f11ee8d72e5bdd45ea3851048d52.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: bADU_PwjSRTGeLnj8ozjcRjC-dijGdqKquzf4cHX-DBNIxzRIzSjuw==
date: Sun, 24 Nov 2024 16:49:58 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-cf-pop: JFK50-P10

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
292 B 755ms
228ms XHR
application/json 141.95.33.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/id5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

f18b692d9e7a5c3928d40b78ee05061055859dece03dba97dc35aca876f95f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.btimesonline.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.btimesonline.com
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 ProfilesEngineServlet Show response
api.intentiq.com/profiles_engine/ 115 B
899 B 332ms
124ms XHR
text/html 13.226.34.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=328512134&pt=17&dpn=1&jsver=5.36&iiqidtype=2&iiqpcid=dd19615b-2bff-45f6-b47c-8d08a7a658b3&iiqpciddate=1732517679776&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=739_1732517679776&fbp=2785070349&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/iquid-01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-99.ewr53.r.cloudfront.net
Software: /
Resource Hash: c195ea4da5963c79a0a135688ef7b16f724a80048bc4c460f7b967d5c6ece678

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
x-amz-cf-id: rl4YlwZvBnpiCSvJzUSzznoSqTPU_AwmoAHpffmOIrLZ7kL3kJblbw==
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: text/html
vary: Origin
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me, DNT,X-CustomHeader,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control
patent: https://www.almondnet.com/ip
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 aa7679f2d01b23d9a66bfa6e92991b04.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.btimesonline.com
x-amz-cf-pop: EWR53-C2

GET
H2

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=852122&iiqidtype=2&iiqpcid=dd19615b-2bff-45f6-b47c-8d08a7a658b3&iiqpciddate=1732517679776&tsrn...
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=852122&iiqidtype=2&iiqpcid=dd19615b-2bff-45f6-b47c-8d08a7a658b3&iiqpciddate=1732517679776&tsrn...

43 B
1 KB

103ms
101ms

Image
image/gif

2600:9000:2840:1800:1b:6b7d:2300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=852122&iiqidtype=2&iiqpcid=dd19615b-2bff-45f6-b47c-8d08a7a658b3&iiqpciddate=1732517679776&tsrnd=181_1732517679777&fbp=2785070349&jsver=5.36&abtp=100&abtg=A&ckls=true&ci=npBofoQFvH&nc=false&trid=-1329716359
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H2
Server: 2600:9000:2840:1800:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
via: 1.1 df8f6af36021a14492ac417e389afd16.cloudfront.net (CloudFront)
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: image/gif
x-amz-cf-pop: JFK52-P7
x-amz-cf-id: KnsK1HCw0sG59FAzEeHKSapw64XhqFFLvlNzyS42oXT62AO25hVxUg==

Redirect headers

patent: https://www.almondnet.com/ip
cache-control: no-cache, no-store, must-revalidate
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=852122&iiqidtype=2&iiqpcid=dd19615b-2bff-45f6-b47c-8d08a7a658b3&iiqpciddate=1732517679776&tsrnd=181_1732517679777&fbp=2785070349&jsver=5.36&abtp=100&abtg=A&ckls=true&ci=npBofoQFvH&nc=false&trid=-1329716359
pragma: no-cache
via: 1.1 df8f6af36021a14492ac417e389afd16.cloudfront.net (CloudFront)
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: image/gif
x-amz-cf-pop: JFK52-P7
x-amz-cf-id: 077zZ_Ef0l9HEmbafuGFEKeEGefUw_rrOzi7nvZtLT2vMWVSIun7ug==

GET
H2 200 in_search.js Show response
resources.infolinks.com/js/1970.003-4.011/ 235 KB
37 KB 52ms
50ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1970.003-4.011/in_search.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b251749e04ba1d0a4dcd53781ebf83415823829c9f36ee5102372f98ab40d8a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=2592000
content-encoding: br
cf-cache-status: HIT
etag: W/"3aaea-6272c7fe560af"
age: 12991
via: 1.1 google
cf-ray: 8e7fba8b5915a250-YYZ
expires: Wed, 25 Dec 2024 03:18:08 GMT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Mon, 18 Nov 2024 09:25:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 bubble.js Show response
resources.infolinks.com/js/1970.003-4.011/ 156 KB
30 KB 49ms
47ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1970.003-4.011/bubble.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbba9fc7ade6d9d4d782f4d656f7e412a71382f37683a9f0bda868312d00c3e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=2592000
content-encoding: br
cf-cache-status: HIT
etag: W/"26fe5-6272c7fe55cc7"
age: 3973
via: 1.1 google
cf-ray: 8e7fba8b5916a250-YYZ
expires: Wed, 25 Dec 2024 05:48:26 GMT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Mon, 18 Nov 2024 09:25:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 424 KB
145 KB 217ms
78ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

977bd6573db0c146bae702f95e3af7a1f5d00899c3c9fb1afff078a71a893149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: private, max-age=900, stale-while-revalidate=3600
content-encoding: gzip
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:40 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148132
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H2 200 pbice.js Show response
resources.infolinks.com/js/pbice/4.011/ 262 KB
87 KB 52ms
51ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/pbice/4.011/pbice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a065dea64a7ef50e7dee1156eb94bacf09e0b5e7f6fb37c51b8c3e96a7301759

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=2592000
content-encoding: br
cf-cache-status: HIT
etag: W/"41632-625b18324cbff"
age: 12964
via: 1.1 google
cf-ray: 8e7fba8b5917a250-YYZ
expires: Wed, 25 Dec 2024 03:18:35 GMT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Wed, 30 Oct 2024 13:16:39 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 container-4.0.html
resources.infolinks.com/static/ Frame F8FE 0
0 44ms
43ms Document
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/container-4.0.html
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.btimesonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 10941
cache-control: max-age=2592000
cf-cache-status: HIT
cf-ray: 8e7fba8b6c14ab1e-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 25 Nov 2024 06:54:39 GMT
etag: W/"a9c-60cca5a8a7732"
expires: Wed, 25 Dec 2024 03:52:18 GMT
last-modified: Mon, 18 Dec 2023 15:25:02 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 google

GET
H2

200

envelope Show response
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.14.0
https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.14.0&b=1&tp=HE1%2FF5XE0WT0F1H7dmbiSLPJAfw%2Fy%2FA%2F9N0AfxZLlH4%3D

42 B
139 B

57ms
56ms

XHR
application/json

35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.14.0&b=1&tp=HE1%2FF5XE0WT0F1H7dmbiSLPJAfw%2Fy%2FA%2F9N0AfxZLlH4%3D
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H2
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.btimesonline.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/json
vary: origin

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location: https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.14.0&b=1&tp=HE1%2FF5XE0WT0F1H7dmbiSLPJAfw%2Fy%2FA%2F9N0AfxZLlH4%3D
access-control-allow-credentials: true
referrer-policy: unsafe-url
via: 1.1 google
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://www.btimesonline.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
vary: origin

GET
H2 200 intag_incontent.js Show response
resources.infolinks.com/js/1970.003-4.011/ 199 KB
29 KB 49ms
47ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1970.003-4.011/intag_incontent.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197a1bf68209a8821076b92800d377e2f176962471038db202b55a1e5869fd3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=2592000
content-encoding: br
cf-cache-status: HIT
etag: W/"31baf-6272c7fe554f7"
age: 3257
via: 1.1 google
cf-ray: 8e7fba8bb94ca250-YYZ
expires: Wed, 25 Dec 2024 06:00:22 GMT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Mon, 18 Nov 2024 09:25:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 in_frame.js Show response
resources.infolinks.com/js/1970.003-4.011/ 37 KB
12 KB 66ms
65ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1970.003-4.011/in_frame.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaa5885f1d8816f4f31ec2abdb1139bb97dfcb83687a6af734e1499352d12cd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: max-age=2592000
content-encoding: br
cf-cache-status: HIT
etag: W/"95b9-6272c7fe554f7"
age: 1063
via: 1.1 google
cf-ray: 8e7fba8bd959a250-YYZ
expires: Wed, 25 Dec 2024 06:36:56 GMT
date: Mon, 25 Nov 2024 06:54:39 GMT
content-type: application/javascript
last-modified: Mon, 18 Nov 2024 09:25:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 getads.htm Show response
rt3021.infolinks.com/action/ 13 KB
4 KB 429ms
429ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3021.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22apple%22%2C%22scs%22%3A%22SSJaLu9G_D%22%7D%5D&rid=6dff43e5-279e-4c24-ba2a-c3e13328b05c&jsv=1970.003-4.011&sr=1600X1200&rts=1732517679952&cfv=-1&cb=getAdsResponse&os=Linux&ov=x86_64&br=Chrome&bv=131.0.0.0&dv=p&ce=t&purl=https%3A%2F%2Fwww.btimesonline.com%2F&tzo=-0800&c=c&strg=true&pitc=84~CMFwRI4oMKFzI-ywQJkOBwU0PlrjgL3G&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=1E07vRV47SlBuuIav52vKacUHBiRBQy-qmxoMRxuIls1YCLGIcRhUaD1hWb0AY6HnEpplxxcKRG2IeBnkqd8ZDxnd7DobXYNlQZO23vg05JjIEVI5wssu3t6HFyUL--Bj0VhwrqiC4CpDU1Dl1xC6LQk32M76bQm&rsk=55&rcs=HHlBetKNe5_btfRsAkXk2Q&cuid=793acad7-aea6-4421-991b-d40ca6c2cb15&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ddcda92e5d4aad31f570eac6729253a7bff47dd69a09896b8468d93341e4a55

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache,no-store
content-encoding: br
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 8e7fba8bd95aa250-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP NID OUR COR"
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: text/html;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: cloudflare
content-language: en-CA

GET
H2 200 AGSKWxW1pT-DNgE9BlJWHI1I5zC7GnOjjWDizx3KMmY1UrnT3Swt9ITOyax_iO0C8U_xeac_bE-3AVX2VjXcBOljawMXDtOKRhcM-jBfVACB69OkUwWmCACRwfuDS5hPHLqTg8cmTa58Ow== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 68ms
67ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW1pT-DNgE9BlJWHI1I5zC7GnOjjWDizx3KMmY1UrnT3Swt9ITOyax_iO0C8U_xeac_bE-3AVX2VjXcBOljawMXDtOKRhcM-jBfVACB69OkUwWmCACRwfuDS5hPHLqTg8cmTa58Ow==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNTE3Njc5LDk4ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuYnRpbWVzb25saW5lLmNvbS8iLG51bGwsW1s4LCI5ejVrZGR0S2ZVbyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c45b8299310eeae315c57e77386c4a2ded3c1d50d6c8ecc6ac8a533bd94ea221

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H5mEfUC2kk9dpYB9Kp8eCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAeLbTVdYHwMxw9crrBxALMTNsWHfhF1sAj_-H-VT0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjE0NLTUMzCMLzAAAAwmQc0"
content-security-policy: script-src 'report-sample' 'nonce-H5mEfUC2kk9dpYB9Kp8eCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 84D7 0
0 178ms
37ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.btimesonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 06:30:18 GMT
expires: Mon, 25 Nov 2024 07:20:18 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 412 KB
45 KB 172ms
171ms Fetch
text/plain 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3907910928481&correlator=1324270769840208&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&gdpr=0&iu_parts=21742153867%2Cbt.en%2Cmain&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=300x250%2C300x600%7C300x250%7C336x280%2C300x250%7C300x600%7C300x1050%7C336x280%2C728x90%2C728x90%2C728x90%2C728x90&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1732517680011&lmt=1732517680&adxs=1015%2C1015%2C1015%2C215%2C215%2C215%2C215&adys=1498%2C2207%2C2890%2C1142%2C4041%2C2442%2C5245&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C0%7C4%7C5%7C6&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btimesonline.com%2F&vis=1&psz=370x38%7C370x38%7C370x38%7C770x0%7C770x0%7C770x0%7C770x0&msz=370x0%7C370x0%7C370x0%7C770x0%7C770x0%7C770x0%7C770x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&td=1&egid=35336&tan=9cd08a73-75ea-4db1-9f6f-b9e37adf2abc%2C9cd08a73-75ea-4db1-9f6f-b9e37adf2abd%2C9cd08a73-75ea-4db1-9f6f-b9e37adf2abe%2C9cd08a73-75ea-4db1-9f6f-b9e37adf2abf%2C9cd08a73-75ea-4db1-9f6f-b9e37adf2ac0%2C9cd08a73-75ea-4db1-9f6f-b9e37adf2ac1%2C9cd08a73-75ea-4db1-9f6f-b9e37adf2ac2&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732517678467&idt=1176&prev_scp=poz2%3Dright_top%7Cpoz2%3Dright_middle1%7Cpoz2%3Dright_middle2%7Cpoz2%3Dcenter_top%7Cpoz2%3Dcenter_middle2%7Cpoz2%3Dcenter_middle1%7Cpoz2%3Dcenter_middle3&cust_params=cats%3D%26keys%3D%26vsb%3Dvisible%26ar%3D0&adks=1541589494%2C315037922%2C2472473908%2C1336461009%2C1262976608%2C1183387258%2C1848515311&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d8d147b199a8beafa8b04ca62c324c95dea1669ce15882b3de183682a1a8c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
google-lineitem-id: 5325920116,5326277732,6079493508,5453077633,5453284493,-2,5453082400
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138306492583,138306109215,138400263786,138333582277,138333151160,-2,138333575347
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.btimesonline.com
content-length: 45858
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
96489a2c2a9ad550b591b4d6e7a95ecb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0751 0
0 257ms
70ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://96489a2c2a9ad550b591b4d6e7a95ecb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.btimesonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 06:54:40 GMT
expires: Mon, 25 Nov 2024 06:54:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dcl.htm Show response
rt3021.infolinks.com/action/ 0
40 B 153ms
148ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3021.infolinks.com/action/dcl.htm?rid=6dff43e5-279e-4c24-ba2a-c3e13328b05c&jsv=1970.003-4.011&capara=%7B%22failedAlgos%22%3A%22aapalgo%22%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache,no-store
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 8e7fba8d1a09a250-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: text/html;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: cloudflare

GET
H2 200 dcl.htm Show response
rt3021.infolinks.com/action/ 0
145 B 75ms
72ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3021.infolinks.com/action/dcl.htm?rid=6dff43e5-279e-4c24-ba2a-c3e13328b05c&jsv=1970.003-4.011&capara=%7B%22failedAlgos%22%3A%22palgo%22%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache,no-store
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 8e7fba8d2a0da250-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: text/html;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: cloudflare

GET
H2 200 getads.htm Show response
rt3021.infolinks.com/action/ 0
47 B 150ms
147ms Script
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3021.infolinks.com/action/getads.htm?hks=%5B%5D&rid=6dff43e5-279e-4c24-ba2a-c3e13328b05c&jsv=1970.003-4.011&sr=1600X1200&rts=1732517680165&cfv=-1&cb=getAdsResponse&os=Linux&ov=x86_64&br=Chrome&bv=131.0.0.0&dv=p&ce=t&purl=https%3A%2F%2Fwww.btimesonline.com%2F&tzo=-0800&c=c&strg=true&pitc=84~CMFwRI4oMKFzI-ywQJkOBwU0PlrjgL3G&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=1E07vRV47SlBuuIav52vKacUHBiRBQy-qmxoMRxuIls1YCLGIcRhUaD1hWb0AY6HnEpplxxcKRG2IeBnkqd8ZDxnd7DobXYNlQZO23vg05JjIEVI5wssu3t6HFyUL--Bj0VhwrqiC4CpDU1Dl1xC6LQk32M76bQm&rsk=55&rcs=HHlBetKNe5_btfRsAkXk2Q&cuid=793acad7-aea6-4421-991b-d40ca6c2cb15&li_in_us_res=null&hbnr=true
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache,no-store
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 8e7fba8d2a0ea250-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: text/plain
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: cloudflare

GET
H2 200 dcl.htm Show response
rt3021.infolinks.com/action/ 0
40 B 149ms
147ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3021.infolinks.com/action/dcl.htm?rid=6dff43e5-279e-4c24-ba2a-c3e13328b05c&jsv=1970.003-4.011&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A0%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache,no-store
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 8e7fba8d2a0fa250-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: text/html;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: cloudflare

GET
H2 200 getads.htm Show response
rt3021.infolinks.com/action/ 13 KB
6 KB 441ms
439ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3021.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IF_RIGHT%22%2C%22bdc%22%3A2%2C%22prod_t%22%3A%22f%22%2C%22garc%22%3A0%2C%22as%22%3A%22160*600%22%2C%22nom%22%3A1%2C%22sdata%22%3A%22king%22%2C%22scs%22%3A%227_Y-TdhdpV%22%7D%5D&rid=6dff43e5-279e-4c24-ba2a-c3e13328b05c&jsv=1970.003-4.011&sr=1600X1200&rts=1732517680168&cfv=-1&cb=getAdsResponse&os=Linux&ov=x86_64&br=Chrome&bv=131.0.0.0&dv=p&ce=t&purl=https%3A%2F%2Fwww.btimesonline.com%2F&tzo=-0800&c=c&strg=true&pitc=84~CMFwRI4oMKFzI-ywQJkOBwU0PlrjgL3G&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=1E07vRV47SlBuuIav52vKacUHBiRBQy-qmxoMRxuIls1YCLGIcRhUaD1hWb0AY6HnEpplxxcKRG2IeBnkqd8ZDxnd7DobXYNlQZO23vg05JjIEVI5wssu3t6HFyUL--Bj0VhwrqiC4CpDU1Dl1xC6LQk32M76bQm&rsk=55&rcs=HHlBetKNe5_btfRsAkXk2Q&cuid=793acad7-aea6-4421-991b-d40ca6c2cb15&li_in_us_res=null&hbnr=true
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e51adc221d952b9c4cbe505ef8746af1807be1538fcb7e69696eff522c7d39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache,no-store
content-encoding: br
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 8e7fba8d2a10a250-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP NID OUR COR"
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: text/html;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: cloudflare
content-language: en-CA

GET
H2 200 any Show response
idx.liadm.com/idex/did-004d/ 126 B
545 B 339ms
71ms XHR
text/plain 3.221.57.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/did-004d/any?duid=9f1e706a1e4b--01jdh1kn1x5yabyk2235n1rng5&did=did-004d&cd=.btimesonline.com&pu=https%3A%2F%2Fwww.btimesonline.com%2F&pv=433a0b7f-382f-4e9b-bf1b-b4a321836a95&resolve=nonId&resolve=uid2&resolve=index&resolve=openx&resolve=pubmatic&resolve=magnite&resolve=bidswitch&resolve=medianet&resolve=sovrn&resolve=connatix&resolve=thetradedesk

Requested by

Host: d-code.liadm.com
URL: https://d-code.liadm.com/did-004d.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.221.57.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-221-57-175.compute-1.amazonaws.com

Software

Resource Hash

756fe023306e11da3ae176e5fef4d20f40438a4b48dc8ae6fa7173c458b0d32b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86399, private
trace-id: f405de8cf41efafc
request-time: 3
access-control-allow-credentials: true
expires: Tue, 26 Nov 2024 06:54:40 GMT
access-control-allow-origin: https://www.btimesonline.com
content-length: 126
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: text/plain; charset=UTF-8
vary: Origin

GET
H3 200 AGSKWxVtYoNPXgWr1i6Bcix1WnKDUSysbKeH4CMChjbwO-5PtGV0GGrJjvsxSlX99fpDWHSWfiekhAqgnV2CHHKHoJUlGhx4FY-TM8CiVRLWw4XFbxX8LLcIrYX7gcEmB08VuPMCVQ6vMg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 74ms
73ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVtYoNPXgWr1i6Bcix1WnKDUSysbKeH4CMChjbwO-5PtGV0GGrJjvsxSlX99fpDWHSWfiekhAqgnV2CHHKHoJUlGhx4FY-TM8CiVRLWw4XFbxX8LLcIrYX7gcEmB08VuPMCVQ6vMg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNTE3NjgwLDE5NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LmJ0aW1lc29ubGluZS5jb20vIixudWxsLFtbOCwiOXo1a2RkdEtmVW8iXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1884e952b422942fde5d5d4b86d928a385f454c96cc95306db7c00b75c756df

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o0vxCa8HUllaS6fEZtGqqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAeLbTVdYHwMxw9crrBxALMTNsWHfhF1sAg8ezCpR0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjE0NLTUMzCMLzAAAA6NQdU"
content-security-policy: script-src 'report-sample' 'nonce-o0vxCa8HUllaS6fEZtGqqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 257 B
105 B 145ms
143ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fwww.btimesonline.com%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

127a5df75234fb0e1152ef43d505b2951c82f33f71a06cf2c6abb96732fd3e8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:40 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 80
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F139 0
0 70ms
69ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3-evm7zqiPk5wHdi4Qw6BjEC5_oYWRTd9nUkBmWVUytdNR0mwjJPGPkDi9OGDOzcQXcglk6PdCjPtsyJdCeI0QhZH5XKkqtnMIBXhuHQkQY4WFWwI4U2hFkdDdxirws0SaOGvonCmhzCfjuYXmFPbXz3-AtjDL64jIeovY8uqL_QjH9arughLm6VxD585Oqns2JbgX8p-yLLFfviYrRD6k3c6mrR85noQ19JGvZLeDtG6wPSLOjxsTTk_-wj6oY0jZtO4ycDNEUZCawmfyt7Otq7EpO-fc8Kcvf0yVY6SDiw-0ETEBHGsi2_40tKE3O0Zl6ausALFquZ650Im_W2cj52gf_TkAPkdfu5uLJUsDo_krV04tHR1NlPDpeSsKvkh59knHsZ8KvVxJ4ogYo2rBw&sai=AMfl-YQU6hcHBoLqbzQlXQrd-yylJfRZF5irYYGsRUubxBF9fcr-mDtN6fNrnqfG3N28zUFiMSM312r1xyW0ehYjPkLv4o5pC9kqRtnShgD-0cqqcNXFpHeZKwckU9s&sig=Cg0ArKJSzCILVumwGT38EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/ Frame F139 23 KB
9 KB 221ms
45ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

250210a531956f2cb9ba81de8405e3b4bfdbc9b70d26ba260b547885f866ec1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 11581923691383104463
age: 3907
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 05:49:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:49:33 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9052
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame F139 3 KB
2 KB 217ms
42ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 6567774568227038691
age: 3849
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 05:50:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:50:31 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F139 217 KB
67 KB 38ms
34ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 12158714353530318320
age: 3428
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:57:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:57:32 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69014
x-xss-protection: 0
server: cafe

GET
H2 200 17683306427365514567
tpc.googlesyndication.com/simgad/ Frame F139 43 KB
43 KB 280ms
109ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17683306427365514567

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b356d52b386d479a2c429e80bdefb8997ec43275fc6532f26d1e90a124168830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: image/jpeg
last-modified: Thu, 12 Mar 2020 20:11:29 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 44066
x-xss-protection: 0
server: sffe

GET l
www.google.com/ads/measurement/ Frame F139 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 82AD 0
0 75ms
74ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstj5UEJi0a5DIY2SDiztfSC5_jlJla6KFETykIJkjF6UxSbBPNPfvyTRTUZB57iqMGNNSiEI8vWMAEi26O1_FevgYwuZbJEZN8ms4Yh90-lc1AGcKDJIhNgquwx1U_upozBVgVhbppw6El0eJ0r-Sb6kMqUbzaw3OKpeiEQr0OL9Sxr1AyDRBlTBV44d2_Vdm1EaPbnxVMysHZDJHBV9JF1tqX5UKMG5pJ_isDqQiohQkP1BZuQCrvjsJf5Bu2aFB3pKdn26GUL2bAsC93vshtvZV5r3HX0bZsXxlddeO0q95zWwkRtF90xLkSIks-NSG08Ve3Xy_V2f1eomQ3dFoClZYDDKHL8CFAQIR-yRQ5QJ9piHo7XKHEH-f28P6XxYKqt16wvLO_Rzyv5R-dBvA&sai=AMfl-YTo8Dh40LcV3MdjCBXkNRd9hxDwN4OOzoB5wibDQEkKugKUdPjb_o5P90QGV6iNdJahibiqOGEqvvmebWWu4gebyx9KihDfoKD9qT66ZedodGyOjhyRjAHgPo8&sig=Cg0ArKJSzGf02q0JYyDYEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/ Frame 82AD 23 KB
0 207ms
207ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

250210a531956f2cb9ba81de8405e3b4bfdbc9b70d26ba260b547885f866ec1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 11581923691383104463
age: 3907
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 05:49:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:49:33 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9052
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame 82AD 3 KB
0 202ms
202ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 6567774568227038691
age: 3849
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 05:50:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:50:31 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 82AD 217 KB
0 24ms
24ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 12158714353530318320
age: 3428
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:57:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:57:32 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69014
x-xss-protection: 0
server: cafe

GET
H2 200 9982817145814227305
tpc.googlesyndication.com/simgad/ Frame 82AD 69 KB
69 KB 275ms
117ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9982817145814227305

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da9f1425aef53002506431cf0313f39a55dbdf30629db0b8fdfdfe85c08b0fa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: image/jpeg
last-modified: Thu, 12 Mar 2020 20:12:52 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 70959
x-xss-protection: 0
server: sffe

GET l
www.google.com/ads/measurement/ Frame 82AD 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D8E1 0
0 70ms
69ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIQTL8NQPkZlyXZu6nXJpKKRA50UQDMyXGnG1quPa9eeM87SyEzZ0p9zWgypYbDqpqf9pyxvgkqvHjm1iQ6k6305pezGX4PPIetggWc1khPu1eIcSGhI6foehsA5pAQ_yOzRFKobhpx_k6-3xLnb9P9-ZqDb6FNVpZ7xa0cTdizlVVylT-rl3agEcXXbBsUBETCXzoLj8XAnx0Aj0xuvujlABrfHpyuU-C-9jMZCSsFXs7BdH58-jttGjKkKG74JaroJ-5w9--U8hhOX0CmAfixhiVC567OP2370l5tp0TV0xmLM19EKsVFFzSq_5iyIvYzyCUwu38LrF0diT5rBA8fkuUKQLpMCDvxTcI7iTb2ljql0rja-Q4jjmZnIJ5naMAhG5CA9BcHIv_OcQ&sai=AMfl-YR9R5oH4z5WU6HSTbEbuNWN5rRm4A0hauvoyNsOfu_qcpZ3Zc4lZFi0cJOGWCsmlyZKaDxz-NpsbTH5r1mWnIV7Pl_9J4kRLhLluHmLUiJb4zPt4v5WFJI0d5A&sig=Cg0ArKJSzI1TXw3e3rEyEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/ Frame D8E1 23 KB
0 50ms
50ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

250210a531956f2cb9ba81de8405e3b4bfdbc9b70d26ba260b547885f866ec1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 11581923691383104463
age: 3907
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 05:49:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:49:33 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9052
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame D8E1 3 KB
0 41ms
41ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 6567774568227038691
age: 3849
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 05:50:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:50:31 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D8E1 217 KB
0 14ms
13ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 12158714353530318320
age: 3428
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:57:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:57:32 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69014
x-xss-protection: 0
server: cafe

GET
H2 200 15563886799402096394
tpc.googlesyndication.com/simgad/ Frame D8E1 79 KB
79 KB 236ms
145ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15563886799402096394

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49beb3cf1a0e841ef59c2a948018cb7b50435fa0910d7c98f46a74b853ca8562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: image/jpeg
last-modified: Sat, 05 Dec 2020 02:02:03 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 80575
x-xss-protection: 0
server: sffe

GET l
www.google.com/ads/measurement/ Frame D8E1 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C708 0
0 68ms
68ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulLMARXnC0dcQ9JdkLgszdfEslQ5QDcGnsK_QF1qr3U8em5iB9Previ3xUd5EggjBpK8ZGRbf2L6hqKoHuk1KZJ9f9HuTudfgWbT-nVdTpU_zdogO2XWaie3IouXZtdbbp0tNi8zQzg3RCteiuOsLyBNz_1e551m9fqrzF7Tljx9hQVBO1MgRbmBREi14zFaxe1QkBy3R1x45VAZNmAf04ejBMUNUbCS2Q8MLHJczPMfCuHodVIgSl-HRZFTZSJPQUqOi0KNPdAuhbrZZ1G9_1Rv-_F8zfAx4ddqADbtFSw7tP-2BQn5ma4qDJ5JRvAlbegUuX8CfbQFT-x__i0eDMXSoJS86yi7g6slnvWEtVMz_EP6ACz1bKVAFFisXlOUuy8MUExuTjY6A&sai=AMfl-YSL-yqjm0I9YNc8BOLuIQaJ5VvfIed__ECji0CNWaa1lUiBXRVp4vsythpVTCaejMZFE3-YaWCnB5uwlOhDfRfPHTvK1ITw5l96GIMoqEl5z3d5hJy9k9B9MKc&sig=Cg0ArKJSzETRBZrxVP8WEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/ Frame C708 23 KB
0 52ms
52ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

250210a531956f2cb9ba81de8405e3b4bfdbc9b70d26ba260b547885f866ec1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 11581923691383104463
age: 3907
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 05:49:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:49:33 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9052
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame C708 3 KB
0 44ms
44ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 6567774568227038691
age: 3849
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 05:50:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:50:31 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C708 217 KB
0 6ms
6ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 12158714353530318320
age: 3428
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:57:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:57:32 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69014
x-xss-protection: 0
server: cafe

GET
H2 200 9045868915003687821
tpc.googlesyndication.com/simgad/ Frame C708 124 KB
124 KB 162ms
70ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9045868915003687821

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

824250a997f305f02452f189ef9ff91a066fecc2551c0624836cfc033d4039d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: image/jpeg
last-modified: Wed, 03 Aug 2022 15:25:25 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 126793
x-xss-protection: 0
server: sffe

GET l
www.google.com/ads/measurement/ Frame C708 0
0

GET
DATA 200
OK truncated
/ Frame F139 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27d53e5ecb8ce0db8c7699670da9dfdbb18661c869c250648e880c46d2dfa018

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 82AD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3eba7a304007b0f76d3bddee25e0d7b3e7e6947da7d7aff77bf17995c672358f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D8E1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fed0f7c8efe71167979b3dbda13df93ad82e01d3a5b2898b7e1604f14cf0a3ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C708 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05ef2582859808f502fd9305963527f1c3ad45e6905a45d567a128ffa67796a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CD83 0
0 76ms
70ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoGpm0J4WL_FBbITLBU-V2n-aRGz3U-55C5ibjAi0ARsOoBA_K44agAWKCbJT8NI-EqflAJjSnTCQApmRrl4suingNAy3zNFUHyfwOdvxISYhkQW2XCOD8b3n0MrPQsaqaWTk_z-y1ja28bUFsLGbpk1DkTo86hWCytMflZj7XvKjIvj34zWmz8XtLW0srUqBCIS-OxcjOLWkaUEffdS4_3kLX4csXCbf-mXp8Id0MwEBo5Y090cG-c5dj4low9SoEWkfHOwPjBXRl9eRo10TkXgdXl1hYvD7V64V_wrpg5i9Jf4u_zZKHkxX6dsYLE0ujSyna247nMIWFuRmjg8xpyvfcs4ukAr0y3mLIn_oi8XfVeXoIs70lArx2krkyyFFQryxdud2rmDNOt-s&sai=AMfl-YR8_8CS2kt1azEbdmy2K-3V9_AYatQLyaeZmJsqM0eM2ypaxKF7B6E16vuOdWypoQ72sjNrL02J2KAuSLqgcSCEJSmV_ZRBdfdcJe77ZZvAjBFtvlOS_YmK4Xw&sig=Cg0ArKJSzAijJ6kG6yckEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/ Frame CD83 23 KB
0 54ms
54ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

250210a531956f2cb9ba81de8405e3b4bfdbc9b70d26ba260b547885f866ec1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 11581923691383104463
age: 3907
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 05:49:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:49:33 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9052
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame CD83 3 KB
0 48ms
48ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 6567774568227038691
age: 3849
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 05:50:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:50:31 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CD83 217 KB
0 7ms
7ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 12158714353530318320
age: 3428
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:57:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:57:32 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69014
x-xss-protection: 0
server: cafe

GET
H2 200 7358126765353550004
tpc.googlesyndication.com/simgad/ Frame CD83 83 KB
83 KB 164ms
124ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7358126765353550004

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9492fbc76fed045b1a2af52e1053c97199ff76f1e3fc4e2e1bdc36d318230f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: image/jpeg
last-modified: Sat, 05 Dec 2020 02:01:11 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 85105
x-xss-protection: 0
server: sffe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AFEB 0
0 85ms
83ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEc1GHWs9qH832uukk0To0nZb49T8UPAywC-0jsEbErmHZXmw8YH7U5SWtlzA7A3ioIhOwjmzVQVUzsGGGSQFbK7bF3zKVWFRLbVKnuTYJsQ0fvth9302K0xQlbF5QPqEfIwgi7gfOqkOk8Pt5iFwfcImHauHSO3nu0J9ohqigBkrbwb-uwc0siojsYMZXo2ykXXA207ehDvDn6cHQFAJXpdKD-Se-8Ky250aPRrTqTPEk3ySlDE3WKV9V5LwUImXx3-DeztJoNv4nQYUhjL_olV4LBrRl5h_OIOupOxYIpxe9aruCdScDJIpMPfl2g7QbnDCjt4hsywby3Z0KGk9-vm7Kkuo05WIA1NtYUqo6sixA18c13wac79K4tgHbOwlLTWxph07O952ijkY&sai=AMfl-YSZPJAh2rx78jLmXjz4AzcvxK_CzG9yp2e2yAKZ9S67TIYWzfpRfjBDCpvDb9qqGEwUJWyZrjbOI_Wu3dM_bjLciDGA5ZTwrqgV9NHQIE3qqwgasti4KV1aSxQ&sig=Cg0ArKJSzEg_59xKvia9EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/ Frame AFEB 23 KB
0 57ms
57ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

250210a531956f2cb9ba81de8405e3b4bfdbc9b70d26ba260b547885f866ec1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 11581923691383104463
age: 3907
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 05:49:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:49:33 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9052
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame AFEB 3 KB
0 51ms
51ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 6567774568227038691
age: 3849
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 05:50:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:50:31 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AFEB 217 KB
0 2ms
2ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 12158714353530318320
age: 3428
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:57:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:57:32 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69014
x-xss-protection: 0
server: cafe

GET
H2 200 17416713843721013763
tpc.googlesyndication.com/simgad/ Frame AFEB 99 KB
99 KB 107ms
65ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17416713843721013763

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

962808cfd3c1c02d18d101ff28b912f06a4ba7809f1f2bb7e54c22912613d200

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 06:54:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: image/jpeg
last-modified: Sat, 05 Dec 2020 02:03:04 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 100913
x-xss-protection: 0
server: sffe

GET l
www.google.com/ads/measurement/ Frame AFEB 0
0

GET
DATA 200
OK truncated
/ Frame CD83 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d91b9bfbc1fb22b5a847bc3c78c0eebb088b19d06c485d1a5bfc844d1367d382

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AFEB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebb1affa1eae0a237a753a3ecb1a72cf275a5a592d734614726bc85255d46626

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82AD 0
0 143ms
138ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F139 0
0 164ms
52ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C708 0
0 196ms
55ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D8E1 0
0 218ms
47ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CD83 0
0 279ms
79ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFEB 0
0 298ms
48ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AFEB 0
0 58ms
57ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2yVSe75lkYd1ye32g9atuQz27I28OchtkaODOanj_I1csMKLvOsRFZ0rgECW_PcmbPRPTwYUOaLHKHZ13VsU-DpRKtZiZiyDh9omcdrbtAaION3nMJZIV_RxDwPPU2yARvxRuTZ0Fv2WH66Lbz9uhcUU4KnXzlya8e0lsir-eQGSAky_znFREEqyC0ao8R946s8l44xpwiWDJOw-9gtxb0KUD8vF7WANgF1T5DV5Hqhx_EEot1DysvsAEXtqPndGX163djTxgfUJMErSM0nR6XOBKsQfq6mM2ZUn_XY5dTek2Cid4Tnk6Tw8_EOqu0RMmHEVjXVbbAFortDDzAIRp0uZ4LzWGba3WsVKP_wUNlwhIGibV9P74HXullejCsAc-AL7kOtpDWos5nVNKbQ&sai=AMfl-YTuShBrHjVSlahIXMX66_HyeLMsgGuT46KDOH06D_WKGc2TjW3U2tq-Fs_3xtSwLp5WKfnJ2UzYzHxiynkT1q5ZLTT2FVGgPK96Tx7RUrmVJCzDuxESb0pDQAk&sig=Cg0ArKJSzO-wP_2t8RoMEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:40 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 adview.htm Show response
rt3021.infolinks.com/action/ 0
213 B 78ms
77ms XHR
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3021.infolinks.com/action/adview.htm?rid=6dff43e5-279e-4c24-ba2a-c3e13328b05c&bdc=1&midx=0&emd=Mjkyfm51bGxfbnVsbH4wZGI3ZGEwOS00OGZlLTRmOWEtYTQwMy1iOGE0YTZiYTBkNjI&rts=1732517680622&prod_t=d&jsv=1970.003-4.011&skin=sidebar&theme=nologo&sdata=apple&scs=SSJaLu9G_D&rsd=1E07vRV47SlBuuIav52vKacUHBiRBQy-qmxoMRxuIls1YCLGIcRhUaD1hWb0AY6HnEpplxxcKRG2IeBnkqd8ZDxnd7DobXYNlQZO23vg05JjIEVI5wssu3t6HFyUL--Bj0VhwrqiC4CpDU1Dl1xC6LQk32M76bQm&rsk=55&rcs=HHlBetKNe5_btfRsAkXk2Q
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache,no-store
cf-cache-status: DYNAMIC
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8e7fba8ff9a3ebb9-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.btimesonline.com
content-length: 0
p3p: CP="NON DSP NID OUR COR"
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: text/html
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: cloudflare

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82AD 0
0 53ms
52ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F139 0
0 100ms
48ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C708 0
0 180ms
92ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST 535.json
id5-sync.com/g/v2/ 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D8E1 0
0 222ms
48ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CD83 0
0 268ms
48ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F139 0
0 74ms
74ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuM7nZ8iv55w-N6h9qTaTETOibgjIXL3DqEGy0ywobWtOtmNm40OpoftzUNftFotzYLcoPdDfJ63UCGCbTbbP6Wuv-FGshLJP19ADVU6beLcG2fcoWAE7U-uNmmsUFXdT80KOOhkXc38EB7T7WS5kGvoJ7csYW1p-sanbjYWwYGbrm4sbgjzFfNRLevK_CoWftdSfMY4-E4hFYlNnKRvh84eg-jOan2rtRqjTAZkfk4fMb7Cfz5QOh7OWd3wC3UQHN7pS_kCbZ7We1vKpRjMz_18o7MnDECCC3biRUy3-6P6yDpXtTQQZJrX2_Nu9GZco6aElgu9XLMTRDZjNSAndoeDvgIJIWAcNcyDyYfYtUIDDXQTiYa-p3ZjJOAJ6C4L9GwuBW4-uvkNW0T8r1IKWubxwYH&sai=AMfl-YQ1_RmOlIPDd6RWIWhUyQAOJQkidcuZkLYBpY0xL54uoBAFlyNt9RWVNxQHm1wKJEpPPmVzeQXE5hXd8GiFVcSedU95-JGmzY0O7ejuY14osXvsQ9Aph2IqMdw&sig=Cg0ArKJSzPdwUgTpMRO_EAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:40 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFEB 0
0 315ms
56ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 82AD 0
0 63ms
62ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIG6idXlL4YauSd2JJmsqlNaDShFQyVI9Ec8artGVAr5T5fntFyt337tkTzPqahVWhwGE8VKPY91bH5sp5lTkJMKOcJDTh38fzJ4bqnWIrxhkzpqSr0Gauh6GT5Ke5LoKEQ4GfHBs6vEShmEYCbInHSiurUHna8SioP2vyKICGMSvdadQQQr7XaoZke1uxRUiiNjwmD-4HjbYV6YEjKu_Og9Fv43HrOJDhauqLRn369NCC6J-m1zhMgRLBzmSzP-AVLqvqyp21-5wtQ5fAlRz3oS7UrRPbDefQyfzsjPQ-eYeLGiFWlzGAF8I_hgGX_ybTo11X_-1SdvjBtz_zB45i-37fU3L-yVFMwxpbqspc1f3HWIMk_vz2_a45y_qwsaKRT9FAe58Dnkjs6qL4Yrqu&sai=AMfl-YSVmN33SeAbZQtKsowIy7aiH2XrZh_7ahizz7OuG7TbXRYSiBST7gZpTBhjMXYJGNpSbU1AzhTG0p0_WfdbiozGYK_2_dXlaPQ4YvAI30QXMuVgypUhGdyIIbc&sig=Cg0ArKJSzLLvrQVYVAOYEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:40 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C708 0
0 59ms
58ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIpfMcq3jE_ET_AUCdluAD5F3YZgdH0KHdkkh3lnLW9r5iKwMr0BSMXIe4DeJGloXtUUjjJ0ZUlQiF1E9LjbkrZ9zlmhhjH4i_LmNxVk5ut3n_xqOJIEwmwQS3gHYgpU184o5f1H7yPnY8P4FxtYJAf697jfy44EV1Yzgo5F7jaNuIjL6qBl2_gbrEszNtQopuN9fPwceJi7udgLIP68kDqQwKFk7ZPZ1nGkf6Ezk2oYSjYuJIg3Ad9oYpNlmAwHzvNfJqyqA_mn6W6bW6plYghzJOvMg6y7SSO0YG1ST9h4v16JboYeLIJLh5HztSsnZwNQ0wQ-Ak3zpNuy5ZP7KeStlPDqTq19eI8Jn__HlA0aFNVOFhCft953wo6asySudhcLMcRgUMKym7Zg&sai=AMfl-YQUrT1sruSjcO4KFZLnHkb4uQrhRoCz2_-SW-r6_EFUXY9jk_-nllHnmhF4ca6FKAJbJZ2AGJYpDlNH2MHQXvBE_Rti8HCOGWxv8_bGp4UdmEVK5fKRttkz5Es&sig=Cg0ArKJSzChBMAeCJUpaEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:40 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CD83 0
0 56ms
56ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueWigGLqm7RFMseva4ANgBY1Opj6iLRRZluvp5KbY6y0RArmce1xjGharJt6yXD33QNIAHIjtdxV4swxf7X1uiDk61z2kI03qC9HxBkVoevwtbLKDKvUt0mw2urMI81FeoG-AgxA-vdzpRiA_SH1Y9HbS_9yBtJK1n3YWsb16KNsy56eOcTijXO5_ZMdpbNo-qt_k-tf4c1YeyndSgBk2-8LakFIZXlRzYT02xfiaxodZpUPuocQqF3RgbZ9WcAuj5XlMA2rtaBO7kn86XdjD26dq_TJ99k770X3usfQ7TigXwoLI5GRseCeDIzwhO9TC1jTmbTU9Ob7RR-8OY9M_AmwwjNIgUHGqCDfLMvVD3gdoVy58FrIFkv5eX6kYOHToub1RZLOoS5-C_BMdbTQ&sai=AMfl-YT_tzBEK17RdgJSGhig1lxoqoabooqQBPsSdZvDBfN7cwesoVcfG_zCBASb4J91-PM38T0cU54Md9kQSr5W1O5vhwBY2C1S6ty5CFOblD4Xo_CMKOw8WmDTqoU&sig=Cg0ArKJSzJ3km_tF29wUEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:40 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 p-y6Nyh2U0YDhwK.gif
pixel.quantserve.com/pixel/ Frame 32CF 35 B
339 B 226ms
54ms Image
image/gif 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-y6Nyh2U0YDhwK.gif?&media=ad&p=0.427&r=758704&rand=858187888&labels=_qc.imp,_imp.adserver.rtb,_imp.qccampaign.9059957,_imp.flight.0,_imp.lineitem.0&rtbip=192.184.73.143&rtbdata2=EBc6HGh0dHBzOi8vd3d3LmJ0aW1lc29ubGluZS5jb21aJDZqbzNfX2RvTThXcWYyckg2WGxLX3NZNFVjbnNXbXFRNFpBPYABqqS3nAW6ASQ3OTNhY2FkNy1hZWE2LTQ0MjEtOTkxYi1kNDBjYTZjMmNiMTXAAfiHGsgBmKfnkLYy2gEqNmRmZjQzZTUtMjc5ZS00YzI0LWJhMmEtYzNlMTMzMjhiMDVjfjI5Mn4xsAIOyAIA0ALO4Yb7-J_3zKkB6AKmAfICDgimARD_kIzVsPrU1a0B8gIOCIG7KBDhqrr4sarJyEX4AgCKAwczMjk2NTU4kgMJaW5mb2xpbmtzmAMAqAMAsgMEpgDNDboDEgkNQMeUzQ8lsxHIjrchoX6mosIDEgmaT_5ICdq3DRFiDbqmpLgDpMgDoIDAE9gD8NCbmQPiAw9wLXk2TnloMlUwWURod0vqAwYIrAIQ-gHyAwloM2glMjAwYTH4AwCABPIYigQCNzeaBBIJfkFZIgFDxBERIcUb3FQCqaeiBBIJDUDHlM0PJbMRyI63IaF-pqKqBBIJDUDHlM0PJbMRyI63IaF-pqK4BPAQ0AQZ8gQCQ0GABQGKBSoyMGU3Y2FmODM3ZDUzZWNmMWViOTBjMTM3OWI3NTYwYjI0ZDYxYWI3ZGGQBQGaBRUg58r4N9U-zx65DBN5t1YLJNYat9qiBSQ2am8zX19kb004V3FmMnJINlhsS19zWTRVY25zV21xUTRaQT24BQDABZCv5OYMyAX1_KgE0gUGCAIQAhgK6AUHmgYUChIJfkFZIgFDxBERIcUb3FQCqaegBgC1BkKALjm6Bj4KAkNBEgJRQxiuzAciCG1vbnRyZWFsKgloM2glMjAwYTE6G2FjZSUyMGRhdGElMjBjZW50ZXJzJTIwaW5jLskGLEgymGs0kgfqBhVodHRwczovL2ZseXBvcnRlci5jb23xBgAAMphrNJIH-AYBgAcA&fpan=0&fpa=I0-916056253-1732517680714&d=www.btimesonline.com&et=1732517680714&sr=1600x1200x24&tzo=480

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-store, proxy-revalidate
content-length: 35
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: image/gif
attribution-reporting-register-source: {"destination":"https://flyporter.com","source_event_id":"545556141584809984","expiry":"86400","filter_data":{"label":["1B2M2Y8AsgTpgAmY7PhCfg=="],"pcode":["p-y6Nyh2U0YDhwK"]}}

GET
H2 200 adchoices.css
content.quantcount.com/adchoices/ Frame 32CF 4 KB
1 KB 259ms
63ms Stylesheet
text/css 18.238.49.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.quantcount.com/adchoices/adchoices.css
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-74.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a2982d1f827e63af430413250f64336eb291d3c88c91533ea3c4a556e3107b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-amz-cf-pop: JFK52-P3
content-encoding: gzip
etag: W/"e9cda1f80f07c09ccf744883048aefa7"
age: 78052
cross-origin-resource-policy: cross-origin
via: 1.1 547ed58ab09c3c811d28ab963755fcd8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 3TUYSTT8dR5-5hJvOGPCe6ufET0gm33nqJ81XnkC5DfVdVpyJdVq6g==
date: Sun, 24 Nov 2024 09:13:49 GMT
content-type: text/css
vary: accept-encoding
server: AmazonS3
last-modified: Thu, 09 Feb 2023 15:59:30 GMT
x-amz-server-side-encryption: AES256

GET
H3 200 adtag.js Show response
media.adcanvas.com/qU1tZUApy0e2/ Frame 32CF 278 KB
85 KB 186ms
62ms Script
application/javascript 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.adcanvas.com/qU1tZUApy0e2/adtag.js?gdpr=0&gdpr_consent=&gdpr_pd=0

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7fb38c6c48622f00fac04ca1f1378b1bcd321b176f9286b26ad142e6707b2d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"55d3fa27a67ad2b787b1ec7a96f523cb"
age: 375341
x-amz-version-id: null
expires: Sat, 30 Nov 2024 06:54:40 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: application/javascript
last-modified: Mon, 18 Nov 2024 16:26:30 GMT
vary: Accept-Encoding
x-amz-id-2: IupYlWWm3a1YslgM9VercNOuQ2BvQvJ7kkOiFTvVMv3rpF4hacKhaAAKmyMtlWeRhjaes0YWgVU=
link: <pack.acz>; rel=prefetch; as=xhr,<adcanvas.min.js>; rel=prefetch; as=xhr,<https://media.adcanvas.com/tracking.js?ad=qU1tZUApy0e2>; rel=preload; as=script;
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=432000
nxd-cache: YES
cf-ray: 8e7fba9158420fa8-EWR
x-amz-request-id: CEASA3T8JPPVAANF
server: cloudflare

GET
H2 200 adc.png
content.quantcount.com/adchoices/img/ Frame 32CF 2 KB
2 KB 259ms
63ms Image
image/png 18.238.49.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.quantcount.com/adchoices/img/adc.png
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-74.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b80e0a9102663e7bdec1f8dc01741171d9e8b40603550b6adbdef141e65fc811

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary: accept-encoding
etag: "be8b83ebe85cdd616b60a6877191ce5a"
age: 85684
cross-origin-resource-policy: cross-origin
via: 1.1 547ed58ab09c3c811d28ab963755fcd8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1828
x-amz-cf-id: 2XY74-vKii0bOfwIBssoZ8-We0Tj2eXcjRqrbrWPzElL1q0YWcMNpA==
date: Sun, 24 Nov 2024 07:14:19 GMT
content-type: image/png
last-modified: Thu, 09 Feb 2023 15:59:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
x-amz-server-side-encryption: AES256

GET
H/1.1 500
Internal Server Error moatad.js
z.moatads.com/quantcastv2691176990399/ Frame 32CF 0
0 331ms
122ms Script
text/html 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/quantcastv2691176990399/moatad.js
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Mon, 25 Nov 2024 06:54:40 GMT
Content-Length: 27
Date: Mon, 25 Nov 2024 06:54:40 GMT
AK-GRN: 0.b1593a17.1732517680.4628b859
Content-Type: text/html

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/2184108/81709832/ Frame 32CF 62 KB
15 KB 284ms
75ms Script
application/javascript 52.73.131.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/2184108/81709832/skeleton.js?ias_advId=${ACCOUNT_ID}&ias_creativeId=0&ias_campId=9059957&ias_placementId=9160212&adsafe_par&ias_impId=545556141584809984&custom=0db7da09-48fe-4f9a-a403-b8a4a6ba0d62&custom2=b3250fcd-94c7-400d-a2a6-7ea121b78ec8&custom3=p-y6Nyh2U0YDhwK
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.73.131.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-131-229.compute-1.amazonaws.com
Software: /
Resource Hash: a48f61544d9c68406c1113477c39e9fbe43588e081d792cdd5c097babc205720

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin: pixel.adsafeprotected.com
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: application/javascript;charset=utf-8
vary: accept-encoding

GET
H2 200 p-9fYuixa7g_Hm2.gif
pixel.quantcount.com/pixel/ Frame 32CF 0
38 B 213ms
62ms Image
text/plain 2620:116:800b:21:a021:b886:81cc:55cf
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantcount.com/pixel/p-9fYuixa7g_Hm2.gif?labels=_qc.spend,_qc.image.imp&rtbdata2=EBc6HGh0dHBzOi8vd3d3LmJ0aW1lc29ubGluZS5jb21aJDZqbzNfX2RvTThXcWYyckg2WGxLX3NZNFVjbnNXbXFRNFpBPYABqqS3nAW6ASQ3OTNhY2FkNy1hZWE2LTQ0MjEtOTkxYi1kNDBjYTZjMmNiMTXAAfiHGsgBmKfnkLYy2gEqNmRmZjQzZTUtMjc5ZS00YzI0LWJhMmEtYzNlMTMzMjhiMDVjfjI5Mn4xsAIOyAIA0ALO4Yb7-J_3zKkB6AKmAfICDgimARD_kIzVsPrU1a0B8gIOCIG7KBDhqrr4sarJyEX4AgCKAwczMjk2NTU4kgMJaW5mb2xpbmtzmAMAqAMAsgMEpgDNDboDEgkNQMeUzQ8lsxHIjrchoX6mosIDEgmaT_5ICdq3DRFiDbqmpLgDpMgDoIDAE9gD8NCbmQPiAw9wLXk2TnloMlUwWURod0vqAwYIrAIQ-gHyAwloM2glMjAwYTH4AwCABPIYigQCNzeaBBIJfkFZIgFDxBERIcUb3FQCqaeiBBIJDUDHlM0PJbMRyI63IaF-pqKqBBIJDUDHlM0PJbMRyI63IaF-pqK4BPAQ0AQZ8gQCQ0GABQGKBSoyMGU3Y2FmODM3ZDUzZWNmMWViOTBjMTM3OWI3NTYwYjI0ZDYxYWI3ZGGQBQGaBRUg58r4N9U-zx65DBN5t1YLJNYat9qiBSQ2am8zX19kb004V3FmMnJINlhsS19zWTRVY25zV21xUTRaQT24BQDABZCv5OYMyAX1_KgE0gUGCAIQAhgK6AUHmgYUChIJfkFZIgFDxBERIcUb3FQCqaegBgC1BkKALjm6Bj4KAkNBEgJRQxiuzAciCG1vbnRyZWFsKgloM2glMjAwYTE6G2FjZSUyMGRhdGElMjBjZW50ZXJzJTIwaW5jLskGLEgymGs0kgfqBhVodHRwczovL2ZseXBvcnRlci5jb23xBgAAMphrNJIH-AYBgAcA
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date: Mon, 25 Nov 2024 06:54:40 GMT
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D8E1 0
0 61ms
61ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbEtBKS0-RZtL85Tzw4ZBIlZhkbgmPw0Gh4ZaJYGAR-8HmVDijpCLItnHmlXX2n2xvUY4gX4M5VMtNx7QNUJlgii2DGJcxwgvB3aK9JRv1dbGe_60QBvPEze3xUw-txoutp5Ow1pg_sGXyOhdsF8gnBHC2t78pE4V_F5-YhZgWpw0S6jwaX510pQQo5Me5QPZE9nnukIYvYXaKipmGaUlUk00aXC5SHoXZ4GdpKraridvFZ4sdIAzxLmpnKYbWXtw6SnR6QjSuZco5wyVDGu5LCXXC16DzAQ9lMQkJDj607aoYgejKACsAFJmG3xHCUG7feWKCYsuUT_S-weRSZWO18d4F01Y0PdJVoF1WQQeVddeoQIoEpvuHHMInV9IiLa4WcQFFgN9DHnY_KwypdQ&sai=AMfl-YRd39WnhZ5OUTG8zBOc13eYkWcxKjdY_aWqsfFiZLHEpwsoV1s5OzW2MBFTQLOfjFPy-p06KJMoy7rgOVN9xXe3bPynUAV8mrWD1DIAGJdpd2wruYV-Rd32JYQ&sig=Cg0ArKJSzAvC1hpwmj2-EAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:40 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2

200

p-y6Nyh2U0YDhwK.gif
pixel-ssn.quantcount.com/pixel/ Frame 32CF
Redirect Chain

https://exch.quantcount.com/pixel/p-y6Nyh2U0YDhwK.gif?iid=545556141584809984&labels=_qc.extra_user_agent&platform=&platformVersion=&model=
https://pixel-ssn.quantcount.com/pixel/p-y6Nyh2U0YDhwK.gif?iid=545556141584809984&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=a799192b-624e-4308-9e81-f8d597db4e00

35 B
355 B

453ms
163ms

Image
image/gif

192.184.68.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel-ssn.quantcount.com/pixel/p-y6Nyh2U0YDhwK.gif?iid=545556141584809984&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=a799192b-624e-4308-9e81-f8d597db4e00

Requested by

Host: blank
URL: about:blank

Protocol

Server

192.184.68.228 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
date: Mon, 25 Nov 2024 06:54:41 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["Vb52oG7PLKi3AUt/PBV1EA=="],"pcode":["p-y6Nyh2U0YDhwK"]}],"trigger_data":"1"}]}
content-type: image/gif

Redirect headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
location: https://pixel-ssn.quantcount.com/pixel/p-y6Nyh2U0YDhwK.gif?iid=545556141584809984&labels=_qc.extra_user_agent&platform=&platformVersion=&model=;dip=a799192b-624e-4308-9e81-f8d597db4e00
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
date: Mon, 25 Nov 2024 06:54:40 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["Vb52oG7PLKi3AUt/PBV1EA=="],"pcode":["p-y6Nyh2U0YDhwK"]}],"trigger_data":"1"}]}
content-type: image/gif

GET
H2 200 adview.htm Show response
rt3021.infolinks.com/action/ 0
157 B 76ms
75ms XHR
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3021.infolinks.com/action/adview.htm?rid=6dff43e5-279e-4c24-ba2a-c3e13328b05c&bdc=2&midx=0&emd=NzY4fjcxNjYyMDFfNTMzODY2MTJ-NTMzODY2MTI&rts=1732517680751&prod_t=f&jsv=1970.003-4.011&sdata=king&scs=7_Y-TdhdpV&rsd=1E07vRV47SlBuuIav52vKacUHBiRBQy-qmxoMRxuIls1YCLGIcRhUaD1hWb0AY6HnEpplxxcKRG2IeBnkqd8ZDxnd7DobXYNlQZO23vg05JjIEVI5wssu3t6HFyUL--Bj0VhwrqiC4CpDU1Dl1xC6LQk32M76bQm&rsk=55&rcs=HHlBetKNe5_btfRsAkXk2Q
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache,no-store
cf-cache-status: DYNAMIC
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8e7fba90ca4debb9-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.btimesonline.com
content-length: 0
p3p: CP="NON DSP NID OUR COR"
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: text/html
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: cloudflare

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 74C2 0
0 54ms
53ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COzZ3AIQ9PjnAhjhgKydAjAB&v=APEucNUIbCOue6CWDtlYTcvH_EgiVMXD3xb7kDfjQXZgWKEghJVZbH4bwLHHFA1eQfcM7XXgiSo84bGOPObVmFHYwybPoL0vbA

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 06:54:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 57a6b102-af55-4aa7-a8a1-9962296a7c51
a5637.casalemedia.com/impression/v2/460422/85/ct21uc7pdr6f2do4r08g/ Frame 71FF 43 B
303 B 350ms
125ms Image
image/gif 209.204.229.80
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a5637.casalemedia.com/impression/v2/460422/85/ct21uc7pdr6f2do4r08g/57a6b102-af55-4aa7-a8a1-9962296a7c51?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1732518280&profileIDs=&creativeID=32e9d74&pubID=191306&format=banner&channel=site&ap=0.39&ee=1
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.204.229.80 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control: no-cache
Pragma: no-cache
Connection: Keep-Alive
Expires: 0
Access-Control-Allow-Origin: *
Content-Length: 43
Keep-Alive: timeout=1, max=500
Date: Mon, 25 Nov 2024 06:54:41 GMT
Content-Type: image/gif
Server: Apache

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71FF 42 B
63 B 50ms
49ms Image
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DbkjOIiFudD55faqgQ6Hjhnq3PEVbmvn7iSYyYBiybArb1YdnW35XSdPZaQYVb-O_wE7cHy6K71FxCUrwCoJCY8CtvZGRHBXmFJuohA7E-sWgLDV8

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 71FF 107 KB
37 KB 58ms
57ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c35480989c6c93f20e96bd236b3e7882ce0c0ee049a49f454223a3dd3680e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 7998746851681329614
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 06:54:40 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 37721
x-xss-protection: 0
server: cafe

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71FF 0
20 B 54ms
53ms Ping
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=130472989684&version=m202410070101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71FF 0
20 B 50ms
50ms Ping
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=130472989684&version=m202410070101&ct=76&x=13&cor=3220133032078685000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 71FF 86 KB
40 KB 228ms
81ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Acs3zsmIqvlcl00RAOiwaA57uX_ZOx29MvxgW9nDmzX4srn-EmyXjNGesr67m5n1XGIxze0Ei_6W-tYGqSqn_ZiU5RF1sQK1t0G4gjWj3O6S3_MWUA4mQKMMsUs18k8mCZo1wnnswvgqKP8_nK--1XGduG4CpS10O5cqboafwITmvwUfWynhf57VTixci0MkGPToj5ghvgXBX24LFziqjR_lC1pqn_6kWXoUQFvxFGQp8H-wY&dbm_d=AKAmf-Basx2losfZ1gP-xwzv4AE8WdKKGxbEbDNChqLDqeKODfTOmaUwovOM-9cSHVMeBswJpN4ViaV4_4tm2zd1gy8DMC2cgpLfeGFztH9A-m0-7-LfcSxpVnhPG_26SC2FnuK_YTvHbSoNTprh1SZLVcT-eUn4jjzFyKFwnS2UTrYDJhCHpdl_QZx6Ub8OkwUl8iXMQVF0GCb4Yc7t0m9kjjf1Pd3dJU6M0slMJHQAjVcfaT1QXAnFqBl8XaN950UgrgZ8pergmxhvzvAPrXC670TIRY9rTZF4fBGfMxyR6NAiozdd7Skf3ufeNc1AOCiWVC0RTBbykwPx3_5hEDliQ6YEf9LXCNrSF50k_GDGEx0_KBDW8imbAa_e-iwQtHe4jNvWYwum4dFBEDvZmzjdEDUSJSClY2WpEWxz3QYmzjURSG19l_2oJQAP5nxtdEG2IwIXwjPCIeS-tNPf1cJeHKejWHApPrrgsHQ-1E-BYcp2gCY-_DzWgJPWqfbjqzsTFEsjb2efMF7uezJZovr5Qt2LHn03H55DLQLRavuaYl2kQQ9UOrziqtSDhtZWekq5BGnk_0DY6itLtrl5iIagoVhDk7Q20pTNtM21Df3GewVTjr42sVWppDRRGtPE9R-SKMIYxrFIsGI7PSqyHz6XIM4Wi3c5XVPywb_PsnU0gdV5cZDg59Xo4ZVz4pVn67OrO_AwT89ZHrIqi5WssYZ_cL-uECz5dieoreCgmwHMOVtmZJ4jfra0lm9ObGXVESjKBRI4XINwfEifpWQWkuSwLWGYsfDtEVjBGd1-CGaKVD4q0E-wVr1ymU19_pVHpbwCUNIaw3UeVIqAxziNfRsnlncEtzE5MwbIIZkUbz-YS4XEthfael8QRIjrvkG6fMRXB4vxS5vv344ZKDoTVIVIe6Mb58RxQrz0T4u9s-qDPEyGauBmvDVrdFVVSR1Tkq31XbdpE6cJS6lq570busR4lOTEasMWM9wDeM11WjAvHhPR27ck5j1L3PFUIx60_BnvCTZRonBAQNw0j7RHVeMPoZbpHExtMcoF-P_WGVx-oeAFwJBO9CVbYn87E9QkQ7F1hlAohadIvaEpUb8PJic2dONyVgae3OFikUEiPxpW1geyApoDLWOCd2YyBrT5b2Sfb9FAoRpcI3tzJ_Rv9yqv0VspKoLv3_F-VtiIFDZoH4ICxbOJcJGYVg-6v-O--in9tUT5jBk2pcHjq7rnDTDt0kaGxZgiiMNB2BVGr-5IVjmXNQLbuUSAcj2rkHwIDLOCLaj_xmo1ie5PhcbzY5QsC1sKpz51HOizPUAtNZVIAxFokhyVI_8xM-Auqg4rhOHZ3Zy8N6jsIh4BDQ1eSqXFlZrnVed7Nr7-qzTD4Ea0U2tGJ-o7r8A8iQap0Z-nKF5CVioKuJ9i_LdRr-y0E6AhFjLkBPq-CaOS-51EwTamaivr6PqlIj4MpLvmW9hzWpwZKyG6Ru_0KqXIxnv5jQufIgq3vHn-K-ADVlwB1TGs74dyJviDJoAKEhpJbImWn-jKf_8coYWJEcSBEcnXTOCP2f4HMZBOrk6jqu7JBEYxarYiFHfyPRBelk8a27_QuZwa2FCz5os7hwqWHoGESvDeNmaR9hdw2IWINzEuR2L3PvNbZ1ZldGvgSoAvzf2MxKHNlY2XwBLPxvV92xw3GGtMKFZ0XCXjTcf3gJ2IBmIV5NLAe46ZLRy59bKWHB5krjHhtHgwS6aj9ZC2XJ0zzJnV-QEnGBL8cvrGys1Sp0RsErFY0dLsbXdTbnt9xQk4gOG7pwoPwYQjiA5IRYE1sHcHkrykEeNMJ0IWt3TaLJAL-YS4Ji00Ngh9tdbRyvsCJDGY3WFHZcjAKS3hm1uySmBmxMKkOgf89TVU2zYMR7kM2xoHmE_3AfypU6kNsqegEa01Uh_0y_hxfuWwbs0f0AeF27bxMJKyPyR_W-TNrya8Yf0VIEnt-eWGGgdkJswLSiWQmyndQNZuXuZLNVceKXMhkqF3URHQKNEaWIgdoY_C63pa3qRJOxwTVM6_87Wr4a__gELNbe8WgyFSourBBwalcdWxblcEt7VS0t1HPFh9ogCuF69oWdY3KU0GjqhWljY-W6aUoMvrz8ofISUpCP13ylsQ_xNCPw9wZH5M9rdcjjKGYWwFu5m04k4yxWQiyaORWmLZkmU2W6O2qbLnSV6y78wBW7fp97k9jy9GYZYD9pM-0nlpbwCZ6CY_r1z9onuNmn2VPFtzpeyMcNE3u1j47ypFYlkmAHomtWk9SBNq0ll6dmv9qqcL3gVNpUx72U-dacm8DB3lJ9ETZD0YIopCCgFlCWls-JFrpyYq9q--aqHwUwyU86GKOvBUinCe5oGFUOnw8lLpnmaOQKCiPVhKQqEbgcmRQiddwgIJlQyYql2PrqwyUHhSfg8is4bq1XbMRAIqRbTaMrOFQxlFvedjOduy-fL6u4pM-2CU58YY1LNalCoIm1XYqxAuOgTbl-AdMkgC78_6E5JwrIikDClBjFOjQlCEQ87RXEVtVhFHEcaItx6tVNq6z8APYp4u4VNTvKGQMTWycqnXNh6UrDGYKIKnMFjVCF50tgJ4OBvfmrpJlvVkXFER9bqxk7up1HiGPsnOE0JW_IdjvQ9as3AOhybHr3UBwKOkTmkcTF3l5dnz7Or-6wWcmxvOuC5TjuCZrZevPTbr14C-eX_KFcSEvqd_qJssIG536qxkCXWDgnJBG2Javegwssgwznpy-FCnExwtmFSsCfuyC23Q6Lyzp9HST9blDEGDVbhtl604Zgu_wdd1nm0S8igmu3SpiXO07qSgC_Q-xdLxMWVhfA9tNSUgCXbsUllSxZFKbDwfpUewxXDQSAkWpx1ItninOUPkJ5NiVEQoDkOzPqeU7na-BG3SFzjM9w0YMeGuzAPaArAJT-fOsSrQ1rYb3n6JEOiqMjQlRO0Zzmb4EtLD9Ma6vbJ6WO2W6ptSAX6EaXP2wBnzXWwxSTGv3pS3H9_RFYa2kl4-AzkRYu-ZH_wka6RzPsMrNayOBJC-rOa91HUFEU1d5l8ER9wveGJlwNYfODQ7D8REgU66Rzkc2hQOYX2-k30gzsHfZb32Klh5aZGwktg506k1bgScevnnyjsJJFt2ftDMcnXGZyfTgdosD3z8yHNPAOJajOfffi7aH918kJsut9y3JeuJROnpRFhYKRBjGhWykHSHSPa9dH6tJtrPhVCUtyYyPAn0TlkqYJQfrxJaKodB2Dpzb6u8hJbKHmWa3cYhDzzNf6r_dqvDYvCZXsdOSxLKWSZBy4gAbgDNCYcRfLZUA4NrzwrgEREEcATaXjXO_eZUxUaZNreH4Nl_r_U1m4pUep7p-9S5pIaMWmO_aeukKFXYI3gGNnTmd2kj3fgRN9cFBbIkbkno-9GkiwSQ0nvnqz545YVOLGCEqkO-OFhlxOIcKf9vaIw8WiUqJbW270NDNxkypn7mkpeJU0Mzaucmu-rzXYQMZEeMWA2NNyMkpI2TzHYXSkYXFZL-fhBYjldsIGoSxiRiMtnvRI0b9Kn1A0tEdkJz7FjQ9cAOlwqwUgcXLtY76scRZ46qe5pRsdarSknZVgFWre2QZH7Djz555HfPegnQosUoyCer3sG-dkUe1GYb0lTfDVxx8zx-21tfDMRXBQUkytANC9dR1d8WtZrdci75nSdakzwsiSU3PLG2HAYzRftqiN5u3qBoOnh413nYezwHEANh0byvDhEC1LbdSEvez7ZGauJPFJ_TUpWEIp-4LhlkotNAJx483mZrXjMMAFKDeO3x_BZrYsH9bHMHJLS08rsm8ydyh8-PQ-ZaSahIHTzN9-UlAT8ig00vCEe1ocNvKHnmjjzGQrbwxNBaLf3X8IEftoiCti9DcQW4HFcgSlYuh0WrEC3pZfYXdWTlDtjWuGUnFClaaeFZtcsHk7FQQNKMZcXP7lS9ev6cE4gDgBjEa_-3ztgtsx2N090X5klz9IIFDvYC66dBCKYCv_dndGrJ3l_VMV1K2HjjgcghXIcNAN9bbD9v9-cNCe8kcunCqtlrMkwPMXbZDXnV-GSmhWHmiu03QwOAMUs&pr=13%3AZ0QfMAAAAAAE9z-syRnKrKJWACapHXxDYI93xw&cid=CAQSMgCa7L7d9MVNV-6kotWytOezwDsxYXbxf63eMbVrCG53yvV4N5Nxu5XlQ1zVgAVqAXf4GAE&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202410070101&nel=1&rfl=https%3A%2F%2Fwww.btimesonline.com%2F&ds=l&xdt=0&iif=1&cor=3220133032078685000&adk=3788782631&idt=73&cac=0&dtd=31

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9104fdd2b94094aa418ecb5fa9bd1bd3f119be1c7fd7747a3f91edede9ee5996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 40923
date: Mon, 25 Nov 2024 06:54:41 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 pack.acz
media.adcanvas.com/qU1tZUApy0e2/ Frame 32CF 0
494 KB 54ms
54ms Other
application/octet-stream 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.adcanvas.com/qU1tZUApy0e2/pack.acz

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
etag: "82624f9ff91222f6f71fbbc2647b3786"
age: 123267
x-amz-version-id: null
access-control-allow-methods: GET, OPTIONS, HEAD
expires: Sat, 30 Nov 2024 06:54:41 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: application/octet-stream
last-modified: Mon, 18 Nov 2024 16:26:30 GMT
vary: Accept-Encoding
x-amz-id-2: ijsQaC0kFRt2fWY5EIpNLEsL7rIdVq3pWhuc7l0YLvkJclp87ikaHLCO8bMpOqRC3NruU6aU6t4=
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=432000
nxd-cache: YES
access-control-allow-credentials: true
cf-ray: 8e7fba9278bd0fa8-EWR
x-amz-request-id: A7QHH3WWC643EWHP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 505731
server: cloudflare

GET
H3 200 adcanvas.min.js
media.adcanvas.com/qU1tZUApy0e2/ Frame 32CF 0
24 KB 84ms
83ms Other
application/javascript 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.adcanvas.com/qU1tZUApy0e2/adcanvas.min.js

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"b61170b41c6a9efb1a582e45e2c40874"
age: 123267
x-amz-version-id: null
expires: Sat, 30 Nov 2024 06:54:41 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: application/javascript
last-modified: Mon, 18 Nov 2024 16:26:30 GMT
vary: Accept-Encoding
x-amz-id-2: fFbWE07EyhdCcgcpOtVRkwzPaAhFHOovkFDTx1bSn+P0kPFnnI4lEGpaSxqna+9LqMfY7hyslXc=
link: <pack.acz>; rel=prefetch; as=xhr,<adcanvas.min.js>; rel=prefetch; as=xhr,<https://media.adcanvas.com/tracking.js?ad=qU1tZUApy0e2>; rel=preload; as=script;
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=432000
nxd-cache: YES
cf-ray: 8e7fba9278be0fa8-EWR
x-amz-request-id: A7QHGPQXYQ742V1H
server: cloudflare

GET
H3 200 tracking.js Show response
media.adcanvas.com/ Frame 32CF 8 KB
4 KB 49ms
49ms Script
application/javascript 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.adcanvas.com/tracking.js?ad=qU1tZUApy0e2
Requested by: Host: blank
URL: about:blank
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dfe0963bad966c1d1421d0a24c25bbfb7253ca481df4147cd5adb42f5d0d1d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"5a732738cfc371180c2dcd75a2ddcfff"
x-amz-version-id: null
age: 304109
expires: Sat, 30 Nov 2024 06:54:41 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: application/javascript
last-modified: Mon, 17 Jun 2024 22:56:37 GMT
vary: Accept-Encoding
x-amz-id-2: 88B9lKWivvcDs/LmwUPHpHHFmvPSDo7Ok/B+jb2BXl15JAeLTGIXTwlk2fn3kMPYpw6sNzlAvng=
cache-control: public, max-age=432000
x-amz-request-id: 2RPERNSKHC6JYDC9
cf-ray: 8e7fba9278bf0fa8-EWR
server: cloudflare

GET
H2 200 main.19.8.553.js Show response
static.adsafeprotected.com/ Frame 32CF 240 KB
73 KB 260ms
57ms Script
application/javascript 2600:9000:247b:5400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.553.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/2184108/81709832/skeleton.js?ias_advId=${ACCOUNT_ID}&ias_creativeId=0&ias_campId=9059957&ias_placementId=9160212&adsafe_par&ias_impId=545556141584809984&custom=0db7da09-48fe-4f9a-a403-b8a4a6ba0d62&custom2=b3250fcd-94c7-400d-a2a6-7ea121b78ec8&custom3=p-y6Nyh2U0YDhwK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6500b45201c0146d2abc484c9bf09d6dfdb8b7a396862781ad9a5dc14d930553

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: 6XBJxLF8W2lXJOh0BI1NsN1G3o14kpBc
etag: W/"193bc7f5bbf8ccd294f4a75753e909dd"
age: 18393
x-cache: Hit from cloudfront
x-amz-cf-id: gtzqsL7xZ4pQZfFCman2jVoD18ObbtNP4UHQFCijkpeQ5R2XkZ35sw==
date: Mon, 25 Nov 2024 01:48:09 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 21:39:57 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 19f6dea8d52f4770f090ce0929599570.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 adcanvas.min.js Show response
media.adcanvas.com/qU1tZUApy0e2/ Frame 32CF 73 KB
0 32ms
32ms Script
application/javascript 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.adcanvas.com/qU1tZUApy0e2/adcanvas.min.js

Requested by

Host: media.adcanvas.com
URL: https://media.adcanvas.com/qU1tZUApy0e2/adtag.js?gdpr=0&gdpr_consent=&gdpr_pd=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceaa44eeb19087512e344e76f00242bc4c631fa6bfba94d7e343ff0c7a180e1b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"b61170b41c6a9efb1a582e45e2c40874"
age: 123267
x-amz-version-id: null
expires: Sat, 30 Nov 2024 06:54:41 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: application/javascript
last-modified: Mon, 18 Nov 2024 16:26:30 GMT
vary: Accept-Encoding
x-amz-id-2: fFbWE07EyhdCcgcpOtVRkwzPaAhFHOovkFDTx1bSn+P0kPFnnI4lEGpaSxqna+9LqMfY7hyslXc=
link: <pack.acz>; rel=prefetch; as=xhr,<adcanvas.min.js>; rel=prefetch; as=xhr,<https://media.adcanvas.com/tracking.js?ad=qU1tZUApy0e2>; rel=preload; as=script;
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=432000
nxd-cache: YES
cf-ray: 8e7fba9278be0fa8-EWR
x-amz-request-id: A7QHGPQXYQ742V1H
server: cloudflare

GET
H3 200 pack.acz Show response
media.adcanvas.com/qU1tZUApy0e2/ Frame 32CF 494 KB
0 2ms
2ms XHR
application/octet-stream 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.adcanvas.com/qU1tZUApy0e2/pack.acz

Requested by

Host: media.adcanvas.com
URL: https://media.adcanvas.com/qU1tZUApy0e2/adtag.js?gdpr=0&gdpr_consent=&gdpr_pd=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8db5420b2a938235cfe6c7a76d514721fb5999912db7aed705620c848a498879

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
etag: "82624f9ff91222f6f71fbbc2647b3786"
age: 123267
x-amz-version-id: null
access-control-allow-methods: GET, OPTIONS, HEAD
expires: Sat, 30 Nov 2024 06:54:41 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: application/octet-stream
last-modified: Mon, 18 Nov 2024 16:26:30 GMT
vary: Accept-Encoding
x-amz-id-2: ijsQaC0kFRt2fWY5EIpNLEsL7rIdVq3pWhuc7l0YLvkJclp87ikaHLCO8bMpOqRC3NruU6aU6t4=
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=432000
nxd-cache: YES
access-control-allow-credentials: true
cf-ray: 8e7fba9278bd0fa8-EWR
x-amz-request-id: A7QHH3WWC643EWHP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 505731
server: cloudflare

GET
H3 200 csc-event
analytics.adcanvas.com/ Frame 32CF 37 B
214 B 136ms
122ms Image
image/gif 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.adcanvas.com/csc-event?p=0%3Am3woamcx%3A3hcmr46bVg7cYu5tWMnHFEp9tgfV7VeF&s=0%3Am3woamcx%3AwazZQQDIVNRM7uLNXTySHXYV4TkvYtsw&v=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys&t=pageView&a=qU1tZUApy0e2&e=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys0&c=m3woamd0&n=t&f=t&l=about%3Ablank&r=https%3A%2F%2Fwww.btimesonline.com%2F&i=18g&j=xc&k=1&w=8c&h=6y&x=kezpwq
Requested by: Host: blank
URL: about:blank
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache, proxy-revalidate
cf-cache-status: DYNAMIC
etag: "666ab23d-25"
cf-ray: 8e7fba92e8ff0fa8-EWR
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: image/gif
last-modified: Thu, 13 Jun 2024 08:47:57 GMT
server: cloudflare

GET
H3 200 csc-event
analytics.adcanvas.com/ Frame 32CF 37 B
214 B 135ms
122ms Image
image/gif 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.adcanvas.com/csc-event?p=0%3Am3woamcx%3A3hcmr46bVg7cYu5tWMnHFEp9tgfV7VeF&s=0%3Am3woamcx%3AwazZQQDIVNRM7uLNXTySHXYV4TkvYtsw&v=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys&t=eventParameters&a=qU1tZUApy0e2&e=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys1&c=m3woamd1&n=f&f=f&l=about%3Ablank&r=https%3A%2F%2Fwww.btimesonline.com%2F&i=18g&j=xc&k=1&w=8c&h=6y&u=(scategory!Framework!saction!Billable%20impression!srt!0!sts!0!siv!0!sol!1!)&x=-53gxdf
Requested by: Host: blank
URL: about:blank
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache, proxy-revalidate
cf-cache-status: DYNAMIC
etag: "666ab23d-25"
cf-ray: 8e7fba92e8fe0fa8-EWR
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: image/gif
last-modified: Thu, 13 Jun 2024 08:47:57 GMT
server: cloudflare

GET
H3 200 csc-event
analytics.adcanvas.com/ Frame 32CF 37 B
214 B 138ms
125ms Image
image/gif 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.adcanvas.com/csc-event?p=0%3Am3woamcx%3A3hcmr46bVg7cYu5tWMnHFEp9tgfV7VeF&s=0%3Am3woamcx%3AwazZQQDIVNRM7uLNXTySHXYV4TkvYtsw&v=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys&t=eventParameters&a=qU1tZUApy0e2&e=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys2&c=m3woamd2&n=f&f=f&l=about%3Ablank&r=https%3A%2F%2Fwww.btimesonline.com%2F&i=18g&j=xc&k=1&w=8c&h=6y&u=(scategory!Meta%20Consent!saction!Consent%20Not%20Given!srt!0!sts!0!siv!0!sol!1!)&x=-pn5ryw
Requested by: Host: blank
URL: about:blank
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache, proxy-revalidate
cf-cache-status: DYNAMIC
etag: "666ab23d-25"
cf-ray: 8e7fba92e8fc0fa8-EWR
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: image/gif
last-modified: Thu, 13 Jun 2024 08:47:57 GMT
server: cloudflare

GET
H3 200 csc-event
analytics.adcanvas.com/ Frame 32CF 37 B
214 B 134ms
121ms Image
image/gif 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.adcanvas.com/csc-event?p=0%3Am3woamcx%3A3hcmr46bVg7cYu5tWMnHFEp9tgfV7VeF&s=0%3Am3woamcx%3AwazZQQDIVNRM7uLNXTySHXYV4TkvYtsw&v=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys&t=eventParameters&a=qU1tZUApy0e2&e=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys3&c=m3woamd2&n=f&f=f&l=about%3Ablank&r=https%3A%2F%2Fwww.btimesonline.com%2F&i=18g&j=xc&k=1&w=8c&h=6y&u=(scategory!Meta%20Consent!saction!Consent%20Not%20Given!srt!0!sts!0!siv!0!sol!1!)&x=n8jveh
Requested by: Host: blank
URL: about:blank
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache, proxy-revalidate
cf-cache-status: DYNAMIC
etag: "666ab23d-25"
cf-ray: 8e7fba92e8fd0fa8-EWR
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: image/gif
last-modified: Thu, 13 Jun 2024 08:47:57 GMT
server: cloudflare

GET
H3 200 pack.acz
media.adcanvas.com/qU1tZUApy0e2/ Frame 32CF 0
0 0ms
0ms Other
application/octet-stream 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.adcanvas.com/qU1tZUApy0e2/pack.acz

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
etag: "82624f9ff91222f6f71fbbc2647b3786"
age: 123267
x-amz-version-id: null
access-control-allow-methods: GET, OPTIONS, HEAD
expires: Sat, 30 Nov 2024 06:54:41 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: application/octet-stream
last-modified: Mon, 18 Nov 2024 16:26:30 GMT
vary: Accept-Encoding
x-amz-id-2: ijsQaC0kFRt2fWY5EIpNLEsL7rIdVq3pWhuc7l0YLvkJclp87ikaHLCO8bMpOqRC3NruU6aU6t4=
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=432000
nxd-cache: YES
access-control-allow-credentials: true
cf-ray: 8e7fba9278bd0fa8-EWR
x-amz-request-id: A7QHH3WWC643EWHP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 505731
server: cloudflare

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20241120/r20110914/ Frame 71FF 30 KB
11 KB 37ms
36ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20241120/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Acs3zsmIqvlcl00RAOiwaA57uX_ZOx29MvxgW9nDmzX4srn-EmyXjNGesr67m5n1XGIxze0Ei_6W-tYGqSqn_ZiU5RF1sQK1t0G4gjWj3O6S3_MWUA4mQKMMsUs18k8mCZo1wnnswvgqKP8_nK--1XGduG4CpS10O5cqboafwITmvwUfWynhf57VTixci0MkGPToj5ghvgXBX24LFziqjR_lC1pqn_6kWXoUQFvxFGQp8H-wY&dbm_d=AKAmf-Basx2losfZ1gP-xwzv4AE8WdKKGxbEbDNChqLDqeKODfTOmaUwovOM-9cSHVMeBswJpN4ViaV4_4tm2zd1gy8DMC2cgpLfeGFztH9A-m0-7-LfcSxpVnhPG_26SC2FnuK_YTvHbSoNTprh1SZLVcT-eUn4jjzFyKFwnS2UTrYDJhCHpdl_QZx6Ub8OkwUl8iXMQVF0GCb4Yc7t0m9kjjf1Pd3dJU6M0slMJHQAjVcfaT1QXAnFqBl8XaN950UgrgZ8pergmxhvzvAPrXC670TIRY9rTZF4fBGfMxyR6NAiozdd7Skf3ufeNc1AOCiWVC0RTBbykwPx3_5hEDliQ6YEf9LXCNrSF50k_GDGEx0_KBDW8imbAa_e-iwQtHe4jNvWYwum4dFBEDvZmzjdEDUSJSClY2WpEWxz3QYmzjURSG19l_2oJQAP5nxtdEG2IwIXwjPCIeS-tNPf1cJeHKejWHApPrrgsHQ-1E-BYcp2gCY-_DzWgJPWqfbjqzsTFEsjb2efMF7uezJZovr5Qt2LHn03H55DLQLRavuaYl2kQQ9UOrziqtSDhtZWekq5BGnk_0DY6itLtrl5iIagoVhDk7Q20pTNtM21Df3GewVTjr42sVWppDRRGtPE9R-SKMIYxrFIsGI7PSqyHz6XIM4Wi3c5XVPywb_PsnU0gdV5cZDg59Xo4ZVz4pVn67OrO_AwT89ZHrIqi5WssYZ_cL-uECz5dieoreCgmwHMOVtmZJ4jfra0lm9ObGXVESjKBRI4XINwfEifpWQWkuSwLWGYsfDtEVjBGd1-CGaKVD4q0E-wVr1ymU19_pVHpbwCUNIaw3UeVIqAxziNfRsnlncEtzE5MwbIIZkUbz-YS4XEthfael8QRIjrvkG6fMRXB4vxS5vv344ZKDoTVIVIe6Mb58RxQrz0T4u9s-qDPEyGauBmvDVrdFVVSR1Tkq31XbdpE6cJS6lq570busR4lOTEasMWM9wDeM11WjAvHhPR27ck5j1L3PFUIx60_BnvCTZRonBAQNw0j7RHVeMPoZbpHExtMcoF-P_WGVx-oeAFwJBO9CVbYn87E9QkQ7F1hlAohadIvaEpUb8PJic2dONyVgae3OFikUEiPxpW1geyApoDLWOCd2YyBrT5b2Sfb9FAoRpcI3tzJ_Rv9yqv0VspKoLv3_F-VtiIFDZoH4ICxbOJcJGYVg-6v-O--in9tUT5jBk2pcHjq7rnDTDt0kaGxZgiiMNB2BVGr-5IVjmXNQLbuUSAcj2rkHwIDLOCLaj_xmo1ie5PhcbzY5QsC1sKpz51HOizPUAtNZVIAxFokhyVI_8xM-Auqg4rhOHZ3Zy8N6jsIh4BDQ1eSqXFlZrnVed7Nr7-qzTD4Ea0U2tGJ-o7r8A8iQap0Z-nKF5CVioKuJ9i_LdRr-y0E6AhFjLkBPq-CaOS-51EwTamaivr6PqlIj4MpLvmW9hzWpwZKyG6Ru_0KqXIxnv5jQufIgq3vHn-K-ADVlwB1TGs74dyJviDJoAKEhpJbImWn-jKf_8coYWJEcSBEcnXTOCP2f4HMZBOrk6jqu7JBEYxarYiFHfyPRBelk8a27_QuZwa2FCz5os7hwqWHoGESvDeNmaR9hdw2IWINzEuR2L3PvNbZ1ZldGvgSoAvzf2MxKHNlY2XwBLPxvV92xw3GGtMKFZ0XCXjTcf3gJ2IBmIV5NLAe46ZLRy59bKWHB5krjHhtHgwS6aj9ZC2XJ0zzJnV-QEnGBL8cvrGys1Sp0RsErFY0dLsbXdTbnt9xQk4gOG7pwoPwYQjiA5IRYE1sHcHkrykEeNMJ0IWt3TaLJAL-YS4Ji00Ngh9tdbRyvsCJDGY3WFHZcjAKS3hm1uySmBmxMKkOgf89TVU2zYMR7kM2xoHmE_3AfypU6kNsqegEa01Uh_0y_hxfuWwbs0f0AeF27bxMJKyPyR_W-TNrya8Yf0VIEnt-eWGGgdkJswLSiWQmyndQNZuXuZLNVceKXMhkqF3URHQKNEaWIgdoY_C63pa3qRJOxwTVM6_87Wr4a__gELNbe8WgyFSourBBwalcdWxblcEt7VS0t1HPFh9ogCuF69oWdY3KU0GjqhWljY-W6aUoMvrz8ofISUpCP13ylsQ_xNCPw9wZH5M9rdcjjKGYWwFu5m04k4yxWQiyaORWmLZkmU2W6O2qbLnSV6y78wBW7fp97k9jy9GYZYD9pM-0nlpbwCZ6CY_r1z9onuNmn2VPFtzpeyMcNE3u1j47ypFYlkmAHomtWk9SBNq0ll6dmv9qqcL3gVNpUx72U-dacm8DB3lJ9ETZD0YIopCCgFlCWls-JFrpyYq9q--aqHwUwyU86GKOvBUinCe5oGFUOnw8lLpnmaOQKCiPVhKQqEbgcmRQiddwgIJlQyYql2PrqwyUHhSfg8is4bq1XbMRAIqRbTaMrOFQxlFvedjOduy-fL6u4pM-2CU58YY1LNalCoIm1XYqxAuOgTbl-AdMkgC78_6E5JwrIikDClBjFOjQlCEQ87RXEVtVhFHEcaItx6tVNq6z8APYp4u4VNTvKGQMTWycqnXNh6UrDGYKIKnMFjVCF50tgJ4OBvfmrpJlvVkXFER9bqxk7up1HiGPsnOE0JW_IdjvQ9as3AOhybHr3UBwKOkTmkcTF3l5dnz7Or-6wWcmxvOuC5TjuCZrZevPTbr14C-eX_KFcSEvqd_qJssIG536qxkCXWDgnJBG2Javegwssgwznpy-FCnExwtmFSsCfuyC23Q6Lyzp9HST9blDEGDVbhtl604Zgu_wdd1nm0S8igmu3SpiXO07qSgC_Q-xdLxMWVhfA9tNSUgCXbsUllSxZFKbDwfpUewxXDQSAkWpx1ItninOUPkJ5NiVEQoDkOzPqeU7na-BG3SFzjM9w0YMeGuzAPaArAJT-fOsSrQ1rYb3n6JEOiqMjQlRO0Zzmb4EtLD9Ma6vbJ6WO2W6ptSAX6EaXP2wBnzXWwxSTGv3pS3H9_RFYa2kl4-AzkRYu-ZH_wka6RzPsMrNayOBJC-rOa91HUFEU1d5l8ER9wveGJlwNYfODQ7D8REgU66Rzkc2hQOYX2-k30gzsHfZb32Klh5aZGwktg506k1bgScevnnyjsJJFt2ftDMcnXGZyfTgdosD3z8yHNPAOJajOfffi7aH918kJsut9y3JeuJROnpRFhYKRBjGhWykHSHSPa9dH6tJtrPhVCUtyYyPAn0TlkqYJQfrxJaKodB2Dpzb6u8hJbKHmWa3cYhDzzNf6r_dqvDYvCZXsdOSxLKWSZBy4gAbgDNCYcRfLZUA4NrzwrgEREEcATaXjXO_eZUxUaZNreH4Nl_r_U1m4pUep7p-9S5pIaMWmO_aeukKFXYI3gGNnTmd2kj3fgRN9cFBbIkbkno-9GkiwSQ0nvnqz545YVOLGCEqkO-OFhlxOIcKf9vaIw8WiUqJbW270NDNxkypn7mkpeJU0Mzaucmu-rzXYQMZEeMWA2NNyMkpI2TzHYXSkYXFZL-fhBYjldsIGoSxiRiMtnvRI0b9Kn1A0tEdkJz7FjQ9cAOlwqwUgcXLtY76scRZ46qe5pRsdarSknZVgFWre2QZH7Djz555HfPegnQosUoyCer3sG-dkUe1GYb0lTfDVxx8zx-21tfDMRXBQUkytANC9dR1d8WtZrdci75nSdakzwsiSU3PLG2HAYzRftqiN5u3qBoOnh413nYezwHEANh0byvDhEC1LbdSEvez7ZGauJPFJ_TUpWEIp-4LhlkotNAJx483mZrXjMMAFKDeO3x_BZrYsH9bHMHJLS08rsm8ydyh8-PQ-ZaSahIHTzN9-UlAT8ig00vCEe1ocNvKHnmjjzGQrbwxNBaLf3X8IEftoiCti9DcQW4HFcgSlYuh0WrEC3pZfYXdWTlDtjWuGUnFClaaeFZtcsHk7FQQNKMZcXP7lS9ev6cE4gDgBjEa_-3ztgtsx2N090X5klz9IIFDvYC66dBCKYCv_dndGrJ3l_VMV1K2HjjgcghXIcNAN9bbD9v9-cNCe8kcunCqtlrMkwPMXbZDXnV-GSmhWHmiu03QwOAMUs&pr=13%3AZ0QfMAAAAAAE9z-syRnKrKJWACapHXxDYI93xw&cid=CAQSMgCa7L7d9MVNV-6kotWytOezwDsxYXbxf63eMbVrCG53yvV4N5Nxu5XlQ1zVgAVqAXf4GAE&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202410070101&nel=1&rfl=https%3A%2F%2Fwww.btimesonline.com%2F&ds=l&xdt=0&iif=1&cor=3220133032078685000&adk=3788782631&idt=73&cac=0&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63a9689da7cf8d032e6a4dc84c0ba46268fde3f990f8b0dca11b49d55cf15727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 7822793166672485445
age: 3429
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 05:57:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:57:32 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 11586
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 71FF 217 KB
67 KB 38ms
38ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 12158714353530318320
age: 1820
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 07:24:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 06:24:21 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69014
x-xss-protection: 0
server: cafe

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20241120/r20110914/elements/html/ Frame 71FF 12 KB
4 KB 42ms
41ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20241120/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39761e2a7cb0e42a8b09fbbf0d2c4cd9fb0c1568c045b1c5e387177dda8ff064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 5098607549323971572
age: 3429
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 05:57:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 05:57:32 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 4393
x-xss-protection: 0
server: cafe

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 71FF 0
0 290ms
101ms Fetch
image/png 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstXgqxLGcsFE09wWVpCMzEWycy1czy0LwKANJUWFlJZefdgIFMDjtq4YNguU8fuICoivpzZV5aCjqNIYS6SDJWz6dbb1Bop_ozt4R4q1ae7pWgm2faukdwSjnl0pRnCdYVHtPTbdEj4tCJLMVZx91DKpPYCXo7EWOJfigN61w9F7dNBWyZaJckJxjcO-xEA5DL7BqTCd-Fw9XPfE9Np5H1E5HWCfFdsQEde6KsSUuxmywFumx5_zIjacouG63n75rwCnRVt0eB3pHVxDmpd3ewSw4z_xwAxV_-rysgzMz-GoqvRxOQ2eD5upXZxz0gKw5LO-pThO-9Z2xwiYUeJt3dJgRcKAMRFc-gGY7IPI2vNnCOLZLTwjTM_wb3rcD_AACaoGSUPDOVHAIlVDOA1PL2jNcwbABri6lOUPCDrgwbnVynJRCZzhaXd_uRq_JvRMPLXqL8MhkyPOI3iiUDmOMYySsk-q5BiZFfpZ27iYBzqaaqwsuFebwd9B3XxbUauF69bgYkm7umM3RQzdVumTBw1gpJLy0z2ng1_bvGpNCGv8_DwIt8xnIl8BEU6BZSca4ZKVdQidbvWhAbnq5bV3_o5e5HxbW05wcRLdOcsRZR-eUoMcB50xrPdSX2BINh35DRInEHnYBKIzS3De8I_qG8MLOi6NVXayi0J17RrnoMBdcef8NTqNkpBzyxV84UOBqRHMDISa-_flUl0c242hP3HGpdzFdjkv2u5VqWxCi1G4JVdZa8C0GsairiPK6-nfmNuXH-HYiICIgwRZfvaz6fsnjINTdZ5aDvmuDO_bllMvjZa9UHz_bvLY28yPB68Kb0KPnhPV9UVLIlxL-xsv87vVWx3gNe1qdM9HUl_5kREuPG-isnkke3Qy-DcXsuEDBPT7BmFZvm8k5JzrHeLZf2o41Ulpnua3am3s8NK7eR0EjIMGwSWeWwRZJfz83nj13AnmWjRkHSXGqr6WvJR0rhXJThWor5y4neBKolr4Jb0bxJN9TVy9UXYLeynHP7_LRhofBB0hHZeG6j0824YNc39b4cmQzGy8OeNct46xVchs_OkFPpMb6qhv-Ox4_Nby4ajQwwQ6pYcW3TiKAShJC3bCH4GpNi1p8803m0ZHtdi09BmqwOwGPKZvc9FqHi7En7BmnnbGcpUW9xoSqY5TRXUQxtQ8Md2SrW0_e3GZDGx7W4QNH2zhtwmcuut_CT2b2ZB5BAlJzk1iYyBTig7F4XILmTAsF9ztadgHqlRO3VyncuJsaOyFMkSw9grSk4cOvSLZmdBIHnSl9nhiuCKJpqYeAFvalSAaiqWvNy0V5jlVG7EXKFQVy2Ytq_cTh6I0WL8ANVVhxXJ5RNpn5ddx3o_UYY4buQZBei7R7sZULTzh-sjOz17xvqAmmKSPXF4bCI8R3-vYoqIwMcEOl9zPdQyFbCZ_cjjQbCg1xY4N45TfUUAhkcbFuolfMxRs-pwENr3sg7Zp48Wuk4-RHUZuxP7AG7JQWfNly8w8MIW8Y4_Jxznmh_A-QsyZ7Qe9RUCjM_AyU60ygZ-gsCy9DMopn36rXzbOGXc&sai=AMfl-YSv3nVhhzf5xmeW9pjlr-B7Qat7qzCZFsgYBDDH-pw7Txn1gEZY2yW6L26tgIkL3_oioDt_Wb9VzpG9m25q_4aoOtQG5s0VxlNbC8510UlCLIF6w5fIwm977KeqIc4M0Il-Dqsj7AF2E5dKe9yWFZIEnAediB_Cbj63durgUuQbDCn6IIM8XYgK6CPDNqPW70ZBzbvwyAl850W1qaV4NSwPxfrfmxVyAK0yqaRPT19QbB2w4uziH8UoBc7DYa79_UgppSA&sig=Cg0ArKJSzPHGEu654hJSEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9rYWx0aXJlLmNvbQ&pr=13:Z0QfMAAAAAAE9z-syRnKrKJWACapHXxDYI93xw&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=4&cbvp=1&cstd=0&cisv=r20241120.90774&arae=1&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: image/png
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
x-xss-protection: 0
attribution-reporting-register-source: {"aggregation_keys":{"27146248":"0xb8e396e7c47b96430000000000000000","27146249":"0x7fd630fc0337a9d80000000000000000","27146250":"0x3b89c9ccffa6c0720000000000000000","27146251":"0x5abdce89082babc90000000000000000"},"debug_key":"8549264501252053743","debug_reporting":true,"destination":["https://kaltire.com","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"691200","filter_data":{"14":["10282830","16216036","77417125","78645514","9421885","9419374","9418747"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["9848418"]},"max_event_level_reports":2,"priority":"0","source_event_id":"10456020608737815698"}
server: cafe

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 71FF 41 KB
14 KB 36ms
34ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
age: 848
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 07:30:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 06:40:33 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 13937
x-xss-protection: 0
server: sffe

GET
H2 200 17614799344976927013
s0.2mdn.net/simgad/ Frame 71FF 46 KB
46 KB 200ms
46ms Image
image/gif 2607:f8b0:4006:80d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17614799344976927013

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66033d22508575a81d53e176198e0bf9140d435e46f62eaed4d784476063dbe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

age: 232275
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 14:23:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Fri, 22 Nov 2024 14:23:26 GMT
last-modified: Mon, 04 Nov 2024 18:40:17 GMT
content-type: image/gif
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 47072
x-xss-protection: 0
server: sffe

GET
H3 200 usermatch
ssum-sec.casalemedia.com/ Frame 92A7 0
0 65ms
65ms Document
text/html 104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=191306&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8e7fba936dd0ab7b-YYZ
content-encoding: br
content-type: text/html
date: Mon, 25 Nov 2024 06:54:41 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p8YN8IPerTE9E9wFlBtwtGIMh2WdHXSSbdMa8pcE5CkAg5n14K4%2BXZuR%2FCIo%2BGgW1hGG8wMR64JlnaAwbcRrXxfQ6QfytPP87q%2Fa%2BfEib98Iwhq4NTB38syBYSOW9uSsjaBUlfB4sgNABw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding

GET
H3 200 adv_vert.-adspace. Show response
fundingchoicesmessages.google.com/f/AGSKWxUq_ufnFzrUt_qIoCqqbaRdbbcKmNogMBqYd1_qLEc6sLvaZhm1j-7DuI5_labfVOFHq1c98aUZ65cxizZEcwXrWP86163jHlDklwXK0jsnOEmDrbdOt7CAwmLDA0CunTiruFzhrO5Hf7Xg7CTIUe2RXy9tX... 54 B
109 B 66ms
63ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUq_ufnFzrUt_qIoCqqbaRdbbcKmNogMBqYd1_qLEc6sLvaZhm1j-7DuI5_labfVOFHq1c98aUZ65cxizZEcwXrWP86163jHlDklwXK0jsnOEmDrbdOt7CAwmLDA0CunTiruFzhrO5Hf7Xg7CTIUe2RXy9tXXIo_ku46ifJpXzV-fugiY8a7ZY2NuZg/_/wp-ad.min./120-600-/ads/main./adv_vert.-adspace.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwlEc_sVMli9kpRqcR6cJANtpBcPQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96b58f25e452344e7d46609ad0b3f221593f5ae969df3a7a10dd6eb183a26a4b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tRCpBgFyYlFTr7KrVS2PzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0pBiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIDZUuMTqDMSORZdYPYFYtecSqzkQ3193ifU5EM84f5l1ARAXSVxhbQHi201XWB8DMcPXK6wcQCzEzbFx34RdbAI3Hp3IU9JIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxNDS01DMwjC8wAAA0d0cH"
content-security-policy: script-src 'report-sample' 'nonce-tRCpBgFyYlFTr7KrVS2PzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 37ms
34ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: br
etag: 16023549773543154165
age: 1047
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 07:37:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 25 Nov 2024 06:37:14 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 51
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxXlwsnssDJY3MY6SrDJfKAAd44fXA-nEyHGwheqwCmt51qzhryCa0OZCFlNocvpWR8eV83lBtDFZOKWFmbeIvSAqqr0-e77XfQj5U2rhOC1Tox9Zlf05kZeV-Frx1OuxZXDVOagOQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 172ms
63ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXlwsnssDJY3MY6SrDJfKAAd44fXA-nEyHGwheqwCmt51qzhryCa0OZCFlNocvpWR8eV83lBtDFZOKWFmbeIvSAqqr0-e77XfQj5U2rhOC1Tox9Zlf05kZeV-Frx1OuxZXDVOagOQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3sbuemo-9Z1ibJ5m1VTlPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.btimesonline.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBicEqfwRoCxAxfr7ByALEQD8fGfRN2sQksWPxsAaOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0NLTUMzCNLzAAAA56JhY"
content-security-policy: script-src 'report-sample' 'nonce-3sbuemo-9Z1ibJ5m1VTlPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.btimesonline.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1732517681194&did=did-004d&se=e30&duid=9f1e706a1e4b--01jdh1kn1x5yabyk2235n1rng5&tv=v3.5.0&pu=https%3A%2F%2Fwww.btimesonline.com%2F&wpn=lc-bundle&wpv=v3.5.0&cd=.btimeso...
https://rp4.liadm.com/j?dtstmp=1732517681194&did=did-004d&se=e30&duid=9f1e706a1e4b--01jdh1kn1x5yabyk2235n1rng5&tv=v3.5.0&pu=https%3A%2F%2Fwww.btimesonline.com%2F&wpn=lc-bundle&wpv=v3.5.0&cd=.btimes...

13 B
369 B

334ms
80ms

XHR
application/json

34.193.58.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?dtstmp=1732517681194&did=did-004d&se=e30&duid=9f1e706a1e4b--01jdh1kn1x5yabyk2235n1rng5&tv=v3.5.0&pu=https%3A%2F%2Fwww.btimesonline.com%2F&wpn=lc-bundle&wpv=v3.5.0&cd=.btimesonline.com&c=PHRpdGxlPkJ1c2luZXNzIFRpbWVzIC0gQnVzaW5lc3MgJmFtcDsgRmluYW5jaWFsIE5ld3MsIENoaW5hICZhbXA7IEludGVybmF0aW9uYWwgQnJlYWtpbmcgTmV3czwvdGl0bGU-PGgxIHN0eWxlPSJkaXNwbGF5Om5vbmU7Ij5CdXNpbmVzcyBUaW1lcyAtIEJ1c2luZXNzICZhbXA7IEZpbmFuY2lhbCBOZXdzLCBDaGluYSAmYW1wOyBJbnRlcm5hdGlvbmFsIEJyZWFraW5nIE5ld3M8L2gxPg&pv=433a0b7f-382f-4e9b-bf1b-b4a321836a95&i6=MjAwMTo0OTU4OjE0MjA6MTUxOjoxMw%3D%3D
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H2
Server: 34.193.58.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-58-216.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

x-pixel-event-id: 76dde9cb-b7cc-4037-a0cd-cafecae42e77
access-control-max-age: 86400
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: null
content-length: 13
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: application/json

Redirect headers

access-control-max-age: 86400
access-control-expose-headers: *
location: https://rp4.liadm.com/j?dtstmp=1732517681194&did=did-004d&se=e30&duid=9f1e706a1e4b--01jdh1kn1x5yabyk2235n1rng5&tv=v3.5.0&pu=https%3A%2F%2Fwww.btimesonline.com%2F&wpn=lc-bundle&wpv=v3.5.0&cd=.btimesonline.com&c=PHRpdGxlPkJ1c2luZXNzIFRpbWVzIC0gQnVzaW5lc3MgJmFtcDsgRmluYW5jaWFsIE5ld3MsIENoaW5hICZhbXA7IEludGVybmF0aW9uYWwgQnJlYWtpbmcgTmV3czwvdGl0bGU-PGgxIHN0eWxlPSJkaXNwbGF5Om5vbmU7Ij5CdXNpbmVzcyBUaW1lcyAtIEJ1c2luZXNzICZhbXA7IEZpbmFuY2lhbCBOZXdzLCBDaGluYSAmYW1wOyBJbnRlcm5hdGlvbmFsIEJyZWFraW5nIE5ld3M8L2gxPg&pv=433a0b7f-382f-4e9b-bf1b-b4a321836a95&i6=MjAwMTo0OTU4OjE0MjA6MTUxOjoxMw%3D%3D
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://www.btimesonline.com
content-length: 0
date: Mon, 25 Nov 2024 06:54:41 GMT

GET
H2 200 62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4E14 0
0 184ms
53ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 06:40:33 GMT
expires: Mon, 25 Nov 2024 07:30:33 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71FF 0
0 56ms
54ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:41 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 71FF 42 B
65 B 51ms
51ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 25 Nov 2024 06:54:41 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71FF 0
0 48ms
48ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:41 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 csc-event
analytics.adcanvas.com/ Frame 32CF 37 B
214 B 119ms
116ms Image
image/gif 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.adcanvas.com/csc-event?p=0%3Am3woamcx%3A3hcmr46bVg7cYu5tWMnHFEp9tgfV7VeF&s=0%3Am3woamcx%3AwazZQQDIVNRM7uLNXTySHXYV4TkvYtsw&v=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys&t=eventParameters&a=qU1tZUApy0e2&e=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys4&c=m3woamn6&n=f&f=f&l=about%3Ablank&r=https%3A%2F%2Fwww.btimesonline.com%2F&i=18g&j=xc&k=1&w=8c&h=6y&u=(scategory!Framework!saction!Ad%20Loaded!srt!0!sts!280!siv!0!sol!1!)&x=-hikdsk
Requested by: Host: blank
URL: about:blank
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache, proxy-revalidate
cf-cache-status: DYNAMIC
etag: "666ab23d-25"
cf-ray: 8e7fba952a050fa8-EWR
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: image/gif
last-modified: Thu, 13 Jun 2024 08:47:57 GMT
server: cloudflare

GET
H3 200 csc-event
analytics.adcanvas.com/ Frame 32CF 37 B
214 B 131ms
129ms Image
image/gif 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.adcanvas.com/csc-event?p=0%3Am3woamcx%3A3hcmr46bVg7cYu5tWMnHFEp9tgfV7VeF&s=0%3Am3woamcx%3AwazZQQDIVNRM7uLNXTySHXYV4TkvYtsw&v=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys&t=eventParameters&a=qU1tZUApy0e2&e=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys5&c=m3woamn6&n=f&f=f&l=about%3Ablank&r=https%3A%2F%2Fwww.btimesonline.com%2F&i=18g&j=xc&k=1&w=8c&h=6y&u=(scategory!Meta!saction!safeFrame%20not%20detected!srt!0!sts!280!siv!0!sol!1!)&x=2zrk93
Requested by: Host: blank
URL: about:blank
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache, proxy-revalidate
cf-cache-status: DYNAMIC
etag: "666ab23d-25"
cf-ray: 8e7fba952a060fa8-EWR
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: image/gif
last-modified: Thu, 13 Jun 2024 08:47:57 GMT
server: cloudflare

GET
H3 200 csc-event
analytics.adcanvas.com/ Frame 32CF 37 B
214 B 129ms
127ms Image
image/gif 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.adcanvas.com/csc-event?p=0%3Am3woamcx%3A3hcmr46bVg7cYu5tWMnHFEp9tgfV7VeF&s=0%3Am3woamcx%3AwazZQQDIVNRM7uLNXTySHXYV4TkvYtsw&v=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys&t=eventParameters&a=qU1tZUApy0e2&e=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys6&c=m3woamn7&n=f&f=f&l=about%3Ablank&r=https%3A%2F%2Fwww.btimesonline.com%2F&i=18g&j=xc&k=1&w=8c&h=6y&u=(scategory!Framework!saction!Ad%20Started!srt!0!sts!280!siv!0!sol!1!)&x=hcz4ci
Requested by: Host: blank
URL: about:blank
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache, proxy-revalidate
cf-cache-status: DYNAMIC
etag: "666ab23d-25"
cf-ray: 8e7fba952a070fa8-EWR
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: image/gif
last-modified: Thu, 13 Jun 2024 08:47:57 GMT
server: cloudflare

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 71FF 0
0 74ms
73ms Fetch
image/png 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstXgqxLGcsFE09wWVpCMzEWycy1czy0LwKANJUWFlJZefdgIFMDjtq4YNguU8fuICoivpzZV5aCjqNIYS6SDJWz6dbb1Bop_ozt4R4q1ae7pWgm2faukdwSjnl0pRnCdYVHtPTbdEj4tCJLMVZx91DKpPYCXo7EWOJfigN61w9F7dNBWyZaJckJxjcO-xEA5DL7BqTCd-Fw9XPfE9Np5H1E5HWCfFdsQEde6KsSUuxmywFumx5_zIjacouG63n75rwCnRVt0eB3pHVxDmpd3ewSw4z_xwAxV_-rysgzMz-GoqvRxOQ2eD5upXZxz0gKw5LO-pThO-9Z2xwiYUeJt3dJgRcKAMRFc-gGY7IPI2vNnCOLZLTwjTM_wb3rcD_AACaoGSUPDOVHAIlVDOA1PL2jNcwbABri6lOUPCDrgwbnVynJRCZzhaXd_uRq_JvRMPLXqL8MhkyPOI3iiUDmOMYySsk-q5BiZFfpZ27iYBzqaaqwsuFebwd9B3XxbUauF69bgYkm7umM3RQzdVumTBw1gpJLy0z2ng1_bvGpNCGv8_DwIt8xnIl8BEU6BZSca4ZKVdQidbvWhAbnq5bV3_o5e5HxbW05wcRLdOcsRZR-eUoMcB50xrPdSX2BINh35DRInEHnYBKIzS3De8I_qG8MLOi6NVXayi0J17RrnoMBdcef8NTqNkpBzyxV84UOBqRHMDISa-_flUl0c242hP3HGpdzFdjkv2u5VqWxCi1G4JVdZa8C0GsairiPK6-nfmNuXH-HYiICIgwRZfvaz6fsnjINTdZ5aDvmuDO_bllMvjZa9UHz_bvLY28yPB68Kb0KPnhPV9UVLIlxL-xsv87vVWx3gNe1qdM9HUl_5kREuPG-isnkke3Qy-DcXsuEDBPT7BmFZvm8k5JzrHeLZf2o41Ulpnua3am3s8NK7eR0EjIMGwSWeWwRZJfz83nj13AnmWjRkHSXGqr6WvJR0rhXJThWor5y4neBKolr4Jb0bxJN9TVy9UXYLeynHP7_LRhofBB0hHZeG6j0824YNc39b4cmQzGy8OeNct46xVchs_OkFPpMb6qhv-Ox4_Nby4ajQwwQ6pYcW3TiKAShJC3bCH4GpNi1p8803m0ZHtdi09BmqwOwGPKZvc9FqHi7En7BmnnbGcpUW9xoSqY5TRXUQxtQ8Md2SrW0_e3GZDGx7W4QNH2zhtwmcuut_CT2b2ZB5BAlJzk1iYyBTig7F4XILmTAsF9ztadgHqlRO3VyncuJsaOyFMkSw9grSk4cOvSLZmdBIHnSl9nhiuCKJpqYeAFvalSAaiqWvNy0V5jlVG7EXKFQVy2Ytq_cTh6I0WL8ANVVhxXJ5RNpn5ddx3o_UYY4buQZBei7R7sZULTzh-sjOz17xvqAmmKSPXF4bCI8R3-vYoqIwMcEOl9zPdQyFbCZ_cjjQbCg1xY4N45TfUUAhkcbFuolfMxRs-pwENr3sg7Zp48Wuk4-RHUZuxP7AG7JQWfNly8w8MIW8Y4_Jxznmh_A-QsyZ7Qe9RUCjM_AyU60ygZ-gsCy9DMopn36rXzbOGXc&sai=AMfl-YSv3nVhhzf5xmeW9pjlr-B7Qat7qzCZFsgYBDDH-pw7Txn1gEZY2yW6L26tgIkL3_oioDt_Wb9VzpG9m25q_4aoOtQG5s0VxlNbC8510UlCLIF6w5fIwm977KeqIc4M0Il-Dqsj7AF2E5dKe9yWFZIEnAediB_Cbj63durgUuQbDCn6IIM8XYgK6CPDNqPW70ZBzbvwyAl850W1qaV4NSwPxfrfmxVyAK0yqaRPT19QbB2w4uziH8UoBc7DYa79_UgppSA&sig=Cg0ArKJSzPHGEu654hJSEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9rYWx0aXJlLmNvbQ&pr=13:Z0QfMAAAAAAE9z-syRnKrKJWACapHXxDYI93xw&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=292&vt=11&dtpt=288&dett=2&cstd=0&cisv=r20241120.90774&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:41 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 25 Nov 2024 06:54:41 GMT
x-xss-protection: 0
content-type: image/png
attribution-reporting-register-source: {"aggregation_keys":{"27146248":"0xb8e396e7c47b96430000000000000000","27146249":"0x7fd630fc0337a9d80000000000000000","27146250":"0x3b89c9ccffa6c0720000000000000000","27146251":"0x5abdce89082babc90000000000000000"},"debug_key":"10654480690762958971","debug_reporting":true,"destination":["https://kaltire.com","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"691200","filter_data":{"14":["10282830","16216036","77417125","78645514","9421885","9419374","9418747"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["9848418"]},"max_event_level_reports":2,"priority":"0","source_event_id":"13167392344326848998"}
server: cafe

GET
DATA 200
OK truncated
/ Frame 32CF 77 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9fad15b366ee27ce9ab15c6ae8df3a111f4a7c41b2b8213106e1e40024088f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 32CF 91 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cf6740c4e4afaa51cebf7e04330a5e56d5007367884977ed52ea519512c29a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 32CF 115 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 094151af99195a780122ee68b6707484a5a397c0553b62402f8dbe5f460b4a6a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 32CF 68 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3560355268d0d186399ff32b7f93c530fd277218134613af66d30c83d38bf57a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 32CF 93 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aba311b69f0b9f52727cdbe465868a06104b4833f9e0abcd8a3258051475b1d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 csc-event
analytics.adcanvas.com/ Frame 32CF 37 B
214 B 132ms
131ms Image
image/gif 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.adcanvas.com/csc-event?p=0%3Am3woamcx%3A3hcmr46bVg7cYu5tWMnHFEp9tgfV7VeF&s=0%3Am3woamcx%3AwazZQQDIVNRM7uLNXTySHXYV4TkvYtsw&v=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys&t=eventParameters&a=qU1tZUApy0e2&e=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys7&c=m3woamom&n=f&f=f&l=about%3Ablank&r=https%3A%2F%2Fwww.btimesonline.com%2F&i=18g&j=xc&k=1&w=8c&h=6y&u=(scategory!Framework!saction!Ad%20Rendered!srt!0!sts!414!siv!0!sol!1!)&x=y3252j
Requested by: Host: blank
URL: about:blank
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache, proxy-revalidate
cf-cache-status: DYNAMIC
etag: "666ab23d-25"
cf-ray: 8e7fba957a2b0fa8-EWR
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: image/gif
last-modified: Thu, 13 Jun 2024 08:47:57 GMT
server: cloudflare

GET
DATA 200
OK truncated
/ Frame 32CF 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e620de1ad67546033292af0ab94a1326fd77a9ee5b439ed060bcd71d1e7c6f97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 32CF 46 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a894012dfc39a34f29b428f7ee2e96d128d1c10cb40267c0fbfdb6098fbee45

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

POST
H3 204 AGSKWxXlwsnssDJY3MY6SrDJfKAAd44fXA-nEyHGwheqwCmt51qzhryCa0OZCFlNocvpWR8eV83lBtDFZOKWFmbeIvSAqqr0-e77XfQj5U2rhOC1Tox9Zlf05kZeV-Frx1OuxZXDVOagOQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 71ms
70ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXlwsnssDJY3MY6SrDJfKAAd44fXA-nEyHGwheqwCmt51qzhryCa0OZCFlNocvpWR8eV83lBtDFZOKWFmbeIvSAqqr0-e77XfQj5U2rhOC1Tox9Zlf05kZeV-Frx1OuxZXDVOagOQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3YezBEERuKwiPevZYp17QA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.btimesonline.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBicEqfwRoCxAxfr7ByALEQD8fGfRN2sQmsaLr9n1HJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGlrqGZjGFxgAAB9FJlI"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3YezBEERuKwiPevZYp17QA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.btimesonline.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXlwsnssDJY3MY6SrDJfKAAd44fXA-nEyHGwheqwCmt51qzhryCa0OZCFlNocvpWR8eV83lBtDFZOKWFmbeIvSAqqr0-e77XfQj5U2rhOC1Tox9Zlf05kZeV-Frx1OuxZXDVOagOQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 74ms
73ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXlwsnssDJY3MY6SrDJfKAAd44fXA-nEyHGwheqwCmt51qzhryCa0OZCFlNocvpWR8eV83lBtDFZOKWFmbeIvSAqqr0-e77XfQj5U2rhOC1Tox9Zlf05kZeV-Frx1OuxZXDVOagOQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tcoNiSdqwnQKz6VzjyLmPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.btimesonline.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1ZBicEqfwRoCxAxfr7ByALEQD8fGfRN2sQk8WLa8kUnJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGlrqGZjGFxgAAAvAJgY"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tcoNiSdqwnQKz6VzjyLmPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.btimesonline.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXlwsnssDJY3MY6SrDJfKAAd44fXA-nEyHGwheqwCmt51qzhryCa0OZCFlNocvpWR8eV83lBtDFZOKWFmbeIvSAqqr0-e77XfQj5U2rhOC1Tox9Zlf05kZeV-Frx1OuxZXDVOagOQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 74ms
73ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXlwsnssDJY3MY6SrDJfKAAd44fXA-nEyHGwheqwCmt51qzhryCa0OZCFlNocvpWR8eV83lBtDFZOKWFmbeIvSAqqr0-e77XfQj5U2rhOC1Tox9Zlf05kZeV-Frx1OuxZXDVOagOQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZqGYb3sloMkLo2EM7EHFWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.btimesonline.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBicEqfwRoCxAxfr7ByALEQD8fGfRN2sQl86DvZyKTkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAwNDS31DEzjCwwAD4omFw"
content-security-policy: script-src 'report-sample' 'nonce-ZqGYb3sloMkLo2EM7EHFWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.btimesonline.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVRWS7zI1amNRe5D5cIFGjb821HY9-XEwOpUKIYlWqb4VIVxBMgVDaSPpJqbAEblGLqZrhZiLpVdJBMKOTQ819qpv52Oc6dIUk5mYjGdI0Zs89J4-DweBprOEVZnlVSUn27ViwQPQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 77ms
77ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVRWS7zI1amNRe5D5cIFGjb821HY9-XEwOpUKIYlWqb4VIVxBMgVDaSPpJqbAEblGLqZrhZiLpVdJBMKOTQ819qpv52Oc6dIUk5mYjGdI0Zs89J4-DweBprOEVZnlVSUn27ViwQPQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNTE3NjgxLDUwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuYnRpbWVzb25saW5lLmNvbS8iLG51bGwsW1s4LCI5ejVrZGR0S2ZVbyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ab6e393c1a0f2c21619e02e10063abcc6ea2b0ed5092b8ab6322e5b7cb33e47

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mLp41Hp-YHG5J7lTTKHNhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAeLbTVdYHwMxw9crrBxALMTDsXHfhF1sAi_mX2xjUtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxNDS01DMwjC8wAABAf0Hh"
content-security-policy: script-src 'report-sample' 'nonce-mLp41Hp-YHG5J7lTTKHNhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 32CF
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/2184108/81709832/skeleton.js?ias_advId=${ACCOUNT_ID}&ias_creativeId=0&ias_campId=9059957&ias_placementId=9160212&adsafe_par&ias_impId=545556141584809984&cus...
https://static.adsafeprotected.com/skeleton.js

17 B
463 B

62ms
58ms

Script
application/javascript

2600:9000:247b:5400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 2600:9000:247b:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
age: 18393
x-cache: Hit from cloudfront
x-amz-cf-id: y-H1JJwE8xN4R-nclakp4Ps6SQZqsvq6ynIbNYpI59GoU1IAoKHvxw==
date: Mon, 25 Nov 2024 01:48:09 GMT
content-type: application/javascript
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 19f6dea8d52f4770f090ce0929599570.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 17
x-amz-cf-pop: JFK52-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

cache-control: no-cache
location: https://static.adsafeprotected.com/skeleton.js
content-length: 0
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Mon, 25 Nov 2024 06:54:41 GMT
pragma: no-cache
server: Apache-Coyote/1.1

GET
H2 200 sca.17.6.4.js Show response
static.adsafeprotected.com/ Frame 90B0 91 KB
23 KB 45ms
43ms Script
application/javascript 2600:9000:247b:5400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.4.js
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
etag: W/"8fa66f8b94450bd040e7b5a7550c52de"
age: 18392
x-cache: Hit from cloudfront
x-amz-cf-id: ZESgQHFW27iGSi9tnzxbDUIGgvxh6iEwSvvjdlVo3vgVIY62egei9A==
date: Mon, 25 Nov 2024 01:48:09 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 May 2024 16:44:02 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 19f6dea8d52f4770f090ce0929599570.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 204 v1
pixel.quantserve.com/ias/ Frame 32CF 0
102 B 43ms
41ms Image
text/plain 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/ias/v1?r=[cachebuster]&labels=_ias.measurable&iid=545556141584809984&a=p-y6Nyh2U0YDhwK&cid=0db7da09-48fe-4f9a-a403-b8a4a6ba0d62&bid=b3250fcd-94c7-400d-a2a6-7ea121b78ec8&gdpr=[gdpr]&gdpr_consent=[gdpr_consent]

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date: Mon, 25 Nov 2024 06:54:41 GMT
strict-transport-security: max-age=86400
cache-control: private, no-store, proxy-revalidate

GET
H2 200 /
pixel.adsafeprotected.com/ Frame 32CF 43 B
197 B 109ms
108ms Image
image/gif 52.73.131.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/?anId=926884&advId=quantcast&campId=onMeasurable&impId=545556141584809984&custom=0db7da09-48fe-4f9a-a403-b8a4a6ba0d62&custom2=b3250fcd-94c7-400d-a2a6-7ea121b78ec8&custom3=p-y6Nyh2U0YDhwK
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.73.131.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-131-229.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Mon, 25 Nov 2024 06:54:41 GMT
pragma: no-cache
content-type: image/gif
server: Apache-Coyote/1.1

POST
H3 204 AGSKWxX1Qs_UqIcl_yq8TyBLM34j8d3j12yLInV8mdh3vSV1WUpm8vgnfxK-FdfBEEtRp7PzRFK2oeL-HVCcFuTpOcb36OljwOMCKoXHEQgyN7_9TaMclslutKW-_H6kL8nZ_ExJW8euZQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 82ms
80ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX1Qs_UqIcl_yq8TyBLM34j8d3j12yLInV8mdh3vSV1WUpm8vgnfxK-FdfBEEtRp7PzRFK2oeL-HVCcFuTpOcb36OljwOMCKoXHEQgyN7_9TaMclslutKW-_H6kL8nZ_ExJW8euZQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Sa3jwlQzTbbMtAnelRE-Ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.btimesonline.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BicEqfwRoCxAxfr7ByALEQD8fGfRN2sQl0nPp6i0nJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGlrqGZjGFxgAACwOJno"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Sa3jwlQzTbbMtAnelRE-Ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.btimesonline.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 331ms
96ms Image
image/gif 2600:1f13:800:7781:6056:61c2:f314:9e75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=2184108&asId=bf260958-3f8f-b78c-5ac4-93fa4788eb73&tv=%7Bc:v1stKB,pingTime:-2,time:625,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:345,beZ:347,mfA:834,cmA:836,inA:836,inZ:841,prA:841,prZ:850,si:859,poA:860,poZ:887,cmZ:887,mfZ:887,loA:953,loZ:957,ltA:969,ltZ:969,mdA:348,mdZ:639%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:88,vs:i,r:,w:300,h:250,t:513%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:625,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:513,wc:30.30.1600.1200,ac:30.980.300.250,am:i,cc:30.980.300.250,piv:88,obst:0,th:0,reas:,bkn:%7Bpiv:%5B132~75%5D,as:%5B132~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:uv7tCZm+11%7C12%7C13%7C14%7C15%7C16111%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i*.2184108-81709832%7C1j1%7C1j2%7C1j3,idMap:1i*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:CANVAS.qs,siq:514,slid:%5BIL_SR_RESULT_CONTENT,IL_SR_AD_AREA,d_IL_INSEARCH%5D,msd:0,ph:6562,sinceFw:108,readyFired:true%7D&br=c
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f13:800:7781:6056:61c2:f314:9e75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: image/gif
server: nginx
x-server-name: dt03.or.303net.net

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D8E1 42 B
65 B 54ms
52ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshJxCtIYvWvnT7X8EMw4qmGt0mF3QGEq0sAc1YOgIV8d4rqnds4xR11sNQapTsYvRTJ4sOZ6KIfZApKeK_K8LqvLvwANJNuzknHeL5lbrOMK5bnUdZaL-jqq2GaRxt8X1XKq1kmXb9kZvT_fKBJSZgz9Wk_7VwVR18u74Dm2-xsDz9XLmEfUMVF2SF83wFOBpmEQ&sig=Cg0ArKJSzE2ryqi_cW8mEAE&id=lidar2&mcvt=1001&p=1142,236,1232,964&tm=1169.8999996185303&tu=169.10000038146973&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20241120&bin=7&avms=nio&bs=1600,1200&mc=0.64&vu=1&app=0&itpl=3&adk=1336461009&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2845048000&rst=1732517680302&rpt=415&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 25 Nov 2024 06:54:41 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 dcl.htm Show response
rt3021.infolinks.com/action/ 0
62 B 71ms
70ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3021.infolinks.com/action/dcl.htm?rid=6dff43e5-279e-4c24-ba2a-c3e13328b05c&prod_t=d&sdata=apple&bdc=1&midx=0&capara=%7B%22ve%22%3A%22mrc50%22%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache,no-store
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 8e7fba96ee79a250-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: text/html;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: cloudflare

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 269ms
95ms Image
image/gif 2600:1f13:800:7781:6056:61c2:f314:9e75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=2184108&asId=bf260958-3f8f-b78c-5ac4-93fa4788eb73&tv=%7Bc:v1stLB,time:687,type:e,sca:%7Beng:b,tss:%7Blts:2024-11-2422.54.41,tzo:480,tzn:America/Vancouver%7D,exr:%7Bexs:objectExternal%7D,mob:%7Bori:0,ges:0,tch:0%7D,prp:%7Bnot:1,csi:1,msl:0,hdl:1,aps:0,hae:1,ito:1,sec:1%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:687,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:513,wc:30.30.1600.1200,ac:30.980.300.250,am:i,cc:30.980.300.250,piv:88,obst:0,th:0,reas:,bkn:%7Bpiv:%5B194~75%5D,as:%5B194~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:uv7tCZm+11%7C12%7C13%7C14%7C15%7C16111%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i*.2184108-81709832%7C1j1%7C1j2%7C1j3,idMap:1i*,rmeas:1,rend:1,renddet:CANVAS.qs,siq:514,msd:0,ph:6562,sis:683%7D&br=c
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f13:800:7781:6056:61c2:f314:9e75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Mon, 25 Nov 2024 06:54:41 GMT
content-type: image/gif
server: nginx
x-server-name: dt18.or.303net.net

GET
H2 200 dcl.htm Show response
rt3021.infolinks.com/action/ 0
63 B 89ms
81ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3021.infolinks.com/action/dcl.htm?rid=6dff43e5-279e-4c24-ba2a-c3e13328b05c&prod_t=f&sdata=king&bdc=2&midx=0&capara=%7B%22ve%22%3A%22mrc50%22%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1970.003-4.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache,no-store
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 8e7fba99cffda250-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
date: Mon, 25 Nov 2024 06:54:42 GMT
content-type: text/html;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: cloudflare

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 89ms
70ms Image
image/gif 2600:1f13:800:7781:6056:61c2:f314:9e75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=2184108&asId=bf260958-3f8f-b78c-5ac4-93fa4788eb73&tv=%7Bc:v1stTR,pingTime:-10,time:1199,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8NDgwfHxNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMzEuMC4wLjAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1732517682251%7C%7C600b1f8003e89913631293609cb56504%7C%7Ca11f5da7336cfe2e2fd950a3d968fdb0%7C%7Cc01ee6c5238a4ec3035add57e3ef96ee%7C%7Ce1994ce4ee62de719d8d63833b3a888b%7C%7C9958adf2a64aa5ee4c701acd6c41936f%7C%7C0d15002fb39a0a9cabb9ef98900c3721%7C%7Cb7387c646d970945fea22301066838b5%7C%7C1715618633%7D
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f13:800:7781:6056:61c2:f314:9e75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Mon, 25 Nov 2024 06:54:42 GMT
content-type: image/gif
server: nginx
x-server-name: dt04.or.303net.net

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 71FF 42 B
65 B 51ms
51ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnb5ir73T2ncd6oBFRCHE_fOtaTSOfsGyjuRFs8embdWI7DZ_EKFscQTAsLTQ4KHxFq6gfT9F0tissZJlyS0z5qJW0cipSGPD1rGSW5RN7MjW842tR-C5YfMW6OkUznev24Q-uQbFjMBZYBOjSWv4&sig=Cg0ArKJSzM-iKIX010WlEAE&id=lidar2&mcvt=1007&p=0,0,600,160&tm=1242.5&tu=236&mtos=343,1007,1007,1007,1007&tos=343,664,0,0,0&v=20241120&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2845048101&rst=1732517680764&rpt=685&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 25 Nov 2024 06:54:42 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 82ms
80ms Image
image/gif 2600:1f13:800:7781:6056:61c2:f314:9e75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=2184108&asId=bf260958-3f8f-b78c-5ac4-93fa4788eb73&tv=%7Bc:v1su0v,pingTime:1,time:1611,type:p,clog:%5B%7Bpiv:88,vs:i,r:,w:300,h:250,t:513%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1611,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:513,wc:30.30.1600.1200,ac:30.980.300.250,am:i,cc:30.980.300.250,piv:88,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1118~75%5D,as:%5B1118~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:114,fm:uv7tCZm+11%7C12%7C13%7C14%7C15%7C16111%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i*.2184108-81709832%7C1j1%7C1j2%7C1j3,idMap:1i*,rmeas:1,rend:1,renddet:CANVAS.qs,siq:514,msd:0,ph:6562,sis:683%7D&br=c
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f13:800:7781:6056:61c2:f314:9e75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Mon, 25 Nov 2024 06:54:42 GMT
content-type: image/gif
server: nginx
x-server-name: dt07.or.303net.net

GET
H2 204 v1
pixel.quantserve.com/ias/ Frame 32CF 0
102 B 41ms
40ms Image
text/plain 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/ias/v1?r=[cachebuster]&labels=_ias.viewable&iid=545556141584809984&a=p-y6Nyh2U0YDhwK&cid=0db7da09-48fe-4f9a-a403-b8a4a6ba0d62&bid=b3250fcd-94c7-400d-a2a6-7ea121b78ec8&gdpr=[gdpr]&gdpr_consent=[gdpr_consent]

Requested by

Host: www.btimesonline.com
URL: https://www.btimesonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date: Mon, 25 Nov 2024 06:54:42 GMT
strict-transport-security: max-age=86400
cache-control: private, no-store, proxy-revalidate

GET
H2 200 /
pixel.adsafeprotected.com/ Frame 32CF 43 B
197 B 61ms
60ms Image
image/gif 52.73.131.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/?anId=926884&advId=quantcast&campId=onInViewMRC&impId=545556141584809984&custom=0db7da09-48fe-4f9a-a403-b8a4a6ba0d62&custom2=b3250fcd-94c7-400d-a2a6-7ea121b78ec8&custom3=p-y6Nyh2U0YDhwK
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.73.131.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-131-229.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Mon, 25 Nov 2024 06:54:42 GMT
pragma: no-cache
content-type: image/gif
server: Apache-Coyote/1.1

GET
H3 200 csc-event
analytics.adcanvas.com/ Frame 32CF 37 B
214 B 125ms
124ms Image
image/gif 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.adcanvas.com/csc-event?p=0%3Am3woamcx%3A3hcmr46bVg7cYu5tWMnHFEp9tgfV7VeF&s=0%3Am3woamcx%3AwazZQQDIVNRM7uLNXTySHXYV4TkvYtsw&v=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys&t=eventParameters&a=qU1tZUApy0e2&e=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys8&c=m3woanlt&n=f&f=f&l=about%3Ablank&r=https%3A%2F%2Fwww.btimesonline.com%2F&i=18g&j=xc&k=1&w=8c&h=6y&u=(scategory!Framework!saction!Ad%20is%20in%20view!srt!1!sts!1675!siv!1!sol!1!)&x=-622w7j
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache, proxy-revalidate
cf-cache-status: DYNAMIC
etag: "666ab23d-25"
cf-ray: 8e7fba9cfeb60fa8-EWR
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
date: Mon, 25 Nov 2024 06:54:42 GMT
content-type: image/gif
last-modified: Thu, 13 Jun 2024 08:47:57 GMT
server: cloudflare

GET
H3 200 csc-event
analytics.adcanvas.com/ Frame 32CF 37 B
214 B 124ms
123ms Image
image/gif 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.adcanvas.com/csc-event?p=0%3Am3woamcx%3A3hcmr46bVg7cYu5tWMnHFEp9tgfV7VeF&s=0%3Am3woamcx%3AwazZQQDIVNRM7uLNXTySHXYV4TkvYtsw&v=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys&t=eventParameters&a=qU1tZUApy0e2&e=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys9&c=m3woanlu&n=f&f=f&l=about%3Ablank&r=https%3A%2F%2Fwww.btimesonline.com%2F&i=18g&j=xc&k=1&w=8c&h=6y&u=(scategory!Paging!saction!Page%20seen%20%5BFirst%20media%5D!srt!0!sts!399!siv!0!sol!1!)&x=-scjfhz
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache, proxy-revalidate
cf-cache-status: DYNAMIC
etag: "666ab23d-25"
cf-ray: 8e7fba9cfeb70fa8-EWR
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
date: Mon, 25 Nov 2024 06:54:42 GMT
content-type: image/gif
last-modified: Thu, 13 Jun 2024 08:47:57 GMT
server: cloudflare

GET
H3 200 csc-event
analytics.adcanvas.com/ Frame 32CF 37 B
214 B 135ms
135ms Image
image/gif 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.adcanvas.com/csc-event?p=0%3Am3woamcx%3A3hcmr46bVg7cYu5tWMnHFEp9tgfV7VeF&s=0%3Am3woamcx%3AwazZQQDIVNRM7uLNXTySHXYV4TkvYtsw&v=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys&t=eventParameters&a=qU1tZUApy0e2&e=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuysa&c=m3woanlu&n=f&f=f&l=about%3Ablank&r=https%3A%2F%2Fwww.btimesonline.com%2F&i=18g&j=xc&k=1&w=8c&h=6y&u=(scategory!Framework!saction!Ad%20revealed!srt!0!sts!1183!siv!0!sol!1!)&x=xw569p
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache, proxy-revalidate
cf-cache-status: DYNAMIC
etag: "666ab23d-25"
cf-ray: 8e7fba9cfeb80fa8-EWR
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
date: Mon, 25 Nov 2024 06:54:42 GMT
content-type: image/gif
last-modified: Thu, 13 Jun 2024 08:47:57 GMT
server: cloudflare

GET
H3 200 csc-event
analytics.adcanvas.com/ Frame 32CF 37 B
214 B 133ms
132ms Image
image/gif 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.adcanvas.com/csc-event?p=0%3Am3woamcx%3A3hcmr46bVg7cYu5tWMnHFEp9tgfV7VeF&s=0%3Am3woamcx%3AwazZQQDIVNRM7uLNXTySHXYV4TkvYtsw&v=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys&t=eventParameters&a=qU1tZUApy0e2&e=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuysb&c=m3woanpg&n=f&f=f&l=about%3Ablank&r=https%3A%2F%2Fwww.btimesonline.com%2F&i=18g&j=xc&k=1&w=8c&h=6y&u=(scategory!Paging!saction!Auto%20Page%20seen%20%5BSecond%20media%5D!srt!125!sts!1799!siv!1!sol!1!)&x=-jbrv41
Requested by: Host: www.btimesonline.com
URL: https://www.btimesonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache, proxy-revalidate
cf-cache-status: DYNAMIC
etag: "666ab23d-25"
cf-ray: 8e7fba9dbf0c0fa8-EWR
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
date: Mon, 25 Nov 2024 06:54:42 GMT
content-type: image/gif
last-modified: Thu, 13 Jun 2024 08:47:57 GMT
server: cloudflare

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71FF 0
20 B 50ms
50ms Ping
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=130472989684&version=m202410070101&ct=76&x=13&cor=3220133032078685000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 25 Nov 2024 06:54:43 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 183ms
65ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3214604be59dc42e18984b4886f816030f27dfc2606b44fae53c0719a914dc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13104
date: Mon, 25 Nov 2024 06:54:43 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 favicon.ico
cdn.btimesonline.com/static/common/_v2.0.1/images/ 9 KB
10 KB 34ms
33ms Other
image/vnd.microsoft.icon 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.btimesonline.com/static/common/_v2.0.1/images/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2fc0436c16faeef7959f60cc405022281d7c429c25fe0cd2513afbbd23338c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: public, max-age=864000
etag: "25be-5a18fde160980"
x-fd-int-roxy-purgeid: 0
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_HIT
content-length: 9662
date: Mon, 25 Nov 2024 06:54:43 GMT
content-type: image/vnd.microsoft.icon
last-modified: Tue, 24 Mar 2020 01:42:41 GMT
x-azure-ref: 20241125T065443Z-r1d48674995qtf95hC1YMQzxfn00000005pg0000000097dk
x-frame-options: SAMEORIGIN

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 232ms
73ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js?osttc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 06:54:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 06:54:43 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 547F 0
0 209ms
60ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.btimesonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 06:51:23 GMT
expires: Mon, 25 Nov 2024 07:41:23 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame C1C6 0
0 201ms
59ms Document
text/html 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RHGjkSCn_zgDofpexgZ0Bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.btimesonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RHGjkSCn_zgDofpexgZ0Bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Nov 2024 06:54:43 GMT
expires: Mon, 25 Nov 2024 06:54:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 80ms
80ms Image
image/gif 2600:1f13:800:7781:6056:61c2:f314:9e75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=2184108&asId=bf260958-3f8f-b78c-5ac4-93fa4788eb73&tv=%7Bc:v1sv33,pingTime:5,time:5613,type:p,clog:%5B%7Bpiv:88,vs:i,r:,w:300,h:250,t:513%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:5613,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:513,wc:30.30.1600.1200,ac:30.980.300.250,am:i,cc:30.980.300.250,piv:88,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5120~75%5D,as:%5B5120~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:88,fm:uv7tCZm+11%7C12%7C13%7C14%7C15%7C16111%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i*.2184108-81709832%7C1j1%7C1j2%7C1j3,idMap:1i*,rmeas:1,rend:1,renddet:CANVAS.qs,siq:514,msd:0,ph:6562,sis:683%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f13:800:7781:6056:61c2:f314:9e75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.btimesonline.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Mon, 25 Nov 2024 06:54:46 GMT
content-type: image/gif
server: nginx
x-server-name: dt04.or.303net.net

GET
H3 200 csc-event
analytics.adcanvas.com/ Frame 32CF 37 B
215 B 124ms
123ms Image
image/gif 2606:4700:4400::6812:25cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.adcanvas.com/csc-event?p=0%3Am3woamcx%3A3hcmr46bVg7cYu5tWMnHFEp9tgfV7VeF&s=0%3Am3woamcx%3AwazZQQDIVNRM7uLNXTySHXYV4TkvYtsw&v=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuys&t=eventParameters&a=qU1tZUApy0e2&e=0%3AJNn4yzyFz9118487nxzHbgmQs3DYAuysc&c=m3woaqqy&n=f&f=f&l=about%3Ablank&r=https%3A%2F%2Fwww.btimesonline.com%2F&i=18g&j=xc&k=1&w=8c&h=6y&u=(scategory!Paging!saction!Auto%20Page%20seen%20%5BThird%20media%5D!srt!4069!sts!5743!siv!1!sol!1!)&x=dgr829
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:25cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache, proxy-revalidate
cf-cache-status: DYNAMIC
etag: "666ab23d-25"
cf-ray: 8e7fbab66d770fa8-EWR
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
date: Mon, 25 Nov 2024 06:54:46 GMT
content-type: image/gif
last-modified: Thu, 13 Jun 2024 08:47:57 GMT
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: datacdn.btimesonline.com
URL: https://datacdn.btimesonline.com/data/thumbs/full/123573/106/64/50/40/farther-lower.jpg

Domain: datacdn.btimesonline.com
URL: https://datacdn.btimesonline.com/data/thumbs/full/129329/370/222/50/40/terrified-king-charles-already-sees-prince-harry-as-emotionally-unstable-and-volatile-prior-to-royal-rift.jpg

Domain: datacdn.btimesonline.com
URL: https://datacdn.btimesonline.com/data/thumbs/full/129070/370/222/50/40/donald-trump.png

Domain: datacdn.btimesonline.com
URL: https://datacdn.btimesonline.com/data/thumbs/full/129304/370/222/50/40/u-s-and-global-anti-doping-agencies-clash-over-undercover-tactics.jpg

Domain: datacdn.btimesonline.com
URL: https://datacdn.btimesonline.com/data/thumbs/full/129914/119/80/50/40/iran-activates-advanced-centrifuges-after-iaea-censure-threatens-npt-exit.jpg

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTA8FaRwmJ7qE1HKmSCvQwmH3FaMbq_eoIyVhqlPUVcIFiYoZOoH3_l6WDM7Kma08cMCNE1LX--KRrMILEb2EQv45tXyg

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRmWIH61bH6Mqu-uUMnPEb-2WpeKpdar5F1HWJZNALxLrXajcJiKzgKTQ8oQlqWAt4Xat2NGMEn3eNbEkKbCMrbuX6pog

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7BdtlZZ5XlITZ2VcuxYwNtSH5JRbzIBjXyM0wjcDgBeURDRrMhOo8cfdUwjNPs9Wq2bPb5sYP7PRCUSN6BjsysiJ35g

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaROV89urZ4nXEQBf073HmfS8-BwNhG_B4CqnhdAYIyhdGHxpTBi8HVLDTsk7mlRi0HxB7_uT3QzyBTKd7N6MCa_n_7Ncw

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFI61sBTWaM_Mr4KWUIiN6A71Ec9QSzVeMzkFUuT7Gn5jV6cnWiE1NbIDssQ8LdzawkrvFezqME1-lyjiMX9L8EKCkCw

Domain: id5-sync.com
URL: https://id5-sync.com/g/v2/535.json

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241120&jk=3907910928481&bg=!-Pul-7TNAAaIaF9IqGg7ADQBe5WfOIynpHwnMnSXkOOekI-XDqM9sE3QbL5ZnMOv0nMIgfOzmMUVxbCb8kHVR7FsQJjGAgAAAHZSAAAAA2gBB34ANn0XulkW8ox4loKIDu0B0jzUPS1kyh9-bwIUJQpzwqHhK5zaK1Mfx3e3sL-5u5CAhnnzS3Cf65kCkF-eeh6eQ3D-vlV6b0ydII_ObkvCV8VO_WlZabVmIRC-eLu1nFgXF6iN1YCEGaZs5n2g3emjoI-v8JyZy0TFQ3U0rnX5uuMrU1W16airHKBaOp5uVF8QHpUAykpa0R5UN29kWMYj9PDV_-MuzIYDWFq5eH_G4erCTtFbDEO3s3TQC_6rIT_QUXh6p5MIef_io9OTIedQKPxv45dywfPPFhR6BBLv9KLpGlnrdErS2wCN6Vj7RJnCzwR06LqgX9TJX6vThxp8kpqDfB8anqP-fBerxoV4oMFRiOxONNIJG-fCl7QFzoroXN3EMCOruw3m-SlPQVptSuue-ILKt-LFmFlTJmk1nVWjMo28wWmuxxrIjHOEWJ4G_9DZMDQwICaKbS9NXtxzHsAdGn09bhKYiLQ5RmiGAhMPlsQyG8UE4N5jzaAGQzPcyXqsUyefHc7CSRuoUqXeU0w95l8l2twx6dQedB8KUVxUvW9Jx4U5xZWOhUxDc2Rs7CRMUMsuS1FPtwCPRECLbq5wc2KkPxhxVOSWPDCiXeutgKdjF8ufNbN7QYAezYQKyprYvKS-lbcSVsDBS_2Kseuw8E73LUqRdQrb5ecRHbZdka_Hb_CXNkNEtdBi5PFBGaQdHauzT6RaYK3vA-oodlwko596H6c1y73nOMbbDumhzpMQ6Hsh5jB5Va2n9bk1scVJftcl2w1ml6jLhNgNUGSdsi02pi2hL_Ey1kq8aamWQOfmhYwuHgTUxE95K6VOviAWOrmOS_QTjXIax4D3lXJKd-FuJ3ttVJvnR2IvHPBwvN-kjos97xFhC8dwlb4EWV_mjqV2stm4mT47cgRzdt5SXMgUIJ0nvxJvpK2bTXKIzntzdlefMRF_

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

161 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.smartadserver.com/api	1970-01-21 03:24:53	Name: pid Value: 2863399386314333900
.liadm.com/j	1970-01-21 10:51:17	Name: lidid Value: ebd86fa0-6eda-4dbc-a7bd-ca176698dc7e
www.btimesonline.com/	1970-01-21 01:25:22	Name: pm_a_b_test_indicator Value: 0.9462052556502005
www.btimesonline.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: c28083e9-22dc-41fb-99a1-8ecdfbacebe3
.infolinks.com/	1970-01-21 10:51:17	Name: cuid Value: 793acad7-aea6-4421-991b-d40ca6c2cb15
.pxl.iqm.com/	1970-01-21 01:58:29	Name: infolink Value: MTczMzcyNzI3OTkyNA==
.pxl.iqm.com/	1970-01-21 01:36:53	Name: iqm.retarget.uid Value: acbd0d45-dd79-44db-84fd-b6483daa5c9a
.3lift.com/	1970-01-21 03:24:53	Name: tluidp Value: 4217300107463019605309
.3lift.com/	1970-01-21 03:24:53	Name: tluid Value: 4217300107463019605309
.intentiq.com/	1970-01-21 10:51:17	Name: IQver Value: 1.9
.intentiq.com/	1970-01-21 10:51:17	Name: intentIQ Value: npBofoQFvH
.sharethrough.com/	1970-01-21 01:58:29	Name: stx_user_id Value: 09ae07ac-4800-4a2f-9e73-959fd9f8b65f
.adnxs.com/	1970-01-21 10:51:17	Name: receive-cookie-deprecation Value: 1
.infolinks.com/	1970-01-21 03:24:53	Name: IQMUS Value: acbd0d45-dd79-44db-84fd-b6483daa5c9a
.pubmatic.com/	1970-01-21 01:16:44	Name: KTPCACOOKIE Value: YES
.btimesonline.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .btimesonline.com
.infolinks.com/	1970-01-21 03:24:53	Name: OXUSERCOOKIE Value: 8fce9f28-e9ac-444d-aef5-871653e3fc87
.intentiq.com/	1970-01-21 10:51:17	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 10:51:17	Name: intentIQCDate Value: 1732517680106
.pubmatic.com/	1970-01-21 03:24:53	Name: SyncRTB4 Value: 1733702400%3A220
.pubmatic.com/	1970-01-21 10:00:53	Name: KADUSERCOOKIE Value: 6E1942DE-86D6-4057-97B4-D69097F8658E
.infolinks.com/	1970-01-21 03:24:53	Name: R1USERCOOKIE Value: OPTOUT
.infolinks.com/	1970-01-21 03:24:53	Name: EQVSERCOOKIE Value: 2863399386314333900
.infolinks.com/	1970-01-21 03:24:53	Name: SHTUSERCOOKIE Value: 09ae07ac-4800-4a2f-9e73-959fd9f8b65f
.infolinks.com/	1970-01-21 03:24:53	Name: TPLSERCOOKIE Value: 4217300107463019605309
.33across.com/	1970-01-21 10:00:53	Name: check Value: true
.btimesonline.com/	1970-01-21 10:51:17	Name: _lc2_fpi Value: 9f1e706a1e4b--01jdh1kn1x5yabyk2235n1rng5
.btimesonline.com/	1970-01-21 10:36:53	Name: __gads Value: ID=56c8d6d8c914d720:T=1732517680:RT=1732517680:S=ALNI_Mb0T9INUMffXwFwc6FCAT4DzpY3LQ
.btimesonline.com/	1970-01-21 10:36:53	Name: __gpi Value: UID=00000f9e3bdd6147:T=1732517680:RT=1732517680:S=ALNI_MY-4oxjH2TG8gzcD7KAVEF8kU4C1w
.btimesonline.com/	1970-01-21 05:34:29	Name: __eoi Value: ID=9fe19ef26c769c43:T=1732517680:RT=1732517680:S=AA-AfjbezBHSmb4iOGZKobiIYuFc
.go.sonobi.com/	1970-01-21 10:00:53	Name: __uis Value: 265fd673-12de-4488-9a02-f12e529026d8
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85147\|Z0QfM
.infolinks.com/	1970-01-21 03:24:53	Name: SONOBIUSERCOOKIE Value: 265fd673-12de-4488-9a02-f12e529026d8
.tapad.com/	1970-01-21 02:41:41	Name: TapAd_TS Value: 1732517680268
.tapad.com/	1970-01-21 02:41:41	Name: TapAd_DID Value: ba27e106-03d5-4d04-a3f0-e723e190bc3c
.adkernel.com/	1969-12-31 23:59:59	Name: SSPR_3 Value: aHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vcW9yYS11c3luYz91aWQ9QTI4NzA1MDI2NTk3OTYwMTg2NTM=
.adkernel.com/	1969-12-31 23:59:59	Name: DSP2F_3 Value: 336050
.casalemedia.com/	1970-01-21 10:00:53	Name: CMID Value: Z0QfMNHM56AAAA8YBTiDGwAA
.casalemedia.com/	1970-01-21 03:24:53	Name: CMPS Value: 5679
.casalemedia.com/	1970-01-21 03:24:53	Name: CMPRO Value: 5679
.doubleclick.net/	1970-01-21 10:51:17	Name: IDE Value: AHWqTUmrCqiiA13lBWpkhOh04DmiZdm7NC5u4ah_Ve3WGjQvKmEhcLl4tO7wfzDxBLk
.360yield.com/	1970-01-21 03:24:53	Name: tuuid Value: 932c216b-ba20-4ed1-8795-d09a2a8724c1
.360yield.com/	1970-01-21 03:24:53	Name: tuuid_lu Value: 1732517680
.technoratimedia.com/	1970-01-21 10:51:17	Name: tads_uidp_37 Value: 7b318323-2845-32d5-a121-bf65c7162a71
.technoratimedia.com/	1970-01-21 10:51:17	Name: tads_uidp_44 Value: M3WO5MG0-C-F47E
.technoratimedia.com/	1970-01-21 10:51:17	Name: tads_uidp_46 Value: 3350679481050283943
.technoratimedia.com/	1970-01-21 10:51:17	Name: tads_uidp_49 Value: AQAGEBDWuOsD4gJmbAFxAQEBAQEBAQCSYxdIIAEBAJJjF0gg
.technoratimedia.com/	1970-01-21 10:51:17	Name: tads_uidp_50 Value: 86596ee5-a1fd-4752-8f70-1c177b8cb810
.technoratimedia.com/	1970-01-21 10:51:17	Name: tads_uidp_61 Value: 212894043211339
.technoratimedia.com/	1970-01-21 10:51:17	Name: tads_uidp_62 Value: 3755186377034979000V10
.technoratimedia.com/	1970-01-21 10:51:17	Name: tads_uidp_64 Value: U-WHgrTJyGhvZOdItdg79hjP7yOfogLI
.technoratimedia.com/	1970-01-21 10:51:17	Name: tads_uidp_7 Value: e0dab0cc-7377-4cdd-b661-2912f4db4be9
.technoratimedia.com/	1970-01-21 10:51:17	Name: tads_uidp_76 Value: RX-ce7d9019-9ce1-4c6b-9b6c-7bbd0694c5a4-005
.technoratimedia.com/	1970-01-21 01:19:36	Name: tads_uidp_77 Value: c62B44vQ9zwLXM1XAjM1yd5VPTpSceCbTuE1dVePalo
.technoratimedia.com/	1970-01-21 01:19:36	Name: tads_uidp_79 Value: fc79a8eb-867d-41c1-b9c6-82bb37b6edf6
.technoratimedia.com/	1970-01-21 01:19:36	Name: tads_uidp_82 Value: Z0QeQ9HM578AABpQBYMoAgAA&5710
.technoratimedia.com/	1970-01-21 01:19:36	Name: tads_uidp_88 Value: 3345292130371583734930
.technoratimedia.com/	1970-01-21 10:51:17	Name: tads_uid Value: 2C71167EEB6147AA8DCE52E95AA25E80
.technoratimedia.com/	1970-01-21 10:51:17	Name: tads_uid_cd Value: 20241124013857+0000
.technoratimedia.com/	1970-01-21 10:51:17	Name: tads_zora Value: 2
.adkernel.com/	1970-01-21 01:58:29	Name: ADKUID Value: A4654690827171194088
.lijit.com/	1970-01-21 10:00:53	Name: ljt_reader Value: JuXeALZHKH1KLWZLTtyOHzuv
.media.net/	1970-01-21 10:00:53	Name: visitor-id Value: 3755192807034996000V10
.media.net/	1970-01-21 03:24:53	Name: data-inf Value: setstatuscode~~41
.contextweb.com/	1970-01-21 09:53:41	Name: V Value: GsP3EXnz0qSG
.contextweb.com/	1970-01-21 09:53:41	Name: VP Value: part_GsP3EXnz0qSG
.contextweb.com/	1970-01-21 10:00:53	Name: pb_rtb_ev Value: 3-1uyp\|8vA.0.1
.contextweb.com/	1970-01-21 10:00:53	Name: pb_rtb_ev_part Value: 3-1uyp\|8vA.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 1e4f3fad4bc8d6fc
.liadm.com/	1970-01-21 10:51:17	Name: lidid Value: ebd86fa0-6eda-4dbc-a7bd-ca176698dc7e
.infolinks.com/	1970-01-21 03:24:53	Name: FRWHUSERCOOKIE Value: ea9a93e8dfa057cc4b482c73e626e19
.admanmedia.com/	1970-01-21 01:35:25	Name: admtr Value: fa19fc51-2dba-40f5-a753-d5d47c2f3641
.admanmedia.com/	1970-01-21 01:35:25	Name: ac_r Value: CS310
.infolinks.com/	1970-01-21 03:24:53	Name: URUSERCOOKIE Value: OPTOUT
.emxdgt.com/	1970-01-21 03:24:53	Name: uid Value: 47481732517680529080ba
.ads.oveeo.com/	1970-01-21 03:29:12	Name: vmuid Value: eda56d2ed590bf21
.onetag-sys.com/	1970-01-21 10:45:04	Name: OTP Value: QA86a3BHRsAoFvrL818Bz3A5uShWQHQBtEmGKFsWWzA
.infolinks.com/	1970-01-21 03:24:53	Name: PLPOUSERCOOKIE Value: GsP3EXnz0qSG
.infolinks.com/	1970-01-21 03:24:53	Name: IMDSUC Value: 2C71167EEB6147AA8DCE52E95AA25E80
.serverbid.com/	1970-01-21 01:36:53	Name: CONSUMABLEID Value: ee93d55da3e64c5093d55da3e68c5002
.quantserve.com/	1970-01-21 10:45:32	Name: mc Value: 67441f30-8de06-91cec-9bc34
.quantserve.com/	1970-01-21 03:24:53	Name: sp Value: CgkI7ugGEgMQ_Q0=
.infolinks.com/	1970-01-21 03:24:53	Name: IXUSERCOOKIE Value: Z0QfMNHM56AAAA8YBTiDGwAA&5679
.infolinks.com/	1970-01-21 03:24:53	Name: MNETUSERCOOKIE Value: 3755192807034996000V10
.infolinks.com/	1970-01-21 03:24:53	Name: KADUSERCOOKIE Value: 6E1942DE-86D6-4057-97B4-D69097F8658E~1732525456585
.infolinks.com/	1970-01-21 03:24:53	Name: ILLUUC Value: fa19fc51-2dba-40f5-a753-d5d47c2f3641
.infolinks.com/	1970-01-21 03:24:53	Name: IMDUSERCOOKIE Value: 932c216b-ba20-4ed1-8795-d09a2a8724c1
.infolinks.com/	1970-01-21 03:24:53	Name: OVEUS Value: eda56d2ed590bf21
.inmobi.com/	1970-01-21 10:00:53	Name: TEST-COOKIE Value: YES
.pubmatic.com/	1970-01-21 03:24:53	Name: KRTBCOOKIE_80 Value: 22987-CAESEKAic7tL7bi3R0lkel7GNZ4&KRTB&16514-CAESEKAic7tL7bi3R0lkel7GNZ4&KRTB&23025-CAESEKAic7tL7bi3R0lkel7GNZ4&KRTB&23386-CAESEKAic7tL7bi3R0lkel7GNZ4
.pubmatic.com/	1970-01-21 01:58:29	Name: PugT Value: 1732517680
.mgid.com/	1970-01-21 01:35:27	Name: lmg_usr Value: e35e17c5-4817-47dd-a6db-3db52e486d88
.mgid.com/	1970-01-21 01:35:27	Name: lmg_r Value: 13
.infolinks.com/	1970-01-21 03:24:53	Name: SOVRNUSERCOOKIE Value: JuXeALZHKH1KLWZLTtyOHzuv
.infolinks.com/	1970-01-21 03:24:53	Name: CONSUSERCOOKIE Value: ee93d55da3e64c5093d55da3e68c5002
.infolinks.com/	1970-01-21 03:24:53	Name: QCUSERCOOKIE Value: HufBDBm2xggF6JFdGObYARmzkFsF6ZdbG-Ra1YgC
.infolinks.com/	1970-01-21 03:24:53	Name: OTUSERCOOKIE Value: WmSBORr20zD6asPq_zDGcqJvxu--cF6aUxMeQDumnKg
.adsrvr.org/	1970-01-21 10:00:53	Name: TDID Value: c0b4cce1-8776-46f4-aef3-aa64b95810cc
.inmobi.com/	1970-01-21 10:00:53	Name: iid Value: ID5-5-6d9a28d2-07bc-4855-8f47-a603bc4eb437
.pubmatic.com/	1970-01-21 01:16:44	Name: pi Value: 156872:3
.pubmatic.com/	1970-01-21 03:24:53	Name: chkChromeAb67Sec Value: 3
.infolinks.com/	1970-01-21 01:35:27	Name: MGIDUSERCOOKIE Value: e35e17c5-4817-47dd-a6db-3db52e486d88
.colossusssp.com/	1970-01-21 10:00:53	Name: gtm_usr Value: 014c0234-2f36-42a9-b48c-c64238eb3351
.colossusssp.com/	1970-01-21 10:00:53	Name: lmg_r Value: 99
.pubmatic.com/	1970-01-21 01:58:29	Name: SPugT Value: 1732517680
.csync.loopme.me/	1970-01-21 03:27:46	Name: viewer_token Value: 9017f440-1e5a-4f60-814e-851973436071
.infolinks.com/	1970-01-21 03:24:53	Name: INMUSC Value: ID5-5-6d9a28d2-07bc-4855-8f47-a603bc4eb437
.ingage.tech/	1970-01-21 01:15:25	Name: instUid Value: 63b23066-e251-4555-b56e-7baeabaefaba
.ingage.tech/	1970-01-21 01:15:19	Name: __cf_bm Value: T2Dysb15rNigoS50KBy9ojb.A0RuKcxLX.QMs6_EePw-1732517680-1.0.1.1-VVyPjnQobPqzgBVi6TiBvSXfdi1UWb_EylnOJWNziXMHVRP_huv1KkZnotG14JAtpcZuz9T_k5aYuxbR4fjCuw
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.infolinks.com/	1970-01-21 03:24:53	Name: COLSUC Value: 014c0234-2f36-42a9-b48c-c64238eb3351
.33across.com/	1970-01-21 10:00:53	Name: 33x_ps Value: u%3D212893678131116%3As1%3D1732517680825%3Ats%3D1732517680825
.infolinks.com/	1970-01-21 03:24:53	Name: PUBMUSERCOOKIE Value: 6E1942DE-86D6-4057-97B4-D69097F8658E
.rfihub.com/	1970-01-21 10:36:53	Name: rud Value: H4sIAAAAAAAA_-MSNrIwsDQ3NTYzsjQxNza1MDYyNhLiM9T1D9M1yzcOTnMLzTYBAOc92u8lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrIwsDQ3NTYzsjQxNza1MDYyNhLiM9T1D9M1yzcOTnMLzTYBAOc92u8lAAAA
.rfihub.com/	1970-01-21 10:36:53	Name: eud Value: H4sIAAAAAAAA_1slzmtobmxkamhuZmFgYW4JACctpUoQAAAA
.infolinks.com/	1970-01-21 03:24:53	Name: LOPMUSERCOOKIE Value: 9017f440-1e5a-4f60-814e-851973436071
.infolinks.com/	1970-01-21 03:24:53	Name: INSTUC Value: 63b23066-e251-4555-b56e-7baeabaefaba
.disqus.com/	1970-01-21 10:00:53	Name: zeta-ssp-user-id Value: ua-66c06b4f-9940-35ac-b625-e93132c67b60
.e-planning.net/	1970-01-21 10:51:17	Name: E Value: AN2zDhOGbHyHfcis
.infolinks.com/	1970-01-21 03:24:53	Name: 33AUSERCOOKIE Value: 212893678131116
.infolinks.com/	1970-01-21 03:24:53	Name: ZTUSERCOOKIE Value: 2809753629473583232
.infolinks.com/	1970-01-21 03:24:53	Name: TAUSERCOOKIE Value: ba27e106-03d5-4d04-a3f0-e723e190bc3c
.infolinks.com/	1970-01-21 03:24:53	Name: EPUSERCOOKIE Value: AN2zDhOGbHyHfcis
.doubleclick.net/	1970-01-21 05:34:29	Name: APC Value: AfxxVi4fyWflVmPrE_EIRRPMy3rtbcZAs12e3XRvZbGTPK63HOkILw
.doubleclick.net/	1970-01-21 05:34:29	Name: receive-cookie-deprecation Value: 1
.tapad.com/	1970-01-21 02:41:41	Name: TapAd_3WAY_SYNCS Value: 1!7926
.adkernel.com/	1969-12-31 23:59:59	Name: SSPR_40 Value: aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9MjcmYnV5ZXJ1aWQ9QTQ2NTQ2OTA4MjcxNzExOTQwODgmcj1DaWQxWVMwMk5tTXdObUkwWmkwNU9UUXdMVE0xWVdNdFlqWXlOUzFsT1RNeE16SmpOamRpTmpBcVVtaDBkSEJ6T2k4dmNtOTFkR1Z5TG1sdVptOXNhVzVyY3k1amIyMHZaSGx1TDJScGMzVnpQM1ZwWkQxMVlTMDJObU13Tm1JMFppMDVPVFF3TFRNMVlXTXRZall5TlMxbE9UTXhNekpqTmpkaU5qQXlBaHNPT0FFPQ==
.adkernel.com/	1969-12-31 23:59:59	Name: SSPZ Value: 176971
.adkernel.com/	1969-12-31 23:59:59	Name: DSP2F_40 Value: 649146
.doubleclick.net/	1970-01-21 01:58:29	Name: ar_debug Value: 1
.sitescout.com/	1970-01-21 10:00:53	Name: ssi Value: 305b20f5-ac6d-4f0a-9fbd-19858c1f2fc5#1732517681433
.sitescout.com/	1970-01-21 01:58:29	Name: _ssuma Value: eyIyNCI6MTczMjUxNzY4MTUwNiwiMzkiOjE3MzI1MTc2ODE1MDYsIjciOjE3MzI1MTc2ODE1MDZ9
.mediago.io/	1970-01-21 10:00:53	Name: __mguid_ Value: e94ce74f277f57f42j5b2f00m3woamp1
.demdex.net/	1970-01-21 05:34:29	Name: demdex Value: 31218667541115230780252338436153719230
.amazon-adsystem.com/	1970-01-21 06:29:12	Name: ad-id Value: A1lqq5HbKEi4qsSoZfepO4M
.amazon-adsystem.com/	1970-01-21 10:51:17	Name: ad-privacy Value: 0
.btimesonline.com/	1970-01-21 10:00:53	Name: FCNEC Value: %5B%5B%22AKsRol_bI0kEsOqgOnHpROVt2KoYOHdAhABBy742bMtdJMOOKKRIU6MN1_oZdIbWVDGsaureRckcTZSpFBF5-aovMplSVGivd0vcPeeQ9enMawXY8bM34QRdEEryHhSrlrdayJznMSfl1Bfqu2RG_mUD0E8snY0b4w%3D%3D%22%5D%5D
.dpm.demdex.net/	1970-01-21 05:34:29	Name: dpm Value: 31218667541115230780252338436153719230
.bttrack.com/	1970-01-21 03:24:53	Name: GLOBALID Value: 2uKlc8-sIBd987FnX3y_HOWEe3AEXyyH83A45QzLI0NwQDpriI5G04Cy42aqnvdVImr2_yE3yZQC4TM1
.rubiconproject.com/	1970-01-21 10:00:53	Name: khaos Value: M3WOAMVZ-4-1O70
.rubiconproject.com/	1970-01-21 10:00:53	Name: khaos_p Value: M3WOAMVZ-4-1O70
.adsrvr.org/	1970-01-21 10:00:53	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjo6f-WgsrGPRAFEhUKBmNhc2FsZRILCK7jxpmCysY9EAUSFgoHcnViaWNvbhILCKr645-CysY9EAUYASADKAIyCwiu4ILEmMrGPRAFOAFaBXRhcGFkYAI.
.crwdcntrl.net/	1970-01-21 07:44:02	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 07:44:02	Name: _cc_id Value: e1dcb2365c67c2b946f74033f586369
.crwdcntrl.net/	1970-01-21 07:44:05	Name: _cc_cc Value: "ACZ4nGOQTzVMSU4yMjYzTTYzTzZKsjQxSzM3MTA2TjO1MDM2s2QAgnQXeUMGBAAANdwJJg%3D%3D"
.crwdcntrl.net/	1970-01-21 07:44:05	Name: _cc_aud Value: "ABR4nGNgYGBId5E3ZIADAAy3APw%3D"
.rubiconproject.com/	1970-01-21 03:24:53	Name: receive-cookie-deprecation Value: 1
.infolinks.com/	1970-01-21 03:24:53	Name: RBCUSERCOOKIE Value: M3WOAMVZ-4-1O70
.linkedin.com/	1970-01-21 10:00:53	Name: bcookie Value: "v=2&1463f3a5-ca4d-4cf4-865b-e3b22ea109b6"
.linkedin.com/	1970-01-21 05:34:29	Name: li_gc Value: MTswOzE3MzI1MTc2ODI7MjswMjFLn0Tb2LSrQ5tjNOel0Po/4n7glVAwNxIXMSAiAj53zQ==
.linkedin.com/	1970-01-21 01:16:44	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3414:u=1:x=1:i=1732517682:t=1732604082:v=2:sig=AQE7LnU2wHkyS7MlvnFx6Tof6NQ9JT_k"
.bidr.io/	1970-01-21 10:43:47	Name: bito Value: AAHpVU7OiD4AABgPrnmxlw
.bidr.io/	1970-01-21 10:43:47	Name: bitoIsSecure Value: ok
.yahoo.com/	1970-01-21 10:01:15	Name: A3 Value: d=AQABBDIfRGcCEMe2EbkiPv0RJ1e8AICjdTQFEgEBAQFwRWdOZwAAAAAA_eMAAA&S=AQAAArnqzCyV70z0rOAoMeQTM0M
.rubiconproject.com/	1970-01-21 10:00:53	Name: audit_p Value: 1\|oavL8xdUACt0lcDvJGN5kqzDSN/mcB6ihakLZrJ0MU6byR+hvQt5L6YgzyPxhQ7HSWQTnZPVutEiZ07GJqnMnujPGTiJ9gcmpmvllXEtYN4=
.rubiconproject.com/	1970-01-21 10:00:53	Name: audit Value: 1\|oavL8xdUACt0lcDvJGN5kqzDSN/mcB6ihakLZrJ0MU6byR+hvQt5L6YgzyPxhQ7HSWQTnZPVutEiZ07GJqnMnujPGTiJ9gcmpmvllXEtYN4=
.primis.tech/	1970-01-21 01:51:17	Name: csuuid Value: 67441f32c84fb
.lijit.com/	1970-01-21 10:00:53	Name: _ljtrtb_80 Value: M3WOAMVZ-4-1O70
.intentiq.com/	1970-01-21 10:51:17	Name: CSDT Value: UEQ6MTUxMDZfMCZVVjdUZFZpIzE1MzI0XzAmVVY3VGNrOA
.intentiq.com/	1970-01-21 10:51:17	Name: IQPData Value: 2785070349#1732517683057#0#1732517680106

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://resources.infolinks.com/js/1970.003-4.011/in_search.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://resources.infolinks.com/js/1970.003-4.011/in_frame.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://z.moatads.com/quantcastv2691176990399/moatad.js#moatClientLevel1=p-y6Nyh2U0YDhwK&moatClientLevel2=qfm&moatClientLevel3=b3250fcd-94c7-400d-a2a6-7ea121b78ec8&moatClientLevel4=0db7da09-48fe-4f9a-a403-b8a4a6ba0d62&uid=tPpl6batZrqvrDS257M37LCqLu3jrGKi4a1mvrGtMbfgrjbs_Kw6vfyvWsZucg== Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
rendering	warning	URL: about:blank Message: [GroupMarkerNotSet(crbug.com/242999)!:A04000066C1E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript	error	URL: https://www.btimesonline.com/ Message: Access to XMLHttpRequest at 'https://id5-sync.com/g/v2/535.json' from origin 'https://www.btimesonline.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://id5-sync.com/g/v2/535.json Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

96489a2c2a9ad550b591b4d6e7a95ecb.safeframe.googlesyndication.com
a5637.casalemedia.com
ad.doubleclick.net
analytics.adcanvas.com
api.intentiq.com
cdn-ima.33across.com
cdn.btimesonline.com
content.quantcount.com
d-code.liadm.com
datacdn.btimesonline.com
dt.adsafeprotected.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
exch.quantcount.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
id5-sync.com
idx.liadm.com
imasdk.googleapis.com
in.getclicky.com
lb.eu-1-id5-sync.com
lexicon.33across.com
media.adcanvas.com
pagead2.googlesyndication.com
pixel-ssn.quantcount.com
pixel.adsafeprotected.com
pixel.quantcount.com
pixel.quantserve.com
resources.infolinks.com
router.infolinks.com
rp.liadm.com
rp4.liadm.com
rt3021.infolinks.com
s0.2mdn.net
s3.tradingview.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.getclicky.com
sync.intentiq.com
tpc.googlesyndication.com
unpkg.com
www.btimesonline.com
www.google.com
www.googletagservices.com
www.tradingview-widget.com
z.moatads.com
datacdn.btimesonline.com
ep1.adtrafficquality.google
id5-sync.com
www.google.com
104.18.26.193
104.18.28.101
13.226.34.99
138.91.226.25
141.95.33.120
142.250.65.198
172.66.41.9
172.66.42.247
18.238.49.74
192.184.68.228
209.204.229.80
23.51.58.26
2600:1f13:800:7781:6056:61c2:f314:9e75
2600:1f18:730:b130:6a2e:9644:9d1:f0f2
2600:9000:2141:d800:1c:2afd:fb00:93a1
2600:9000:247b:5400:8:48e:53c0:93a1
2600:9000:2840:1800:1b:6b7d:2300:93a1
2606:4700:4400::6812:25cf
2606:4700::6810:e1f0
2606:4700::6811:f6cb
2607:f8b0:4006:806::2002
2607:f8b0:4006:808::2004
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::2006
2607:f8b0:4006:80e::2001
2607:f8b0:4006:816::2002
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::200a
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::2001
2607:f8b0:4006:824::200e
2620:116:800b:21:a021:b886:81cc:55cf
2620:116:800b:21:b08a:1dc5:659b:4055
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:bdf::40
2a02:6ea0:c454::1
3.221.57.175
34.193.58.216
35.244.193.51
52.73.131.229
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
05e1f9f91de1ef95a9342e1334773712a3974dcf67dc96bed52c3beb22807b91
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
05ef2582859808f502fd9305963527f1c3ad45e6905a45d567a128ffa67796a2
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
094151af99195a780122ee68b6707484a5a397c0553b62402f8dbe5f460b4a6a
0aa24a01b9433cc569a55203b2ddbc4d7c25166a1ce1b76ee83b87a49c7e315f
0ab6e393c1a0f2c21619e02e10063abcc6ea2b0ed5092b8ab6322e5b7cb33e47
0cf6740c4e4afaa51cebf7e04330a5e56d5007367884977ed52ea519512c29a2
0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f
0ddba0922a45957701891711e9f25d998cb23fc853271bba573dc0bc96dc64fc
0ee7d90acfcf61e37a67097a1f97ddb90fd685f3e9dcb6ed34931f2b94713d8d
127a5df75234fb0e1152ef43d505b2951c82f33f71a06cf2c6abb96732fd3e8d
133ecdae6e58daf3ad8c6f3126caec528fb1cde6478346c37b0d8373485d11e2
14bc0af75865d9421446cb13184b9e124710c8c67ac0c1187cc18f1b08441a0c
16ea4d9b470482e5cf209a66fa223974fab62906f0859fbc1555fc82ac7e2d48
186bcc05f5b870b7654a13f0263704082b3fbbce560aed44cdcb1b948cc1a081
197a1bf68209a8821076b92800d377e2f176962471038db202b55a1e5869fd3c
1af4226844b0d44966810101dd4306d26114f256e179dddaf1ea210c99f695ee
1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b
2283e9267edd8f78bf73bdb238aff08823b6e58593bcaec0138c93fc8041af58
250210a531956f2cb9ba81de8405e3b4bfdbc9b70d26ba260b547885f866ec1d
25a0fbe6722f46cbac080ea242360d25828b9cdc634105af1e1b0a5b49c67c09
27d53e5ecb8ce0db8c7699670da9dfdbb18661c869c250648e880c46d2dfa018
2a2982d1f827e63af430413250f64336eb291d3c88c91533ea3c4a556e3107b9
2aaaf8171a701189f4fd0e480156dec1d2c5856cf81f3d24756faf431f061a1f
2fc0436c16faeef7959f60cc405022281d7c429c25fe0cd2513afbbd23338c22
3190d521e2af2986503394c423d289e53d53965dcd6ca6595d36d76a0fafb29a
3214604be59dc42e18984b4886f816030f27dfc2606b44fae53c0719a914dc89
32ff625a498b91fca847f692e883069e75034c59847d4daa22050cc5d9976dfa
330af96a4be10f64e6554c25c437ca8bfa379552887565535144eba67d28303a
3560355268d0d186399ff32b7f93c530fd277218134613af66d30c83d38bf57a
39761e2a7cb0e42a8b09fbbf0d2c4cd9fb0c1568c045b1c5e387177dda8ff064
3b28a6339fd05794b5f04baa18295ac71dc6cc99304adf62327793564ac82366
3be6b19e3cb1f7b0a781973aedf6611bdc4b50d2ef0caaec34b61714d2a17b9d
3be7a25cd1088b2e516fcda725c417dc6acbef02b77423e4b178ddacc12c4ca5
3ddcda92e5d4aad31f570eac6729253a7bff47dd69a09896b8468d93341e4a55
3e194a03e320afda119786a142797e1823140ab2f8558c771329dae572364301
3eba7a304007b0f76d3bddee25e0d7b3e7e6947da7d7aff77bf17995c672358f
4206b3946e97ae57792d994c29f277ec12e6cfa043f9fc46d8ab7ed1996c9a86
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
49beb3cf1a0e841ef59c2a948018cb7b50435fa0910d7c98f46a74b853ca8562
4a059b8eeb772a50435eb517b600f8e3c98688cb03b741d60fd33308f65ec421
4a894012dfc39a34f29b428f7ee2e96d128d1c10cb40267c0fbfdb6098fbee45
4dfe0963bad966c1d1421d0a24c25bbfb7253ca481df4147cd5adb42f5d0d1d4
50413da2813556d9b988747639dff3a0174d15eab37ba2a680153412b7129eeb
51c506717ecb4851d11f652abd558d74176d875e7ba8ffb6808d62f84df05890
52cffae81b3ccf41a12d6099b6ab8e205275bce418c8ec20a5e4b826350c0f12
594d1b9f9e71babbb9cd32cd0dff40b5be08c3b9333f0ae1f44476e6ff31a4d7
597a805493b978f26f68bc716e50fdb0ad6ade4cc7e2e486fb05658107cdd23e
5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78
5d8d147b199a8beafa8b04ca62c324c95dea1669ce15882b3de183682a1a8c05
6105da26d83e4a8f430191acd5c5d15db8540279a4a08f6075f40234df56e270
61415cfd0290ede87a2fa8bd8dad8b4f4ef04f05c3ad590fcd1f11a297df774e
618ecda038710d0c086d23ba55f4e348e90824f0df05482980f4922a6831651a
63a9689da7cf8d032e6a4dc84c0ba46268fde3f990f8b0dca11b49d55cf15727
6500b45201c0146d2abc484c9bf09d6dfdb8b7a396862781ad9a5dc14d930553
66033d22508575a81d53e176198e0bf9140d435e46f62eaed4d784476063dbe8
6c35480989c6c93f20e96bd236b3e7882ce0c0ee049a49f454223a3dd3680e93
6d8a5ab37c434762e02d67b453d56d4bca7d4472f90957afad78f764042a9c72
6e73ac1aab0225fdd479b4cdfc0c2542306b9204a640347b0b27ad38a6326da9
72416b4586eaaba37f1914180fb89e6e6696762ff8221fc5c460d6c0accbd2e3
74d12b26a6735ac2ecff94107f2b6e0ff2f451a7f6ab494251bc3991d11f23c5
756fe023306e11da3ae176e5fef4d20f40438a4b48dc8ae6fa7173c458b0d32b
766c3439f344d25bf4e05390b8e864fc2592cbe8696f9799d0c66c7aca4bf28b
77286fe495961a84896891eaa6d0a0362adcfb3766caf55e1448ad55d66e277d
791c3d1384e7390a8a560168651e4bf79d4ee906ab2a7951da9b8c3eb2c3d050
81a5de2317089c54e96d5b2c5a8107f774ec981e822b7eb9aaf0b1448a991418
824250a997f305f02452f189ef9ff91a066fecc2551c0624836cfc033d4039d1
8429ce86bafc3a22ba5436b930e276c4f6a0ab691ee3444648980c4c2274ab10
86751bd24ab09f1eea1d360463a73021fa37719d2918fb96480f37fc6e84cb2b
8d1df41dafdc363341e9ec774163c4aa95f0808140fcbc1f8c42574c6ac84436
8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192
8db5420b2a938235cfe6c7a76d514721fb5999912db7aed705620c848a498879
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
8f60c8e46ff2161132091c8bdaf0628c161918a67a1d65854c21bc6bdff7eb91
9104fdd2b94094aa418ecb5fa9bd1bd3f119be1c7fd7747a3f91edede9ee5996
9162832cc3ed9507d8f869dd0d4fd0dacde05a078172d82a98b05e0aef1f1a34
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92e2e930b525ee731efb1934e31bb0febf29b4df8f2f50887b8a7a218d760f23
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
9492fbc76fed045b1a2af52e1053c97199ff76f1e3fc4e2e1bdc36d318230f8c
953346c7651b5a2c180049708aad09ec457716bf62e0f64256365a36f9348fb8
962808cfd3c1c02d18d101ff28b912f06a4ba7809f1f2bb7e54c22912613d200
96b58f25e452344e7d46609ad0b3f221593f5ae969df3a7a10dd6eb183a26a4b
977bd6573db0c146bae702f95e3af7a1f5d00899c3c9fb1afff078a71a893149
9970196d4556b329f03aea66cc72c05c884b21112d5065a67568f505586c838e
9a76a639d637e399b87ab07182a4c89b14021c5fe6d6314e5b37f59f94032282
a065dea64a7ef50e7dee1156eb94bacf09e0b5e7f6fb37c51b8c3e96a7301759
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e3e360dae8b6889e5b7572b4f781ee7519c4f7a5076e36ed2cd7335d562009
a3c6972644eaf712e1478a85836b3730ab7500df9f695fd31acd1d26718b624a
a48f61544d9c68406c1113477c39e9fbe43588e081d792cdd5c097babc205720
a5a628bc985210918a628179365e51cc9c281c7e756169306931834fef74d760
a7bb783f4efc4ea8b8f1e92aa3b91b6296686f5ecd02c3402a3aff653e5714cd
aa938226e6eddc96da5a52d7a9aba85c6b4eed0e56ad1ca66fd8f5ee8bb0acd1
aba311b69f0b9f52727cdbe465868a06104b4833f9e0abcd8a3258051475b1d6
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f
aee0d01202c426494bc76a931bd5395e1f6f55b140f9aca38616aa5645d1613f
af31eeaf585dcb946cb1a78eb02626c1c7e1b603568031ec880e29c81cdd4d10
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1884e952b422942fde5d5d4b86d928a385f454c96cc95306db7c00b75c756df
b1e51adc221d952b9c4cbe505ef8746af1807be1538fcb7e69696eff522c7d39
b251749e04ba1d0a4dcd53781ebf83415823829c9f36ee5102372f98ab40d8a2
b356d52b386d479a2c429e80bdefb8997ec43275fc6532f26d1e90a124168830
b3a6fd34d8c6fd988158f99379bde3b5f0a20ebc3fa8c04e78eddb9574d49726
b4bc8415f36e80f8baa9f1431c6cab31d52d8195dc2ab938362249d058ca493e
b7fb38c6c48622f00fac04ca1f1378b1bcd321b176f9286b26ad142e6707b2d9
b80e0a9102663e7bdec1f8dc01741171d9e8b40603550b6adbdef141e65fc811
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
ba8b3932dbf9da5b3796e86987a42289bfd94dae25b7cd95f844df6ab518fcdb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c016ae81681aa024b9f246d58196402fa80d99d08402ebd00fef802803ea366b
c195ea4da5963c79a0a135688ef7b16f724a80048bc4c460f7b967d5c6ece678
c353208f8905170fd926a52de793e7dedb9e3c6079d1e6be1681fca8cbe8f2c7
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c45b8299310eeae315c57e77386c4a2ded3c1d50d6c8ecc6ac8a533bd94ea221
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c582a4eeb59692c7bc63ca6d0bf107bcef0bfb474d04411d18df29f5aeee1cb8
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc259e56f86bfe8da892c5a6301b262b2ecde56fbdbac1de00e59b99472bf85f
ceaa44eeb19087512e344e76f00242bc4c631fa6bfba94d7e343ff0c7a180e1b
d08a73bfa46d6d9f303d0deef9923ba20785ee644722f49d2bdf296b30f24b2c
d3457614398b40b4c94d0de11b4bb00ad65942eb56746a5cf35d995d6e394cd1
d8609f646da0eb30343e20f60e45a27d45f275e90399982458a854c58010dfec
d91b9bfbc1fb22b5a847bc3c78c0eebb088b19d06c485d1a5bfc844d1367d382
da9f1425aef53002506431cf0313f39a55dbdf30629db0b8fdfdfe85c08b0fa2
db691e7b19d5fe304c6b01c4cc4a11e17082e81dbb3a0dca34cce24ed2443b3c
dd2d36f2b48bce7913b5a6624f56c7c903fe231853bf56e9b390d06891ace197
de02d09cd2185b8303b66937156b15062f79b7d5e5b2cc6af21972ea299a8eca
e1f4ef7827fde3f068ae7647827a144bc3099f32bc0474dc576fbfbfc0fa5304
e37e2bf3051ee04d768a7ae7874dce7176d43294e4935fe4dee6c24bd8bcf32c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e620de1ad67546033292af0ab94a1326fd77a9ee5b439ed060bcd71d1e7c6f97
e9a1e173c5d22953b14b81ab7c2ea27688c2dd35090b29654db2b2d4d5134645
eaa5885f1d8816f4f31ec2abdb1139bb97dfcb83687a6af734e1499352d12cd8
ebb1affa1eae0a237a753a3ecb1a72cf275a5a592d734614726bc85255d46626
ec09d5c9109ac007e730e19c240d8d11f8364d34a6e057aa316c8115cc200364
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef865186ee223fb4cac8311f1028985ecc8c519836731e605048daa4cadde850
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f18b692d9e7a5c3928d40b78ee05061055859dece03dba97dc35aca876f95f25
f3ba91fdeaf4fe0c9cbd9bbc3c67008a63e811a6f475996e8d60d8e801c276f7
f3e72d7afabac1453d62986ca12915c3c3bce0369dc918ce57814042515e46d1
f3f8458e0537b01f6c4832d01053e9391a6d3d247bdd2e38c4877c3252e03275
f9fad15b366ee27ce9ab15c6ae8df3a111f4a7c41b2b8213106e1e40024088f6
fbba9fc7ade6d9d4d782f4d656f7e412a71382f37683a9f0bda868312d00c3e8
fc395d0d7d7b75e2194c1c837592ecedd6980fa6b6dee7225bab5b8979aca1de
fd07e88139a8399bdf2e98f108b6d62134223974ef1fd72050e0c2028fe3e00d
fd174a6e8ff96849b1cfde7775f547a90e23450980ffcef02650cf9d42872c68
fdfa5618d1b43e123fa394f1f52a20379ff4eabca85c9db42852842ae869fff5
fed0f7c8efe71167979b3dbda13df93ad82e01d3a5b2898b7e1604f14cf0a3ab
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

www.btimesonline.com Open in urlscan Pro 138.91.226.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

254 Requests

92 %HTTPS

63 %IPv6

25 Domains

49 Subdomains

42 IPs

4 Countries

5581 kBTransfer

13219 kBSize

161 Cookies

2 Outgoing links

Redirected requests

254 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.btimesonline.com Open in urlscan Pro
138.91.226.25 Public Scan

Screenshot
Live screenshot

Full Image

254
Requests

92 %
HTTPS

63 %
IPv6

25
Domains

49
Subdomains

42
IPs

4
Countries

5581 kB
Transfer

13219 kB
Size

161
Cookies

254 HTTP transactions
14 data transactions