urlscan.io logo urlscan.io
SecurityTrails logo

www.visiontimes.com Open in urlscan Pro
2606:4700:20::681a:2e4  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Submission: On May 15 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 8 countries across 76 domains to perform 308 HTTP transactions. The main IP is 2606:4700:20::681a:2e4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.visiontimes.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 14th 2023. Valid for: a year.
This is the only time www.visiontimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2600:9000:24f... 16509 (AMAZON-02)
31 146.75.36.157 54113 (FASTLY)
13 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:24f... 16509 (AMAZON-02)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 2607:f8b0:400... 15169 (GOOGLE)
6 2600:9000:251... 16509 (AMAZON-02)
3 108.156.164.236 16509 (AMAZON-02)
2 4 2620:100:a001::c 19750 (AS-CRITEO)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 74.119.119.139 19750 (AS-CRITEO)
1 5 162.19.138.116 16276 (OVH)
1 2 52.4.80.63 14618 (AMAZON-AES)
5 104.244.42.200 13414 (TWITTER)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 216.22.16.1 30633 (LEASEWEB-...)
2 3 68.67.160.75 29990 (ASN-APPNEX)
1 142.251.40.98 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 108.156.180.227 16509 (AMAZON-02)
13 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 44.210.31.106 14618 (AMAZON-AES)
2 103.231.212.226 18229 (CTRLS-AS-...)
8 35.241.34.106 15169 (GOOGLE)
1 2 2607:f8b0:400... 15169 (GOOGLE)
1 5 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 23.54.68.197 16625 (AKAMAI-AS)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2 8.28.7.81 62713 (AS-PUBMATIC)
1 2607:f8b0:400... 15169 (GOOGLE)
3 21 209.54.182.161 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 199.38.167.131 54312 (ROCKETFUEL)
7 8.28.7.83 62713 (AS-PUBMATIC)
7 7 54.236.114.111 14618 (AMAZON-AES)
9 14 173.194.210.157 15169 (GOOGLE)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 1 199.187.193.181 47043 (SMARTADSE...)
1 1 198.148.27.140 19189 (PULSEPOINT)
2 2 74.121.140.211 30419 (MEDIAMATH...)
2 16 162.248.18.37 62713 (AS-PUBMATIC)
2 2 173.231.178.115 32475 (SINGLEHOP...)
2 2 2620:116:800b... 14618 (AMAZON-AES)
1 169.197.150.8 398989 (DEEPINTENT)
1 74.119.119.150 19750 (AS-CRITEO)
3 3 54.221.166.70 14618 (AMAZON-AES)
2 2 3.215.81.226 14618 (AMAZON-AES)
1 2 18.233.122.89 14618 (AMAZON-AES)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 35.214.153.92 15169 (GOOGLE)
1 1 69.90.254.78 13768 (COGECO-PEER1)
3 34.149.40.38 15169 (GOOGLE)
4 6 34.111.113.62 396982 (GOOGLE-CL...)
7 7 35.71.131.137 16509 (AMAZON-02)
2 3 52.223.22.214 16509 (AMAZON-02)
1 2 34.193.215.195 14618 (AMAZON-AES)
2 2 34.171.234.26 396982 (GOOGLE-CL...)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
3 3 34.200.65.202 14618 (AMAZON-AES)
2 8.28.7.84 62713 (AS-PUBMATIC)
1 2 2600:1f18:4e9... 14618 (AMAZON-AES)
6 6 2606:ae80:145... 25751 (VALUECLICK)
1 1 44.212.188.189 14618 (AMAZON-AES)
3 3 35.211.178.172 19527 (GOOGLE-2)
2 2 44.208.128.231 14618 (AMAZON-AES)
1 2 38.68.201.140 174 (COGENT-174)
3 3 207.198.113.89 13768 (COGECO-PEER1)
1 3.225.4.30 14618 (AMAZON-AES)
2 2 185.167.164.37 198622 (ADFORM)
2 2606:2800:220... 15133 (EDGECAST)
1 1 2600:9000:24f... 16509 (AMAZON-02)
1 51.222.39.185 16276 (OVH)
3 11 192.40.39.223 27381 (CASALE-MEDIA)
1 1 199.187.193.179 47043 (SMARTADSE...)
1 1 20.127.253.7 8075 (MICROSOFT...)
4 9 3.212.38.37 14618 (AMAZON-AES)
1 34.224.47.217 14618 (AMAZON-AES)
1 5 104.127.172.242 16625 (AKAMAI-AS)
1 1 63.251.86.49 32475 (SINGLEHOP...)
1 6 63.251.86.50 32475 (SINGLEHOP...)
1 2a04:4e42::485 54113 (FASTLY)
1 2620:100:a001::4 19750 (AS-CRITEO)
4 2a04:4e42:46:... 54113 (FASTLY)
3 3.214.100.121 14618 (AMAZON-AES)
2 2 68.67.160.137 29990 (ASN-APPNEX)
8 12 8.43.72.97 26667 (RUBICONPR...)
1 1 141.226.224.48 200478 (TABOOLA-AS)
2 2 50.31.142.31 23352 (SERVERCEN...)
1 1 104.76.100.229 16625 (AKAMAI-AS)
1 1 54.157.170.29 14618 (AMAZON-AES)
1 34.96.105.8 396982 (GOOGLE-CL...)
4 2600:9000:210... 16509 (AMAZON-02)
24 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 1 8.39.36.142 26667 (RUBICONPR...)
1 54.239.38.253 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
308 74
31    2606:4700:20::681a:2e4 (United States)

ASN13335 (CLOUDFLARENET, US)
www.visiontimes.com
img.visiontimes.com
3    2600:9000:24f7:c200:7:6b7b:1000:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdki.truepush.com
31    146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)
platform.twitter.com
13    2607:f8b0:400c:c13::9b (Charleston, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2606:4700:20::ac43:48db (United States)

ASN13335 (CLOUDFLARENET, US)
intothebid.com
1    2600:9000:24f7:7400:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.matomo.cloud
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    2607:f8b0:400c:c18::61 (Charleston, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2600:9000:2511:b000:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
3    108.156.164.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-164-236.cmh68.r.cloudfront.net
c.amazon-adsystem.com
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
5    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
lb.eu-1-id5-sync.com
2    52.4.80.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-80-63.compute-1.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
5    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
8    216.22.16.1 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 216.22.16.1.servint.net
prg.smartadserver.com
3    68.67.160.75 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    142.251.40.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    108.156.180.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-180-227.cmh68.r.cloudfront.net
aax.amazon-adsystem.com
13    2607:f8b0:400c:c13::64 (Charleston, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    44.210.31.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-31-106.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
2    103.231.212.226 (India)

ASN18229 (CTRLS-AS-IN CtrlS, IN)
PTR: static-103-231-212-226.ctrls.in
sdk.truepush.com
8    35.241.34.106 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 106.34.241.35.bc.googleusercontent.com
c.4dex.io
2    2607:f8b0:4006:80e::2002 (New York, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2607:f8b0:400c:c0a::93 (Charleston, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:400c:c0c::9a (Charleston, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    23.54.68.197 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-197.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2607:f8b0:400c:c14::9a (Charleston, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
21    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2607:f8b0:400c:c12::84 (Charleston, United States)

ASN15169 (GOOGLE, US)
e76b1da0232d3c8c593de06fd01d61f1.safeframe.googlesyndication.com
1    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
7    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
7    54.236.114.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-114-111.compute-1.amazonaws.com
match.prod.bidr.io
14    173.194.210.157 (United States)

ASN15169 (GOOGLE, US)
PTR: vn-in-f157.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
1    2603:c020:400d:3000:b5b3:7157:5b47:80e4 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    199.187.193.181 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
16    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    173.231.178.115 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-7.sys.adgear.com
cm.adgrx.com
2    2620:116:800b:21:a021:b886:81cc:55cf (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
3    54.221.166.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-166-70.compute-1.amazonaws.com
pm.w55c.net
2    3.215.81.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-81-226.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    18.233.122.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-122-89.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
3    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
6    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
7    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    34.193.215.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-215-195.compute-1.amazonaws.com
thrtle.com
2    34.171.234.26 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 26.234.171.34.bc.googleusercontent.com
um.simpli.fi
1    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    2600:1f18:4e9:5a02:c104:fcd:17de:de96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
6    2606:ae80:1451:17::1400 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
amazon-tam-match.dotomi.com
casale-match.dotomi.com
1    44.212.188.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-188-189.compute-1.amazonaws.com
sync.ipredictive.com
3    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    44.208.128.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-128-231.compute-1.amazonaws.com
ads.creative-serving.com
2    38.68.201.140 (United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
3    207.198.113.89 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    3.225.4.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-4-30.compute-1.amazonaws.com
rtb.adentifi.com
2    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    2606:2800:220:13d:2176:94a:948:148e (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
1    2600:9000:24fd:ea00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
11    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    199.187.193.179 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
9    3.212.38.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-38-37.compute-1.amazonaws.com
match.sharethrough.com
1    34.224.47.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-47-217.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
5    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    63.251.86.49 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
6    63.251.86.50 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
4    2a04:4e42:46::159 (United States)

ASN54113 (FASTLY, US)
pbs.twimg.com
3    3.214.100.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-100-121.compute-1.amazonaws.com
ads.yieldmo.com
2    68.67.160.137 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
12    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    50.31.142.31 (Itasca, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    104.76.100.229 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-100-229.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    54.157.170.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-170-29.compute-1.amazonaws.com
aorta.clickagy.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
4    2600:9000:210b:e000:10:43f:4352:ad61 (United States)

ASN16509 (AMAZON-02, US)
gw.geoedge.be
24    2607:f8b0:400c:c11::84 (Charleston, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
2    2607:f8b0:400c:c11::9b (Charleston, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2607:f8b0:4006:81f::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4006:817::2003 (New York, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
1    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    2607:f8b0:400c:c01::9d (Charleston, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2404:6800:4008:c07::5e (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
36 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 916
syndication.twitter.com — Cisco Umbrella Rank: 1167
999 KB
31 visiontimes.com
www.visiontimes.com
img.visiontimes.com
1 MB
29 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 514
image6.pubmatic.com — Cisco Umbrella Rank: 746
image2.pubmatic.com — Cisco Umbrella Rank: 958
simage2.pubmatic.com — Cisco Umbrella Rank: 707
image4.pubmatic.com — Cisco Umbrella Rank: 1104
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
34 KB
28 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
214 KB
26 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax.amazon-adsystem.com — Cisco Umbrella Rank: 406
s.amazon-adsystem.com — Cisco Umbrella Rank: 293
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1052
78 KB
20 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2017
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 278
adservice.google.com — Cisco Umbrella Rank: 83
56 KB
19 googlesyndication.com
e76b1da0232d3c8c593de06fd01d61f1.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
293 KB
18 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 589
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1113
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1111
token.rubiconproject.com — Cisco Umbrella Rank: 600
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 6287
pixel.rubiconproject.com — Cisco Umbrella Rank: 352
30 KB
14 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1651
mp.4dex.io — Cisco Umbrella Rank: 2234
c.4dex.io — Cisco Umbrella Rank: 6496
u.4dex.io — Cisco Umbrella Rank: 4062
28 KB
11 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
dsum.casalemedia.com — Cisco Umbrella Rank: 1344
9 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 375
218 KB
10 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1705
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 607
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 5101
4 KB
10 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 1720
gw.geoedge.be — Cisco Umbrella Rank: 1951
366 KB
9 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 540
5 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 429
mug.criteo.com — Cisco Umbrella Rank: 2429
dis.criteo.com — Cisco Umbrella Rank: 674
9 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 639
ce.lijit.com — Cisco Umbrella Rank: 926
6 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
4 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 559
4 KB
6 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 2948
pbs.twimg.com — Cisco Umbrella Rank: 840
13 KB
6 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3491
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5283
casale-match.dotomi.com — Cisco Umbrella Rank: 3126
2 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 471
1 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 444
cdn.id5-sync.com — Cisco Umbrella Rank: 1008
38 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 301
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448
2 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
secure.adnxs.com — Cisco Umbrella Rank: 440
6 KB
5 truepush.com
sdki.truepush.com — Cisco Umbrella Rank: 64888
sdk.truepush.com — Cisco Umbrella Rank: 83792
22 KB
4 gstatic.com
fonts.gstatic.com
csi.gstatic.com
61 KB
4 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5712
ads.yieldmo.com — Cisco Umbrella Rank: 661
3 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
3 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 668
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 324
2 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
1 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 848
2 KB
3 intothebid.com
intothebid.com — Cisco Umbrella Rank: 158280
120 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
105 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 562
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 585
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 5066
967 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4482
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 792
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1317
683 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1473
837 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 700
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 740
1007 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1397
1011 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 505
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
237 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 726
458 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
114 KB
2 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2607
sync.crwdcntrl.net — Cisco Umbrella Rank: 875
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
137 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
515 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2107
173 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2006
648 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 548
849 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 991
308 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 664
13 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
897 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1523
622 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 798
149 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 761
531 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1183
287 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 974
554 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 949
518 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1396
674 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1003
225 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2462
308 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1098
222 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 573
1002 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1433
3 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 806
790 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1065
406 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 179
2 KB
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2127
2 KB
1 matomo.cloud
cdn.matomo.cloud — Cisco Umbrella Rank: 20299
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 alexametrics.com Failed
certify-js.alexametrics.com Failed
308 76
Domain Requested by
31 platform.twitter.com www.visiontimes.com
platform.twitter.com
rumcdn.geoedge.be
21 s.amazon-adsystem.com 3 redirects rumcdn.geoedge.be
ads.pubmatic.com
s.amazon-adsystem.com
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
match.sharethrough.com
ce.lijit.com
www.visiontimes.com
17 www.visiontimes.com www.visiontimes.com
16 simage2.pubmatic.com 2 redirects ads.pubmatic.com
14 tpc.googlesyndication.com rumcdn.geoedge.be
www.visiontimes.com
14 img.visiontimes.com www.visiontimes.com
13 fundingchoicesmessages.google.com rumcdn.geoedge.be
www.visiontimes.com
13 securepubads.g.doubleclick.net www.visiontimes.com
securepubads.g.doubleclick.net
rumcdn.geoedge.be
12 cm.g.doubleclick.net 9 redirects sync-amz.ads.yieldmo.com
www.visiontimes.com
10 cdn.ampproject.org rumcdn.geoedge.be
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
8 c.4dex.io www.visiontimes.com
8 prg.smartadserver.com intothebid.com
7 match.adsrvr.org 7 redirects
7 match.prod.bidr.io 7 redirects
7 image2.pubmatic.com ads.pubmatic.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 ce.lijit.com 1 redirects s.amazon-adsystem.com
ce.lijit.com
6 pixel.tapad.com 4 redirects ads.pubmatic.com
sync-amz.ads.yieldmo.com
6 rumcdn.geoedge.be intothebid.com
rumcdn.geoedge.be
www.visiontimes.com
5 pixel.rubiconproject.com 2 redirects www.visiontimes.com
5 token.rubiconproject.com 4 redirects s.amazon-adsystem.com
5 www.google.com 1 redirects www.visiontimes.com
rumcdn.geoedge.be
5 syndication.twitter.com platform.twitter.com
www.visiontimes.com
4 pagead2.googlesyndication.com rumcdn.geoedge.be
www.visiontimes.com
4 gw.geoedge.be rumcdn.geoedge.be
4 pbs.twimg.com www.visiontimes.com
platform.twitter.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
www.visiontimes.com
4 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
4 id5-sync.com 1 redirects intothebid.com
cdn.id5-sync.com
4 gum.criteo.com 2 redirects rumcdn.geoedge.be
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com rumcdn.geoedge.be
client
3 ads.yieldmo.com sync-amz.ads.yieldmo.com
3 pixel-sync.sitescout.com 3 redirects
3 x.bidswitch.net 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 eb2.3lift.com 2 redirects ads.pubmatic.com
3 u.4dex.io ads.pubmatic.com
www.visiontimes.com
3 pm.w55c.net 3 redirects
3 ib.adnxs.com 2 redirects intothebid.com
3 mug.criteo.com www.visiontimes.com
3 c.amazon-adsystem.com intothebid.com
c.amazon-adsystem.com
3 intothebid.com www.visiontimes.com
3 sdki.truepush.com www.visiontimes.com
sdki.truepush.com
2 www.googletagservices.com rumcdn.geoedge.be
2 b1sync.zemanta.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 secure.adnxs.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 cdn.syndication.twimg.com platform.twitter.com
2 c1.adform.net 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 um.simpli.fi 2 redirects
2 thrtle.com 1 redirects ads.pubmatic.com
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 sync.srv.stackadapt.com 2 redirects
2 cms.quantserve.com 2 redirects
2 cm.adgrx.com 2 redirects
2 sync.mathtag.com 2 redirects
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 www.facebook.com www.visiontimes.com
2 ads.pubmatic.com www.visiontimes.com
ads.pubmatic.com
2 googleads.g.doubleclick.net 1 redirects www.visiontimes.com
2 sdk.truepush.com sdki.truepush.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 cdn.id5-sync.com rumcdn.geoedge.be
2 connect.facebook.net www.visiontimes.com
connect.facebook.net
2 script.4dex.io intothebid.com
script.4dex.io
2 www.googletagmanager.com www.visiontimes.com
www.googletagmanager.com
1 csi.gstatic.com pagead2.googlesyndication.com
1 px.ads.linkedin.com www.visiontimes.com
1 aax-eu.amazon-adsystem.com www.visiontimes.com
1 simage4.pubmatic.com ads.pubmatic.com
1 pixel-us-west.rubiconproject.com 1 redirects
1 tr.blismedia.com ce.lijit.com
1 sync.crwdcntrl.net 1 redirects
1 aorta.clickagy.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 stags.bluekai.com 1 redirects
1 sync.taboola.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 static.criteo.net rumcdn.geoedge.be
1 cdn.jsdelivr.net rumcdn.geoedge.be
1 ap.lijit.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 sync.inmobi.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 onetag-sys.com s.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 rtb.adentifi.com ads.pubmatic.com
1 sync.ipredictive.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 csync.loopme.me 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 p.rfihub.com 1 redirects
1 e76b1da0232d3c8c593de06fd01d61f1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com rumcdn.geoedge.be
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 www.googleadservices.com www.googletagmanager.com
1 mp.4dex.io intothebid.com
1 id.crwdcntrl.net intothebid.com
1 secure.gravatar.com www.visiontimes.com
1 cdn.matomo.cloud www.visiontimes.com
0 sync-tm.everesttech.net Failed ads.pubmatic.com
0 certify-js.alexametrics.com Failed www.visiontimes.com
308 120
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-14 -
2024-02-14		 a year crt.sh
sdki.truepush.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-09-23		 7 months crt.sh
platform.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-21 -
2023-08-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
intothebid.com
GTS CA 1P5		 2023-04-19 -
2023-07-18		 3 months crt.sh
cdn.matomo.cloud
Amazon RSA 2048 M01		 2023-02-24 -
2023-12-25		 10 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-10		 8 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-31 -
2024-01-30		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-22 -
2023-05-23		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.truepush.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-13 -
2023-09-13		 a year crt.sh
c.4dex.io
GTS CA 1D4		 2023-05-04 -
2023-08-02		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2023-05-01 -
2023-07-30		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-08-12		 5 months crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-04-12 -
2023-07-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh

This page contains 42 frames:

Primary Page: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Frame ID: 80A01110336263B8B3434D2C7C8B8FBC
Requests: 119 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.visiontimes.com
Frame ID: 31C43BB5392EA25CBE75C07FE9E5641A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: BAD95A7C8E6389A387DEC540DDFA1ABE
Requests: 21 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
Frame ID: D47EBD9D5DEDC2F7F28CAD722A095EE7
Requests: 19 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
Frame ID: 0FD4BA003618DC3D78B6B34BA2874B40
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&dcc=t
Frame ID: 6E97E3396836CBBFF314BCC28F85365E
Requests: 1 HTTP requests in this frame

Frame: https://e76b1da0232d3c8c593de06fd01d61f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0ED2130DDD88B47CC76777D7377B2F06
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: B451AEC28D2148FCBB7B1B5E3DAFF7D9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907266265019291
Frame ID: 4BFFEA12F3BCCC3E6AF2026E7B4981DD
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: D3A4EBA3BCE7A7BD921AD18D257F182C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB-TE7IxQkAAB_zVrTf7g&gdpr=0&gdpr_consent=
Frame ID: 16041E11933A8E2C63C411342C499972
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:84f96462-849e-4a00-948a-e81395bd6a4e&gdpr=0&gdpr_consent=
Frame ID: D4C441D503D0DC80BEE805DD1F4EB5BB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=bc1e3022-f354-11ed-911c-92a7124e64ef
Frame ID: 73E04612EACE1E325C1B71D605CB7BC6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5238790058226081324&gdpr=0&gdpr_consent=
Frame ID: 79D09636536E214A06CEB02EB268A03C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7CzOz-IswZn3IZzO433VzuMszMT3IMnN6CgTib9n
Frame ID: BE18F13C0EEBA2C7AE03350899F4E55A
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 74D16F341DAA1024CC2F41CD433BA5E6
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 3DED99B90607C5D00D242A1DB7572329
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6dGh8dJn1PYDEx5&gdpr=0&gdpr_consent=
Frame ID: 31E5A274DEB8A721EC599C328FE27FE6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TsQVy5XhU41iMArRnN9PSgW16oY&gdpr=0&gdpr_consent=
Frame ID: BB2EA7A6BAE9F640961BAAD76C73E6AD
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C
Frame ID: DE0A975EFB737792AC10932DBD9A89BE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&gdpr=0&gdpr_consent=
Frame ID: 11840A6875D46C30F42DC898E200EDE7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: EF7738A6CBEA8D94056E84880D1CD093
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=780031241462
Frame ID: 32DE50F98D21DFF894D1D35B773F5B97
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)AFC8F860-34E7-4351-BE58-9A1E0F80EA0C
Frame ID: 8F246FCDDF7A1287B88F7F5646C0339F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: ADCE2078600766CFBB86AEAC5E001203
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2B13A276BA72979E541D8AEC9E46B4C7
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: DBDC10E679266563DD51BB01A3ABA0AD
Requests: 10 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3377001389364036220&gdpr=0&gdpr_consent=
Frame ID: F4873C1F12D60563A7FB055BA89394FC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-2d5cJFu0fjqbtphLQ3asaYqOHoPpUe6BhWORRyEpMg
Frame ID: E03DD252DE8C43CCA3E72CFAD189F7AC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHFJ6azbnzJgN0UYwLAAAAAAA&expiration=1684264478&is_secure=true
Frame ID: 7FAC3D6D173D4D7FCEB11B2A631B5F9F
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: C5509198B6BB68896A67514FC33FECF3
Requests: 6 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: F7B28C0446BA25B53CC7BC83468C7A5F
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 5015C3A8C50DAB8983D53EC696D64BAA
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JdHAyaTVSRTJ1THh5bWVOZEExQkhtdHBaM2RiX0lVOX5B
Frame ID: 44ACB4CC3B6C44ED2CEDD2293A85CA47
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 199D56FE185913786BF1BB2DE2E372B2
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2219360552203096644640
Frame ID: D1369B0462EFFD7DD6FBCE1255571072
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Frame ID: C6B89A366D5B6F6820E6D7A09C3B005B
Requests: 17 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Frame ID: CE94AE8CCCF157DA4D7D7F2FBB5D22EA
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Frame ID: EB615F42B266836741FA48599315DBC5
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: 39BB5E091DAC56E16C8EC1A5F49B0633
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.visiontimes.com&gdpr=0&gdpr_consent=
Frame ID: 81138586705669F4828306032A0D4B18
Requests: 2 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Frame ID: F728E2233339680F82AD50550FC56212
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Celebrities, Internet Personalities Open Their Wallets to Fund Daniel Penny’s Defense - Vision Times

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

308
Requests

82 %
HTTPS

37 %
IPv6

76
Domains

120
Subdomains

74
IPs

8
Countries

4339 kB
Transfer

11416 kB
Size

168
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.visiontimes.com%2F&domain=www.visiontimes.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=uYGo-3xwSk5UU3B4STIvSFB3NlEyajAxUjVaY0VYVzlzQUYxV0thTlc5ZVA1eHhLR1NYVENyL0YvNlNUWUh3NkZ2bldzYVIrbzYzMmlvUFR1VlFGQTNpTCsveDJnVEo1cGdPVE5xR3o2Y3dJeDNJQmI5R3pRZjFGUnJlTXdOekdNZVQxKytvQldSdGZ1NTJ2a3RqT01MTFJJODllaTBEcHRsUG5maXRoRi9QNk9zdzN3d1dDVm9Jd0VyUWJQWEtmWmlPSUFqUnUzUTBaMVpyeGtOWE4zeVpoUXMxNXNjenNKcHRWOFNGSVMyL3gzdVRsd1ZETXErUlU2VXI2VVBEMkZVY3hufA&cppv=2
Request Chain 89
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/464712619/?random=1208201178&cv=11&fst=1684178076938&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Celebrities%2C%20Internet%20Personalities%20Open%20Their%20Wallets%20to%20Fund%20Daniel%20Penny%E2%80%99s%20Defense%20-%20Vision%20Times&value=0&auid=2073693243.1684178077&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=nYRiZJqqAcSF_gTEwrmQAw&sscte=1&crd=&eitems=ChAI8LCHowYQlqKdsc7m4tJYEh0AJVrbTfKuJDlKInuT9VaC9b6hL_4GOknWd53T8Q&pscrd=Ek5DaEFJOExDSG93WVFsb3ktdlBmTzQ0TXBFaVlBRmtPelljd3R6VkxxVEtGMTR3Q3RkemJvU1o1UnhFa3d2UEdKRVR0Zkpxc3g4SkFDUHcaWENoQUk4TENIb3dZUWlJTzMzdnZENkpadEVpNEFHMU5XMGVWbXVyNXpCV2gtNE5kd3E2b3pQWGtEbjVxVWdDMUNoWFVqQ0lfYlhWaW1vZGl6YmFPRUdQMWg HTTP 302
  • https://www.google.com/pagead/1p-conversion/464712619/?random=1208201178&cv=11&fst=1684178076938&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Celebrities%2C%20Internet%20Personalities%20Open%20Their%20Wallets%20to%20Fund%20Daniel%20Penny%E2%80%99s%20Defense%20-%20Vision%20Times&value=0&auid=2073693243.1684178077&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExDSG93WVFsb3ktdlBmTzQ0TXBFaVlBRmtPelljd3R6VkxxVEtGMTR3Q3RkemJvU1o1UnhFa3d2UEdKRVR0Zkpxc3g4SkFDUHcaWENoQUk4TENIb3dZUWlJTzMzdnZENkpadEVpNEFHMU5XMGVWbXVyNXpCV2gtNE5kd3E2b3pQWGtEbjVxVWdDMUNoWFVqQ0lfYlhWaW1vZGl6YmFPRUdQMWg&is_vtc=1&ocp_id=nYRiZJqqAcSF_gTEwrmQAw&eitems=ChAI8LCHowYQlqKdsc7m4tJYEh0AJVrbTf-DR0WceR6Gu4oK1huFrRi23FU8oZ9eKw&random=1640366969
Request Chain 112
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&dcc=t
Request Chain 120
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907266265019291
Request Chain 121
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 122
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCLVRFN0l4UWtBQUJfelZyVGY3Zw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAB-TE7IxQkAAB_zVrTf7g&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB-TE7IxQkAAB_zVrTf7g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3844925642332914185&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB-TE7IxQkAAB_zVrTf7g&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3844925642332914185%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3844925642332914185&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAB-TE7IxQkAAB_zVrTf7g&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB-TE7IxQkAAB_zVrTf7g&gdpr=0&gdpr_consent=
Request Chain 123
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:84f96462-849e-4a00-948a-e81395bd6a4e&gdpr=0&gdpr_consent=
Request Chain 124
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=bc1e3022-f354-11ed-911c-92a7124e64ef
Request Chain 125
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5238790058226081324&gdpr=0&gdpr_consent=
Request Chain 126
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7CzOz-IswZn3IZzO433VzuMszMT3IMnN6CgTib9n
Request Chain 129
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6dGh8dJn1PYDEx5&gdpr=0&gdpr_consent=
Request Chain 130
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TsQVy5XhU41iMArRnN9PSgW16oY&gdpr=0&gdpr_consent=
Request Chain 131
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=0a68a137-55bc-4e9c-8e35-27f2fe51e345&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C
Request Chain 132
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&gdpr=0&gdpr_consent=
Request Chain 133
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 134
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=780031241462
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=r8j4YDTnQ1G-WJoeD4DqDA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 137
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5ac6cc27-752c-4ae5-bd1d-7bf801d1eb3d%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9ded1e15-51d8-4d7d-a753-c83028365f39&ttd_puid=5ac6cc27-752c-4ae5-bd1d-7bf801d1eb3d%2C%2C
Request Chain 138
  • https://eb2.3lift.com/xuid?mid=7976&xuid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 139
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=fd44d589-8c31-4a5b-b0e8-a60a09026853
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUZDOEY4NjAtMzRFNy00MzUxLUJFNTgtOUExRTBGODBFQTBD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 141
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKNrZV5j0mC7AbkWMP-ETck&google_cver=1
Request Chain 142
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8B186010B4F24A0C8B19B031EF91F199
Request Chain 143
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3600827481373604381&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 144
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=
Request Chain 145
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Dcb5yfBE2uUv3.5X.T3JGYCf_M7sup0-~A&gdpr=0
Request Chain 147
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1eb8a53a603614c6&is_secure=true&networkId=17100&version=1&nuid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIn65qZSU8UQNkWOUvAAAAAAA&expiration=1684264478&nuid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 148
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b979531c-bbbd-42e7-bb34-08db7f10ced8&gdpr=0&gdpr_consent=
Request Chain 149
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a1c7c0cc-1b29-4d10-8861-b07931a64433&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a1c7c0cc-1b29-4d10-8861-b07931a64433&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=4ced5336-0ea6-4dee-82f9-4ae81116ed89&ssp=pubmatic&expires=30&user_group=5&bsw_param=a1c7c0cc-1b29-4d10-8861-b07931a64433 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a1c7c0cc-1b29-4d10-8861-b07931a64433&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 150
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA9_102B97382_68C2E078&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 151
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553&gdpr=0&gdpr_consent=
Request Chain 153
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5433832718340559967
Request Chain 162
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AAB-TE7IxQkAAB_zVrTf7g&ex=beeswax.com
Request Chain 163
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=ac5f9951
Request Chain 165
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8B186010B4F24A0C8B19B031EF91F199&ex=simpli.fi&status=ok
Request Chain 177
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 178
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3377001389364036220&gdpr=0&gdpr_consent=
Request Chain 179
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-2d5cJFu0fjqbtphLQ3asaYqOHoPpUe6BhWORRyEpMg
Request Chain 180
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4527078dd50c14c6&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHFJ6azbnzJgN0UYwLAAAAAAA&expiration=1684264478&is_secure=true
Request Chain 184
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JdHAyaTVSRTJ1THh5bWVOZEExQkhtdHBaM2RiX0lVOX5B
Request Chain 185
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 190
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2219360552203096644640
Request Chain 194
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=5238790058226081324&pn_id=an
Request Chain 195
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=g2c1af3b0a649612876b HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D5ac6cc27-752c-4ae5-bd1d-7bf801d1eb3d%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5238790058226081324&pt=5ac6cc27-752c-4ae5-bd1d-7bf801d1eb3d%2C%2C
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEDd0rKJ4zEEBCvGCNdMQ_ig&google_cver=1
Request Chain 198
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LHP856MI-1I-KK08
Request Chain 202
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=9ded1e15-51d8-4d7d-a753-c83028365f39&expiration=1686770078&gdpr=0&gdpr_consent=
Request Chain 203
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZGKEnonZraFhHhu2nwTybAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFdaWha1Fo2Fhhdh3itOwwk&google_cver=1
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGKEnonZraFhHhu2nwTybAAADWUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAoj9x0m3gbn_okBJxrrGz4&google_cver=1
Request Chain 206
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=84f96462-849e-4a00-948a-e81395bd6a4e
Request Chain 207
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=2bf042e10f981846&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHFJ6azbnzNwNk0r4rAAAAAAA&expiration=1684264478&is_secure=true
Request Chain 208
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6dGh8dJn1PYDEx5
Request Chain 209
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZGKEnonZraFhHhu2nwTybAAA%263429&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=c561c36a-05cd-4440-b6f6-efee0edf1a72-tuctb5c0a1e
Request Chain 212
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=cwEnbd6q8UIf6KZcn_UQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DCNDGHBRTKZJSMEZTIYTBGU2CM43POVZGGZK7OVZWK4S7NFSD2Y3XIVXGEZBWOE4FKSLGGZFVUY3OL5KVC&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DCNDGHBRTKZJSMEZTIYTBGU2CM43POVZGGZK7OVZWK4S7NFSD2Y3XIVXGEZBWOE4FKSLGGZFVUY3OL5KVC HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=cwEnbd6q8UIf6KZcn_UQ
Request Chain 213
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=
Request Chain 214
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=15 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134&gdpr=&gdpr_consent=
Request Chain 215
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=
Request Chain 216
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Request Chain 218
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=GprCiPZHxyTrprMOQMCZ6PcE&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=ZGKEnocZEk8VGWQqRSr7mnCi
Request Chain 219
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553&gdpr=0&gdpr_consent=
Request Chain 220
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=5238790058226081324&gdpr=0&gdpr_consent=
Request Chain 221
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=bM0hJWLNLnN3wHMkY5w6JGPNIy53wSYnaMk-dIJU
Request Chain 262
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=visiontimes.com&sn=ChromeSyncframe&so=3&topUrl=www.visiontimes.com&bundle=V3mixV9Sa04wRE9RSzklMkZ0MlZnQkdDTlpOSEpJU1VSJTJGVU4zaHdwcXVWT011Y1VidUNJRDhFcWtkWHgxYjdtejJ3MEhNZHdPeXVXeUdEWU92U3FHMkxidTc2ODVyVVRjdUdwMWk1QSUyRmV1M3E0TE9wbUFydXYzc0VjcVMlMkY3SVMlMkJpJTJCODF2WQ&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=tDc1Nnw3OEFpdTF0MS9HY2ZxSXJjSzJpekc3NGk0QnI3amRmem5MVmtVZDV3Z1JIKytZbnRGcFNVTHVLbUtNMDJ4WmN6TUFTd2owbUx4cnc4QkNRRzREaWpTVmQ1T000UTl0dXZObFkyVksrSGdncjgzRzBLWCtaMVRpVUtiL2F4U3VmbVZwdlRjK3dkYU9SSmI0MHp6U0FnakUzWGZ2V21lZDZFQjVaaVcwMjJhU1MxK0MwU0srZTNmWmNIcENXb3V1bFRGdmRQM1BPNk1vejhvU2hiRS8rZ3drVFU3STZwdU01RlUvMm1sTWtHQytPOHNFUjlGOU91RU80aGxKNmNvWFhuOG56YnFLRWIrTUFpSnM1MUpaTU5TSXg2VDB3K0NIRVhZdVBLcVFQelpOdz18&cppv=2
Request Chain 286
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZGKEnonZraFhHhu2nwTybAAADWUAAAIB
Request Chain 288
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 291
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LHP856MI-1I-KK08 HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LHP856MI-1I-KK08
Request Chain 293
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LHP8572C-19-6ATV HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LHP8572C-19-6ATV&ex=d-rubiconproject.com&status=ok
Request Chain 294
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uAXLRQCDSe-gwFk0YmK7mQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uAXLRQCDSe-gwFk0YmK7mQ
Request Chain 295
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=&expires=30
Request Chain 296
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhQODU3MkMtMTktNkFUVg== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG5p-UXf-an2jeVKpz8rJ4w&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQODU2TUktMUktS0swOA==&google_push=
Request Chain 298
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWJiZTBjNDQ2ZDEyOWVhYmZiNzc4ZDc3MjI0ZGQ2ZDNlNjc1NmM5Zg
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECB2RH0FmqnBDBkNK6Oi16c&google_cver=1
Request Chain 300
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/UGoAuA3iUvwzSqVME-fMOMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4kLU731E2oK5rZmAvTutI2v5T9bgVOrtwgaeyA--~A
Request Chain 301
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHP8572C-19-6ATV

308 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
www.visiontimes.com/2023/05/15/ 		79 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5100114c81972af7136eb0a8342be9526e84ee64048b648993e3b19ed3fd13a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-edge-cache
cache,platform=wordpress
cf-ray
7c7db4709a9303d5-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 19:14:36 GMT
link
<https://www.visiontimes.com/wp-json/>; rel="https://api.w.org/", <https://www.visiontimes.com/wp-json/wp/v2/posts/460924>; rel="alternate"; type="application/json", <https://www.visiontimes.com/?p=460924>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjNrXzOTwdOXbg1Oowc88Aq2Dd%2FIUDl5RT4mKGvkoVH8QsOis640T%2B8TvcVayIAbTk4wU0I%2B59XjmYXQgTZiousFk9Hxi2fyFT38zeWuGvb5mcUfVsjL21h%2Bdvv17kEFGWiDbLk3dyTPQwjcwjNHh1s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-status
STALE
x-device
desktop
x-elasticpress-query
true
autoptimize_0cd5a73be04580700736ef842a35713e.css
www.visiontimes.com/wp-content/cache/autoptimize/css/ 		304 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b60a514edd6504bc0b32248d47c8071f7fa846e134ab2da6dcc9b66f37d1d9c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2454
x-cache-status
STALE
x-device
desktop
cf-bgj
minify
last-modified
Sun, 05 Mar 2023 18:17:33 GMT
server
cloudflare
etag
W/"6404dcbd-4bf68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2mW8O1jtnHEGAZlEINvxs3Dmq%2Fwl4ODoyHIF5COTxgcMiaf2FpjBLKNdG93cuxVgPStgRAZIZLe9n%2BflUFghswtsh%2BG3woYcIjKPWCo4we3wSF5CNnYJGur%2BVEvTh7RN7PKo7pdLlVneQGmVAlSjYo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=864000
cf-ray
7c7db4716b6103d5-EWR
expires
Thu, 25 May 2023 18:26:06 GMT
app.js
sdki.truepush.com/sdk/v2.0.3/ 		1 KB
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/v2.0.3/app.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f7:c200:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c600adb1e3d6281621818ba058f98a8fa9ba43bd31a97c2cf98901400ba6f461

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 02:47:12 GMT
content-encoding
gzip
via
1.1 ff8e36e5267cb39e0ce8c3df049957a6.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 12:54:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
age
1528044
etag
"b861f6349fdb27190bd25dbfcd7674ff"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
581
x-amz-cf-id
Ai40wfl9PFxzvIPEYZW46Imx-txXJ4Ldws_fUP67fgB0MFTZvqOlNA==
menu-mobile-926eb40a4c.svg
www.visiontimes.com/wp-content/themes/vt/dist/assets/images/ 		1 KB
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/images/menu-mobile-926eb40a4c.svg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b92670afda59fa4ccc4a37cf5709f8452696eab3a58f2fc3e17a109e37c2d78

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2454
x-cache-status
STALE
x-device
desktop
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
W/"63bee1fb-4ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGZAtuNwefPmY%2BRRLGDZOo5WTDhx2tngrqdLbxKbpeH16DPNQhhCKR32KbmGNKdnbuLLOshya4oAijVKwXfuz71Q2UUgobtYfhVRmURxU0nY13Pok65n1G2spedRaVH9kQo7lxNdxxw0qG65P%2Bv%2F5cI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
7c7db471ebcc03d5-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
vision-times-logo-fc9b3d60e2.svg
www.visiontimes.com/wp-content/themes/vt/dist/assets/images/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/images/vision-times-logo-fc9b3d60e2.svg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08ca7520df21a77ad6adfc790f9c1b6d76d91b7133040edf4c2769e2815dda10

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2454
x-cache-status
STALE
x-device
desktop
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
W/"63bee1fb-2e4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXTm4qka0wUTCq%2B94PmGm7rlrpCYiEJXU5rNY2wAnV9J5FMm38NwpWEoeBFhVy85CDHzgDgjAILM33udnj4kQdpQlUo5Kl0shODVF5wxGruAl%2F3GW37jJqt5P9E9QNXtjdZpvGT4qL8QIL1r1z8y%2Bgg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
7c7db471ebcd03d5-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
vision-times-sm-logo-66a6be678b.svg
www.visiontimes.com/wp-content/themes/vt/dist/assets/images/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/images/vision-times-sm-logo-66a6be678b.svg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d034eebaa59c0d499dcbe8cbe0fba6d96b0d9abf6b0ab07942496965db4392d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2454
x-cache-status
STALE
x-device
desktop
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
W/"63bee1fb-2abb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjlU0l6iqaKamHlKlbieRfq%2FXdFbcGZN1Cig3ufJ7jotWJtXRVOJA54%2B0JyuWGk1WOZrTA%2Fh7IZHNakd%2Bxwhs4XHj40ieiJcthDvIbiLn9y7h90yiJZESzDqKOcNNvZSWGMbqIOaD4v9nXxEvjYQOrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
7c7db471ebce03d5-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
www.visiontimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 May 2023 12:05:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"645e2b95-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4mBh%2Bxov2PMm75mCpicQPzB4wc2bjsOabskvdvPVWxq2O0mDgMIGz9EDJCkK0zcOf2OYQFgZEDomdDRXAAAngHrZqrGbGXRVD2okDwhqfn3d%2B%2B1Pa%2BAkTP7vG9u1kuu9P3D6S%2BEDxb07wqYshyHLIs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7c7db471cbc203d5-EWR
expires
Wed, 17 May 2023 19:14:36 GMT
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
27630
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Tue, 24 Jan 2023 21:41:51 GMT
etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49ebf0bdd576265a71f5c6bc6ba67fef24915d414dc8b2597c409cda4bbf2ffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25444
x-xss-protection
0
server
cafe
etag
713 / 19492 / 31074524 / config-hash: 10982363139367512492
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 May 2023 19:14:36 GMT
prebid.vt_en.js
intothebid.com/wrapper/vt/ 		282 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intothebid.com/wrapper/vt/prebid.vt_en.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4517329a1a3efcb408a4d33f16b3b7b56ee8472ed54533efebb2627532c9ecf1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
741
cf-polished
origSize=289051
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Sat, 18 Dec 2021 13:42:26 GMT
server
cloudflare
etag
W/"4691b-61bde542-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IJLD0YFF%2Bz61rqIDiAdLqnkIkkFg9VTL5N2Ht1ccfl6jxdBvepNTf1KdYNbVc5nbrsGKLwp%2FwfgAIoq50TIOMujPACyi5IdY2K7UcHwuB2pot8nWYa4mOj8geAXYHGri%2FGJgMEB%2FBtsh%2BcT"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=3600
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c7db47268f9181d-EWR
expires
Tue, 14 May 2024 18:37:19 GMT
hp_vt_en.js
intothebid.com/wrapper/vt/ 		0
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://intothebid.com/wrapper/vt/hp_vt_en.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
strict-transport-security
max-age=0; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
741
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Tue, 08 Feb 2022 18:28:05 GMT
server
cloudflare
etag
"0-6202b635-0;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyd%2BIG5IreMFutaJUpLyZO6I7oJ%2BPzmt%2Bb9gsIV7gDW%2Fr4N%2FcfKqhULBtH6xZGtV6Y3O%2FzlTjgPY9CxBu1n7w947jDiBp14OsIh2Muxr2Pug3PNBxV7qp8Lo7pg1iooWpuyFpGq2ZDY5Ut%2BA"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=3600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c7db47268fa181d-EWR
expires
Tue, 14 May 2024 18:37:19 GMT
hb_vt_en.js
intothebid.com/wrapper/vt/ 		113 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intothebid.com/wrapper/vt/hb_vt_en.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2803a6c3d48a023daf4db4bf1747ca82522ddbc951350aef12d88f1ba2a96a7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
741
cf-polished
origSize=140124
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 22:06:15 GMT
server
cloudflare
etag
W/"2235c-6398f757-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47mKebgVRCMKdk%2FBM31YtLROMfZMVnsRHK%2FaP%2BzemkEJ1UHaZamOvaSeSsf6qlv8jG6lToyURCcRqAh0VKYrsupazNMqVWZbN4uwABf%2BtfxZiecEb%2FTlbCWqOCZ18JjCtAwO3McBo9eG07Tc"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=3600
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c7db47268fc181d-EWR
expires
Tue, 14 May 2024 18:37:19 GMT
autoptimize_6d5b05acf688e50291fd02da8c9c051d.js
www.visiontimes.com/wp-content/cache/autoptimize/js/ 		1 MB
233 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/cache/autoptimize/js/autoptimize_6d5b05acf688e50291fd02da8c9c051d.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f944b4d78cfac8ea5eb30b3445a8c0d393d46e8b625878d10ab29079c97d9638

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2454
cf-polished
origSize=1194012
x-cache-status
HIT
x-device
desktop
cf-bgj
minify
last-modified
Wed, 29 Jun 2022 21:34:47 GMT
server
cloudflare
etag
W/"62bcc577-12381c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6n2txFqCcb3OguyZ%2BEEW5p9h4sT8k%2BSS801yz4RV8fmEVvq5bEouJ7Xx3JEV9oV52NnD7ty%2F9yxbjG7MSzC9o4H2HH5ZkoMh85oIC2mQ8j%2Fub6NN%2BPDkLTgNWXGrujxESBOoGwgrCOt04HNhd9yFnvE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=864000
cf-ray
7c7db471ebcf03d5-EWR
expires
Thu, 25 May 2023 18:26:07 GMT
matomo.js
cdn.matomo.cloud/kreativreason.matomo.cloud/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.matomo.cloud/kreativreason.matomo.cloud/matomo.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f7:7400:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
Calisto-MT-583e9c844f.ttf
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/ 		71 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/Calisto-MT-583e9c844f.ttf
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcfb32778237c4943934f45b8373ddc2dac1ff2bce0758f1206919d6b771935c

Request headers

Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Origin
https://www.visiontimes.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2454
x-cache-status
STALE
content-length
73048
x-device
desktop
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
"63bee1fb-11d58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbCAUpqygF%2B7fkimtrATnM3H3by1BLWAv7gQnornsHx2UOouMPVHDhN0wb4w4qDuheJGMrxSIP1lribxSZN6BMPKtnAeWKm%2Bj80SyZMjY1ffbFmmQue4mQO%2B4S9Tv%2FOsyGAt6UTyzsvJLKIcYU7LpME%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7db471fbdf03d5-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
OpenSans-Bold-5bc6b83602.ttf
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/ 		127 KB
127 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/OpenSans-Bold-5bc6b83602.ttf
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8229f8206a0b49a2dc74820a78380eaf807c3d0f2066a53562d2b650aa21139

Request headers

Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Origin
https://www.visiontimes.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2454
x-cache-status
HIT
content-length
129784
x-device
desktop
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
"63bee1fb-1faf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHmTzVSw4tAJCCWOKOqNdtvIAOG%2FVV%2FR2S16tjatd6ylbCEe15nrqD2V9WX2h79DKN8jTTEYGS1Ms%2BiSmFzjOEFwHujHNF5JFxqYbgZz9tvwg%2BhaLJ7ju0iMzygB7DoJTYCF0IajYt91Ppg%2BM248wDE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7db471fbe003d5-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-solid-900.woff2
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/fa-solid-900.woff2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Origin
https://www.visiontimes.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2453
x-cache-status
HIT
content-length
78196
x-device
desktop
last-modified
Fri, 11 Mar 2022 18:40:17 GMT
server
cloudflare
etag
"622b9791-13174"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozk2RR%2BDR50SmGDtl7XoBE5%2FrIFp4zr4PkvVmpxf1gyZE2IOxUWfWwePqtX%2BrpaXZQcew9AG3%2FFyV4RpQoQTkRPveEQ1adveHZBxwaJWIf%2B3Y5ZM0yg%2BWkiOL1ELdsf6fb8EBD9IZlDab8awqQ6Yzl0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c7db471fbe203d5-EWR
expires
Wed, 14 Jun 2023 18:28:48 GMT
OpenSans_SemiCondensed-Bold-f0d9656ed3.ttf
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/ 		127 KB
128 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/OpenSans_SemiCondensed-Bold-f0d9656ed3.ttf
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa6978820330032ed14523dbcc082cbb7c621e7061ed75192981cc22324292a2

Request headers

Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Origin
https://www.visiontimes.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2453
x-cache-status
STALE
content-length
130080
x-device
desktop
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
"63bee1fb-1fc20"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyTS4noQ37cXmC2sD%2F3laArs8Epy5bqvSkBM8vgwJ99HvYMoVNBd9rjTLOiBo%2BQ3J%2BtG6ECNneUNdn8kr%2FwVOMFbpUAba1fMc1B1c%2FNuKqrjLIKJILi4VnO6z4mSUZGJtHqbR%2FWrB%2BblN2XKNfaS7jM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7db471fbe303d5-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-brands-400.woff2
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/fa-brands-400.woff2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Origin
https://www.visiontimes.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2453
x-cache-status
STALE
content-length
76764
x-device
desktop
last-modified
Fri, 11 Mar 2022 18:40:17 GMT
server
cloudflare
etag
"622b9791-12bdc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7cjoRUdQX4nxPK3dF%2FnkL2lzmuJz5RumrpLDIuRI41R4eh8wkJCGLv8agLNYcFYAO9c2uTSb8Xi1E3wj2ntU4pQV5lutmSLS8IOJAJDkiHISFrhK6k6pZr5Hkol52GJTDvNDicLoJ4VH8y5XbJVpYE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c7db471fbe403d5-EWR
expires
Wed, 14 Jun 2023 18:28:48 GMT
fa-regular-400.woff2
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/fa-regular-400.woff2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Request headers

Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Origin
https://www.visiontimes.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2453
x-cache-status
STALE
content-length
13276
x-device
desktop
last-modified
Fri, 11 Mar 2022 18:40:17 GMT
server
cloudflare
etag
"622b9791-33dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDY%2F92INwuty0IoxsUG7RowBYFlzyHtUobXZM5NNnqo9Y9Mak2NHKYqNTNtSO9bqGPMT4eOsYoclqSYF5uoCa17cZqbLy2jhOpDkyr2RqO43%2FArCibG%2FQ9jp%2Bcjdplrn%2FeT3Ku%2FyQH%2BbFn68971j3Eg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c7db471fbea03d5-EWR
expires
Wed, 14 Jun 2023 18:28:48 GMT
182dd511dd531fcb21ce7dfb5eb6d732
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/182dd511dd531fcb21ce7dfb5eb6d732?s=30&r=g
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
62067d30a82c5fa271f263c2bca39a7091afb9fb6ebcd321190e17c489b7529c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc
HIT jfk 1
date
Mon, 15 May 2023 19:14:36 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="182dd511dd531fcb21ce7dfb5eb6d732.jpg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/182dd511dd531fcb21ce7dfb5eb6d732?s=30&r=g>; rel="canonical"
content-length
1299
expires
Mon, 15 May 2023 19:19:36 GMT
GettyImages-1489513807.jpg
img.visiontimes.com/2023/05/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/05/GettyImages-1489513807.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d949d7fbe7bb0064c62827e80cdf1fb7ab581e0f505589fa8e36721fe22c9f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
MISS
last-modified
Mon, 15 May 2023 18:00:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64627338-244f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=801WxcVFhN1Ka2Nr3edqUwAhP4B6Q4q%2F468%2BdHEne1mRi5kwi0kqLmY1PFI5wpcPfG92mAJNA6lCxmESvtmVCC7u8FK4txqbO97Iey2yXg6h0lWuZrzFyS6NxTLf2%2BnT%2FXBJCCvJpzFhs%2BJN5kvJnf4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7db4726c4903d5-EWR
content-length
148728
expires
Mon, 29 May 2023 19:14:36 GMT
gtm.js
www.googletagmanager.com/ 		151 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8PQVQT
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c18::61 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
11de1ddbb4162e02aa4affd850e901836d332e087c3aac3604a971dc4d2f2c01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57940
x-xss-protection
0
last-modified
Mon, 15 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 May 2023 19:14:36 GMT
three-dots-03739ca6ce.svg
www.visiontimes.com/wp-content/themes/vt/dist/assets/icons/ 		1 KB
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/icons/three-dots-03739ca6ce.svg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
543c813be0525f2c048c1c3976f9a8291df8adec2b57e6d0e6891c2670909ea1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2453
x-cache-status
HIT
x-device
desktop
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
W/"63bee1fb-4dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77FqlG9nQRmA%2F3%2FfTFQRT%2BCYrMNXTVB4Y%2FGh6li0I8j3BVeIjd3ykwE1elkt3PXEG13uM9qlxH7vAXi7D2MHOzmTRG8pwov3M%2FB713z9JMUA9zqiK%2F0PL3WC54ECDM8PaBeof%2Fic%2F4SyRbSgaLkudnE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
7c7db4726c4d03d5-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
red-bg-long-f63d9b889b.png
www.visiontimes.com/wp-content/themes/vt/dist/Components/GridNewsFour/Assets/ 		350 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/Components/GridNewsFour/Assets/red-bg-long-f63d9b889b.png
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a609e03ee829de7700174fe87ea28bd52c3d4e38a5dfd55ba975c5b39383b71

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2453
cf-polished
origFmt=png, origSize=6116
x-cache-status
STALE
content-disposition
inline; filename="red-bg-long-f63d9b889b.webp"
content-length
350
x-device
desktop
cf-bgj
imgq:100,h2pri
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
"63bee1fb-17e4"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Pw28mOY4j2PkU%2F7VCoDK8dvA5XtK3nDq3EYMvsST0KMz47SGVrvMxCswj3mUqzE0TF7bmhCE0E%2BBPbr98UByjvM05j1LDAojEXlz2asIHJ%2BUGPYMqOW5qz%2BM5pe8PqX%2Bzqg97QALLJMGCCLQL2wunY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7db4726c4e03d5-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
red-bg-pix-7d7408dba4.png
www.visiontimes.com/wp-content/themes/vt/dist/assets/images/ 		110 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/images/red-bg-pix-7d7408dba4.png
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a75c6f77d0be8906f6b1845fd5a8bd7611e3f25533c61ff054a35c4a1758e6d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2453
cf-polished
origFmt=png, origSize=510
x-cache-status
STALE
content-disposition
inline; filename="red-bg-pix-7d7408dba4.webp"
content-length
110
x-device
desktop
cf-bgj
imgq:100,h2pri
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
"63bee1fb-1fe"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvx5LjXKOec77RjVD7%2BLloih8ryuBUfiMWXs7aWEpDRFIz5EPRMsn8D1tKcLrneYLe4OQ0bgv%2BOLiEUqOabmijfxT0ZlPxpfXsJoEPXeFCHgaG%2BoivfuWnARJNNW28nLubusjzRXpdJCS6FFfCulBoY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7db4726c4f03d5-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
load-more-bg-33d8317938.png
www.visiontimes.com/wp-content/themes/vt/dist/Components/ListMostRead/Assets/ 		666 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/Components/ListMostRead/Assets/load-more-bg-33d8317938.png
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b768a60e29472accdc1c52bf54069169b033481a0866608643e369e9c6b5429c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2453
cf-polished
origFmt=png, origSize=6677
x-cache-status
STALE
content-disposition
inline; filename="load-more-bg-33d8317938.webp"
content-length
666
x-device
desktop
cf-bgj
imgq:100,h2pri
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
"63bee1fb-1a15"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ti7js5dLh6RINcTLpxGmYPxr%2Bx%2FTuFJ7lEnzJUD7hYiaps1QBjLoi7DTu1SeZKyDhDC7x7duuRKKkGS3uEsKzOZYHWboCB7zKHwBOmjsclJfhBxLaJHiLzkBYHrsQ7HmkNJUOousuYM7zCCCvcu46ZY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7db4726c5103d5-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
924b00ecb2d3b22c84dfd3e73f23d8ccabba0f1810b9bc1828a0b5aa4c9e0310

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
GettyImages-1234464938-485x360.jpg
img.visiontimes.com/2023/05/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/05/GettyImages-1234464938-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e39b4b63e11dc12a31c99d45e033e2700b248dfcf23ec9663af26b375978276

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
MISS
last-modified
Mon, 15 May 2023 16:45:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"646261c6-7cf5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQbeZY6VmOEbOPb%2FX%2B7ur6mzQjLhJu0QctWG2nl%2FKld9XeddbqmAZ3z%2FP5xDiFkeEutV2nzKeZ8V0dlrVBrsKjuRuDqCkz8NAInu6XjDzDeNKwcs39uHPmUQ1G4WgEtRAqZ%2B5TbBKdFgZYdWs2ws3kY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7db4729c8203d5-EWR
content-length
31989
expires
Mon, 29 May 2023 19:14:36 GMT
513-new-york-falun-dafa-day-parade-485x360.jpeg
img.visiontimes.com/2023/05/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/05/513-new-york-falun-dafa-day-parade-485x360.jpeg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b3d660cfa369db69d2a34a66590c51ae01c59e1e5e153b8fdb5ba27c33b97f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
MISS
last-modified
Sat, 13 May 2023 18:00:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"645fd02c-d6aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUM%2BwcXF94MLp5dUa0iqkyVPbnSruVS5J2QKj0AR3N0Z6NvuJkJRrNh04oxk%2Fn94GNs%2F48QP51e%2BvWZfQ9kK3eizhdvImu%2BtAOpFj9Wgda7Tw0H6Hm1X4sHxoS9ct8SQ85HysVvYsT5rUuo6HeWAn%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7db4729c8403d5-EWR
content-length
54954
expires
Mon, 29 May 2023 19:14:36 GMT
Happy-Mothers-Day-GettyImages-1212290254-485x360.jpg
img.visiontimes.com/2023/05/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/05/Happy-Mothers-Day-GettyImages-1212290254-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
973d61ffd9b8fc5464a6d8fcf39f4d518e79fa361c231c7476fd84d0c43a3990

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
MISS
last-modified
Fri, 12 May 2023 20:50:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"645ea679-7c86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cz5rNd5WhHDTD%2Fxkjm5wg8zzAuXgQ5XjddFViRaMfJHjFP09VIJL0j2tWVDc5gw%2Fn%2Brx0Hf3sk7qZqdun7g4nHy%2FP5blHrwGjpUhilshYgYy7ZXpTTiTu91t%2BoWCbbExXPjZTB09v8vYWzx0OABW1%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7db472ccb103d5-EWR
content-length
31878
expires
Mon, 29 May 2023 19:14:36 GMT
GettyImages-465891666-485x360.jpg
img.visiontimes.com/2023/05/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/05/GettyImages-465891666-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8941f19dc443373147a8e47863cfee85ba13770d855b9de7e8d2eaf1820554ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
MISS
last-modified
Fri, 12 May 2023 15:35:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"645e5cd0-c66f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTYzV%2FRYTsJo%2FrbyUfdPFOpZi%2FlT%2FOD2FRUwYTihJ3yVVopeiTwEbd782uQZpdrDPLFhQLsZ0Vu75uyoruYe6wiZSnG8Yp33dWRSLlzegUC%2FAUUjNjCojIw%2F28ZOynTX%2FK5ctDWDLn4KXZ4eaILSSBI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7db472ccb203d5-EWR
content-length
50799
expires
Mon, 29 May 2023 19:14:36 GMT
New-York-City-Household-Food-Consumption-Tracking-Carbon-Climate-Greenhouse-Gasses-485x360.jpg
img.visiontimes.com/2023/04/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/04/New-York-City-Household-Food-Consumption-Tracking-Carbon-Climate-Greenhouse-Gasses-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
723589e86355c5e053b1e56ece7a7e6f517de9d67c6d128641f8a1f5dfdc9b16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
99536
cf-polished
origSize=41804, status=webp_bigger
content-length
39360
cf-bgj
imgq:100,h2pri
last-modified
Wed, 19 Apr 2023 19:53:39 GMT
server
cloudflare
etag
"644046c3-a34c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDf%2BxNyI8P2%2FZLGFeFff6f9rMRXP3x%2FbF9uPcQgnFBVPN%2BSBDO%2FKBHD5swxjrya%2B5iPcdm3ldOMcRnE%2BbY7R9QQab5JEjEiFomQNLXDv3cb4EmaHc8ScTCiFy54h%2B3GWKEHZG2QAk7lMr5z8YXiY1uI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7db472dcbb03d5-EWR
expires
Sun, 28 May 2023 15:35:40 GMT
Benadryl-Challenge-TikTok-Promoting-Suicide-485x360.jpg
img.visiontimes.com/2023/04/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/04/Benadryl-Challenge-TikTok-Promoting-Suicide-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ae19d089b3e0cc99f179f96b84d9f0b881a17a6cd354910a546480b40b068b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
99536
cf-polished
origSize=21497, status=webp_bigger
content-length
20560
cf-bgj
imgq:100,h2pri
last-modified
Fri, 21 Apr 2023 07:04:45 GMT
server
cloudflare
etag
"6442358d-53f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkVQcrp9wc1Zllvagn4JVOcWynpBsonxZ2lvI%2BPSnfilz6kOk9zdri81pKoMY%2FASvNvVIyxe%2BCWjjdcJoLfeRqyFq0O26tIQbJNw4IzH3L7sXs1Yej15WwoScgEb1KjuSzgBkVjXXzEWAUysPwd4AZc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7db472ecce03d5-EWR
expires
Sun, 28 May 2023 15:35:40 GMT
GettyImages-1347948466-485x360.jpg
img.visiontimes.com/2023/04/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/04/GettyImages-1347948466-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18c641d6ffba288e8c3aa659e344f5078e06bef643a3f70b738a107f5225d9a7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
MISS
last-modified
Wed, 19 Apr 2023 16:58:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64401dae-6000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BZQZuibQHc1fp3VduaLiXYaplS6fYgH1tuY4rZ1W8ASd0jo6uGPmdBsyaLKd3e%2FrroGhcKAlENiSzl4NhgWoxytxL5geAv24FZaoDgiYp7p%2BVQNDp2muXYqwFtF%2BK9%2BKXw77RVFg14BEl74K8%2BhSvI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7db472ecd003d5-EWR
content-length
24576
expires
Mon, 29 May 2023 19:14:36 GMT
GettyImages-1251952181-485x360.jpg
img.visiontimes.com/2023/04/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/04/GettyImages-1251952181-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb84d55d0eff18a727382e14c781549b9157e06de76f7fd0fbd1ba3993ef47d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
MISS
last-modified
Tue, 18 Apr 2023 19:20:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"643eed81-4f80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFzdPbLobDE46NKlmPLOmIJwbmOFaivFmyxptuBKN6l5%2B86LI2xkZA5qO69dPVpFNFrNdOVlQFhsFkj7DqOv2etiAIFIpsWKYa1uJYU38RmqiEkIORtl%2BSKyhwVAkCjh%2F0kKjuvQ36ay78BFdMQTbrs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7db472ecd103d5-EWR
content-length
20352
expires
Mon, 29 May 2023 19:14:36 GMT
GettyImages-1351312041-485x360.jpg
img.visiontimes.com/2023/05/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/05/GettyImages-1351312041-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37ee14a863ff71490b976ec2dd4891f72aaa350cbae91ea6590fa079a17ca482

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
MISS
last-modified
Wed, 03 May 2023 16:50:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"645290c3-6bcf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSEx9jtlaqBMnqjj5zXIN1tV%2BWsiOqEa02UYHG06WF5cOUfGbkMN2DsN66vinlrNJEg60crs4%2FtABAtOz2uuE7KfTRBMhDc2qLCrLOH0vxJu9oA%2B%2BkdXyadhOzM8Y8dapgX5PueQPNK6uobPaEYMXcI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7db4735d3203d5-EWR
content-length
27599
expires
Mon, 29 May 2023 19:14:36 GMT
GettyImages-1196587766-485x360.jpg
img.visiontimes.com/2023/04/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/04/GettyImages-1196587766-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
371dedf7de0db5146a3d67d490d968951d5098b692b72a22364f0886a830b093

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
99536
cf-polished
origSize=27612, status=webp_bigger
content-length
25941
cf-bgj
imgq:100,h2pri
last-modified
Thu, 20 Apr 2023 20:58:33 GMT
server
cloudflare
etag
"6441a779-6bdc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euzHKH4EGMyLTC8XPPkZnn%2F8oN7xfne6bnqd2YClvg2PrecZvkbDOXiZkckeRjW2Jtnc6OvUlIVjnf2XCoBmynEwUxEwVm2H%2BH6rEeaFNX%2Bor123R3KcNZv%2BUAu02h%2BOIVyaPbh6HXI8yhSzCwqzPPk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7db4738d6203d5-EWR
expires
Sun, 28 May 2023 15:35:40 GMT
Banner-700x420-1-485x360.jpeg
img.visiontimes.com/2023/01/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/01/Banner-700x420-1-485x360.jpeg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bd1c04468c18abf9010ddb236bc7303af83acad77b42afe8cec2f469248cdf2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
279782
cf-polished
origSize=20523, status=webp_bigger
content-length
18617
cf-bgj
imgq:100,h2pri
last-modified
Mon, 30 Jan 2023 20:52:16 GMT
server
cloudflare
etag
"63d82e00-502b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGSLtHWWWDiU3Eh%2By%2F1dOe%2BhrLvElwkOdkXAuGcp%2FKHjNB7UlgJANx%2BTCpmnz3pQbrLy6%2BzIPML7c0uKW6OK5V55THJSBCE9dv%2BHq8Jjk86i0Q2%2BlPDE4FCws1xsham%2BFTbAoGqPAO6M5ytAW69lVlk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7db4738d6603d5-EWR
expires
Fri, 26 May 2023 13:31:34 GMT
Dublin-Declaration-Animal-Frontiers-Meat-Animal-Livestock-Necessary-Positive--485x360.jpg
img.visiontimes.com/2023/05/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/05/Dublin-Declaration-Animal-Frontiers-Meat-Animal-Livestock-Necessary-Positive--485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6899fddcfe69388ba17a95eb9b4768f3e0d5eee6aebb1c25a786fe28213f496b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
99536
cf-polished
origSize=47443, status=webp_bigger
content-length
44582
cf-bgj
imgq:100,h2pri
last-modified
Wed, 03 May 2023 02:08:00 GMT
server
cloudflare
etag
"6451c200-b953"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f52rzkfSejOVyAuIeVn1EiSXvckcNR17eW4m7sSjysDHX52a9U0yZTeBigrnC5U1cRK6fYYA6K%2FdWq8Hh1CeLYwby0%2F4BLVDraaKnHgn3vR8BnqJ%2FEm1N90h%2F99DmRRlmbostNPWTwkUNAcu1Dj%2Fi5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7db473ad7a03d5-EWR
expires
Sun, 28 May 2023 15:35:40 GMT
Dutch-Netherlands-Government-Confiscate-3000-Farms-Saving-Environment-485x360.jpg
img.visiontimes.com/2022/11/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2022/11/Dutch-Netherlands-Government-Confiscate-3000-Farms-Saving-Environment-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9781006eadf402f4feba4449c9c94faefdf6c209fd367f1ffbb25e25653ab5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
99536
cf-polished
origSize=36364, status=webp_bigger
content-length
34553
cf-bgj
imgq:100,h2pri
last-modified
Tue, 29 Nov 2022 05:02:32 GMT
server
cloudflare
etag
"63859268-8e0c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMxTBN0qxEp0mVkRBHNpq4%2FG07Ot9U87F%2BwI8Dy4TkoOzpBNKOefm60Sxif9zz0KEZZkZUNbMSKocgfw2qseFxAVjwd%2FwYKsKZ3cdI8xwVphDOoEgB8xMEeRl05zfIKHktowlG5pC%2BlmoFecWRwKxVM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7db473ad7b03d5-EWR
expires
Sun, 28 May 2023 15:35:40 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 31C4 		320 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.visiontimes.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105435
content-type
text/html; charset=utf-8
date
Mon, 15 May 2023 19:14:36 GMT
etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
last-modified
Tue, 24 Jan 2023 21:41:13 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT
x-served-by
cache-iad-kcgs7200061-IAD
grumi-ip.js
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/hb_vt_en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:b000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 18:38:11 GMT
x-amz-version-id
HFh6IzfXdoZ1C3.xWGNljbr4Xf2FaWTm
content-encoding
br
last-modified
Mon, 27 Mar 2023 06:19:39 GMT
server
AmazonS3
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"22b4da07003fc88ea067e3f866ea9c5a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
2186
x-amz-cf-id
EcCUeDRA8RyYThgQc8WAr4t2KfPVTUyZW7CkFhOlMTKcjW5ClFE7XA==
apstag.js
c.amazon-adsystem.com/aax2/ 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/hb_vt_en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.164.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-164-236.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a95e7d0a3cb18909649c1c1cf3a03b867df399d7a68a95438700d0c250190ea5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 18:16:03 GMT
content-encoding
gzip
via
1.1 6aa8d2883437a2897f326bfc58beed3c.cloudfront.net (CloudFront), 1.1 0a864429e4c3205f41fe9901ea675d26.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:05 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, CMH68-P1
age
3514
x-amz-server-side-encryption
AES256
etag
W/"7495a9027cbb36cfc88c8eb9e9614a3b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
rSSIFqO306W57gU_tNKK4-Zw0mEFqNtwh-_2vpDoIjx8cKtgyv88-A==
version.json
sdki.truepush.com/sdk/ 		176 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/version.json
Requested by
Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.3/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f7:c200:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ecf24b7db78a8e99bb3c0581cc859f5edc4ef62e682d91e963ff3e9f8763c62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 01 May 2023 12:07:13 GMT
via
1.1 b7f97186b1999ddac2896624abb211e4.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 05:36:06 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
age
1235244
etag
"327739750637fd5a1dd49dd855637862"
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=300
accept-ranges
bytes
content-length
176
x-amz-cf-id
_IUTR7kmeW2xF7QSUd0T_y4-zCEOAJy15CFgPo4NWdGgrzi1F-jbnw==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.visiontimes.com%2F&domain=www.visiontimes.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.visiontimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 15 May 2023 19:14:36 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
627143
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
localstore.js
script.4dex.io/ 		483 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 19:14:36 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2316902
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPEimU37rWj3xjLA0T2QdXnTjEWqjXvx9B92JiA%2B1XLH%2BpvsN72D7CdvTn8MJevH0YUL7m7SuiQ93ml5Wx1C3yC2mju8kswNaO6YJuCIN9YZFZgkjjSp0MPbnZsI3IphLPu2JRpouRUcQx%2Ba"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7c7db47458608ce9-EWR
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.visiontimes.com%2F&domain=www.visiontimes.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=uYGo-3xwSk5UU3B4STIvSFB3NlEyajAxUjVaY0VYVzlzQUYxV0thTlc5ZVA1eHhLR1NYVENyL0YvNlNUWUh3NkZ2bldzYVIrbzYzMmlvUFR1VlFGQTNpTCsveDJnVEo1cGdPVE5xR3o2Y3dJeDNJQmI5R3pRZjFGUnJlTX...
370 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=uYGo-3xwSk5UU3B4STIvSFB3NlEyajAxUjVaY0VYVzlzQUYxV0thTlc5ZVA1eHhLR1NYVENyL0YvNlNUWUh3NkZ2bldzYVIrbzYzMmlvUFR1VlFGQTNpTCsveDJnVEo1cGdPVE5xR3o2Y3dJeDNJQmI5R3pRZjFGUnJlTXdOekdNZVQxKytvQldSdGZ1NTJ2a3RqT01MTFJJODllaTBEcHRsUG5maXRoRi9QNk9zdzN3d1dDVm9Jd0VyUWJQWEtmWmlPSUFqUnUzUTBaMVpyeGtOWE4zeVpoUXMxNXNjenNKcHRWOFNGSVMyL3gzdVRsd1ZETXErUlU2VXI2VVBEMkZVY3hufA&cppv=2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3e6297a42d20c71ca777f68400b7ebadec574018ca39062469821c99fec9a50f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1241156
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=uYGo-3xwSk5UU3B4STIvSFB3NlEyajAxUjVaY0VYVzlzQUYxV0thTlc5ZVA1eHhLR1NYVENyL0YvNlNUWUh3NkZ2bldzYVIrbzYzMmlvUFR1VlFGQTNpTCsveDJnVEo1cGdPVE5xR3o2Y3dJeDNJQmI5R3pRZjFGUnJlTXdOekdNZVQxKytvQldSdGZ1NTJ2a3RqT01MTFJJODllaTBEcHRsUG5maXRoRi9QNk9zdzN3d1dDVm9Jd0VyUWJQWEtmWmlPSUFqUnUzUTBaMVpyeGtOWE4zeVpoUXMxNXNjenNKcHRWOFNGSVMyL3gzdVRsd1ZETXErUlU2VXI2VVBEMkZVY3hufA&cppv=2
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
507739
content-length
0
expires
0
1009.json
id5-sync.com/g/v2/ 		599 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1009.json
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
5008c5ece0fc4bfc91cc04ba0209a1c808c27835e6cb2859a336e5ab6f232da7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
id
id.crwdcntrl.net/ 		75 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.80.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-80-63.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c434dd6ec2695636ee632be0021ace68f74ac6cf12b55a541398c81becdb8d45

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:36 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache
x-server
10.40.44.188
access-control-allow-credentials
true
content-length
75
expires
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/ 		403 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074524
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98a3ab26574717a95d200c12658c4dbbb28109a057cc52f8a100e6da2b645963
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 10:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
31037
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127561
x-xss-protection
0
server
cafe
etag
1000764176958695900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 14 May 2024 10:37:19 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		534 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.visiontimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcd17d87223e4a3c2032ebf5197703e662d81c36f61f73e13667dacf2931d291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
247
x-xss-protection
0
expires
Mon, 15 May 2023 19:14:36 GMT
settings
syndication.twitter.com/ Frame 31C4 		870 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=e05b3d83e48654980e37561fd4d1219f5cc84978
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.visiontimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
6
date
Mon, 15 May 2023 19:14:36 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Mon, 15 May 2023 19:14:37 GMT
server
tsa_b
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
adb1681684377c71
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
f334bc0712286e3102da6fdc617d3c02d1a4cc876a89c5013a1677c699c5c03a
content-length
338
prebid
mp.4dex.io/ 		1002 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29cf64f2803d13b3dd5fa49d8e9fbbd9808168fbf0885fa80379c95b0be4d2f2

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Mon, 15 May 2023 19:14:37 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1096
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c7db4752d6f8c05-EWR
expires
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:37 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		963 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1544e43ec27c6b71ef0760af8c4305e1d3edeee7c03138f2ee539b1a8580ac58
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 15 May 2023 19:14:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
888ab238-7867-4ee4-bd5f-4b3390f3ab1f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.visiontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
main.js
sdki.truepush.com/sdk/v2.0.4/ 		80 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/v2.0.4/main.js
Requested by
Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.3/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f7:c200:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dc50509c75d563ba18f32e35c8aa2ff630f46492df8dad7c66515fe6eaf34ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 08:52:06 GMT
content-encoding
gzip
via
1.1 ff8e36e5267cb39e0ce8c3df049957a6.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 04:37:19 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
age
1419751
etag
"3d47f45ecfb765f8b8b58d2a4b1883fb"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
18934
x-amz-cf-id
cdghm9UYcuttaUFWsZ-LdlzJjZtl2pLdLACPiiQBzjEMB8aKuwYcUg==
/
www.googleadservices.com/pagead/conversion/464712619/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/464712619/?random=1684178076938&cv=11&fst=1684178076938&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Celebrities%2C%20Internet%20Personalities%20Open%20Their%20Wallets%20to%20Fund%20Daniel%20Penny%E2%80%99s%20Defense%20-%20Vision%20Times&value=0&bttype=purchase&auid=2073693243.1684178077&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8PQVQT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
20895e64fdd28d1b1259a68c123ab86947a12d0408ffdefb1060b9152b8c01c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1722
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
atrk.js
certify-js.alexametrics.com/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 15 May 2023 19:14:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
ZGakBdot6etu4G6EZpuxvs5n7SnYoHgoZ+OZ94Yt2Gm7JNyXjwoI1N3UBeu8a4GZd4UO5COJJQjIHqe0XDMobg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), bluetooth=(), screen-wake-lock=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		232 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7LEG9MJJ0Q&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8PQVQT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c18::61 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83cea0e6811a07f7a7c0c7988ecce5ae88c7d68add131d570206723737ab607a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82063
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 May 2023 19:14:36 GMT
grumi.js
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ 		241 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:b000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c4d58aadd59e1cedc90cef210d1f7d5e6b06a8a28c5366b609e790d6a96dab6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 18:37:29 GMT
x-amz-version-id
1csbLMFc7N8qFgi0ob5NMtZKYwUpg97s
content-encoding
br
last-modified
Mon, 15 May 2023 18:23:00 GMT
server
AmazonS3
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"72069307276fcd2627d025ae6854e9d4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2227
x-amz-cf-id
B4cXLPqcDGUgXNatzUlFRjq3ZKmSOS1jUE3l_4hEDCXDZz1s_70oKw==
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 19:14:37 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
524044
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUptDFuizLiRnSzhSn4OB1o0%2BnLU86htim2P66aduMWbWSSiIsuV9FFx72%2F0eiDwc%2FxiuY%2Bwo4La3dgNdpRpBaQAxei9vdAP3UD1GwNqNX8RmEceSM7%2FoodRt0wyskwVxGaqPw6jjZfLqXIj"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7c7db4754e12425b-EWR
config
c.amazon-adsystem.com/cdn/prod/ 		469 B
829 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.visiontimes.com&pubid=3461f73b-6362-4745-8a10-f16ffbdf676e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.164.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-164-236.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
7d023f18fa0dabb2d29a1926fe8e6e0f794724f4359ceb19869a409a1e7e98a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 18:04:59 GMT
via
1.1 0a864429e4c3205f41fe9901ea675d26.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CMH68-P1
age
4177
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
469
x-amz-cf-id
4nHZHWV2Y5PJ0yCf3WW4xh_O4051lAJtaIHnXp4BG6YUo9F2wRAjMQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		670 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&pid=A29j3KeOvjUsg&cb=0&ws=1600x1200&v=23.505.1627&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1637331984526-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22652677200%2Fvisiontimes_en%2Fdesktop_catfish%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1637331987129-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22652677200%2Fvisiontimes_en%2Fdesktop_middle_01%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1637331990247-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22652677200%2Fvisiontimes_en%2Fdesktop_middle_02%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1637331992487-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22652677200%2Fvisiontimes_en%2Fdesktop_middle_03%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1637331996002-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2222652677200%2Fvisiontimes_en%2Fdesktop_sidebar_01%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1637331998545-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2222652677200%2Fvisiontimes_en%2Fdesktop_sidebar_02%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1637332002034-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22652677200%2Fvisiontimes_en%2Fdesktop_top%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!152media.info%2C152M164%2C1%2C%2C%2C&pubid=3461f73b-6362-4745-8a10-f16ffbdf676e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.180.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-180-227.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
3b4ee1774ed4fa693e66c07b19a8c8a08ab1a977b5493e64b9a55be5ac6ef84b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ea282d6e9982c684c0e1bd42f4c43f3a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CMH68-P2
x-amz-rid
R8KTWQD6Y8RJ6PHRFKQ7
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
670
x-amz-cf-id
eECS996xaEodJ2LRm3Htd2mx4CD50mjmPpKpKJPp3x-RgS4WCCswnw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.164.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-164-236.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 b7f97186b1999ddac2896624abb211e4.cloudfront.net (CloudFront)
date
Sun, 14 May 2023 23:42:38 GMT
x-amz-cf-pop
CMH68-P1
age
70320
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
EpJTsPvQwPBcO2PmydY8hZZcB2eIiz-tvOKm2duh1qxOEB3REU7t2Q==
22652677200
fundingchoicesmessages.google.com/i/ 		132 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22652677200?ers=3
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::64 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
466fa9d542d97ff29e7394170a360f14c03bcc1fbf79c0d14bae574dc3f11cab
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-lfhAyDchtGkzCPF9ZHt6vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-lfhAyDchtGkzCPF9ZHt6vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
G1G0FG3MDD0YY9JZ
age
2974
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7c7db475cc6717ad-EWR
x-amz-id-2
gZjEGIN/A+ELqGyZ+8g3bg5DG9j7POUhpHHdorZOVC70AJIPhmoUibez8s36Fa6LOoF7eEbLjng=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.31.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-31-106.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 19:14:37 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=uYGo-3xwSk5UU3B4STIvSFB3NlEyajAxUjVaY0VYVzlzQUYxV0thTlc5ZVA1eHhLR1NYVENyL0YvNlNUWUh3NkZ2bldzYVIrbzYzMmlvUFR1VlFGQTNpTCsveDJnVEo1cGdPVE5xR3o2Y3dJeDNJQmI5R3pRZjFGUnJlTXdOekdNZVQxKytvQldSdGZ1NTJ2a3RqT01MTFJJODllaTBEcHRsUG5maXRoRi9QNk9zdzN3d1dDVm9Jd0VyUWJQWEtmWmlPSUFqUnUzUTBaMVpyeGtOWE4zeVpoUXMxNXNjenNKcHRWOFNGSVMyL3gzdVRsd1ZETXErUlU2VXI2VVBEMkZVY3hufA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 15 May 2023 19:14:37 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
480932
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truepushSDKPlatfromDetails
sdk.truepush.com/api/v2/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
Requested by
Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.4/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.212.226 , India, ASN18229 (CTRLS-AS-IN CtrlS, IN),
Reverse DNS
static-103-231-212-226.ctrls.in
Software
/
Resource Hash
fbaac91675e4fb73e0e243081c362535d0160dd5713886ecd67d07b563d847f7
Security Headers
Name Value
Content-Security-Policy img-src * data:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

Content-Security-Policy
img-src * data:
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Mon, 15 May 2023 19:14:38 GMT
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Transfer-Encoding
chunked
X-XSS-Protection
0
Referrer-Policy
no-referrer
ETag
W/"440-gEXwGwkjIAH1gUSKTC9YzU08nwk"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Vary
Origin, X-HTTP-Method-Override, Accept-Encoding
X-Download-Options
noopen
Access-Control-Allow-Origin
https://www.visiontimes.com
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Credentials
true
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.31.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-31-106.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.visiontimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 15 May 2023 19:14:37 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
truepushSDKPlatfromDetails
sdk.truepush.com/api/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.212.226 , India, ASN18229 (CTRLS-AS-IN CtrlS, IN),
Reverse DNS
static-103-231-212-226.ctrls.in
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.visiontimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://www.visiontimes.com
Content-Length
0
Date
Mon, 15 May 2023 19:14:37 GMT
Vary
Origin, Access-Control-Request-Headers
X-Powered-By
Express
tweet.b81b6d7af2d75db873cff6099e4f433a.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/tweet.b81b6d7af2d75db873cff6099e4f433a.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3d5684523c3de8ab2ac3bca237d12e4affbb4d4b39a41109d975a489fa12427

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
2700
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Tue, 24 Jan 2023 21:41:06 GMT
etag
"09ec5707a836b9e4f4427dcddd1d0c64+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=%2F22652677200%2Fvisiontimes_en%2Fdesktop_bottom&evt=init&ts=1684178077056&pv_id=d1948add-db90-4d14-bbdf-bfab9bf3678b&amts=ban&asizes=728x90&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&auct_id=fbfd8915-fbdf-44ec-85f5-c91db858f9b0&auct_start=1684178076902&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1684178076180&partid=2023051519&bidders=adagio%2Csmartadserver%2Cappnexus&cpm=%2C%2C&cpm_adjst_rate=%2C%2C&net_rev=%2C%2C&cur=%2C%2C&cur_rate=%2C%2C&ttr=%2C%2C&bttr=%2C%2C&sts=%2C%2C&w=%2C%2C&h=%2C%2C&deal=%2C%2C&timeout=%2C%2C&won=%2C%2C&no_bid=%2C%2C&crea_id=%2C%2C&mt=%2C%2C&cat=&dvc=&env=&org_id=1096&pgtyp=&plcmt=%2F22652677200%2Fvisiontimes_en%2Fdesktop_bottom&site=visiontimes-com&subcat=&os=&brwsr=&u_ts=1684178076&adgjsv=1.16.2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=%2F22652677200%2Fvisiontimes_en%2Fdesktop_catfish&evt=init&ts=1684178077056&pv_id=d1948add-db90-4d14-bbdf-bfab9bf3678b&amts=ban&asizes=728x90&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&auct_id=fbfd8915-fbdf-44ec-85f5-c91db858f9b0&auct_start=1684178076902&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1684178076180&partid=2023051519&bidders=adagio%2Csmartadserver%2Cappnexus&cpm=%2C%2C&cpm_adjst_rate=%2C%2C&net_rev=%2C%2C&cur=%2C%2C&cur_rate=%2C%2C&ttr=%2C%2C&bttr=%2C%2C&sts=%2C%2C&w=%2C%2C&h=%2C%2C&deal=%2C%2C&timeout=%2C%2C&won=%2C%2C&no_bid=%2C%2C&crea_id=%2C%2C&mt=%2C%2C&cat=&dvc=&env=&org_id=1096&pgtyp=&plcmt=%2F22652677200%2Fvisiontimes_en%2Fdesktop_catfish&site=visiontimes-com&subcat=&os=&brwsr=&u_ts=1684178076&adgjsv=1.16.2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=%2F22652677200%2Fvisiontimes_en%2Fdesktop_middle_01&evt=init&ts=1684178077056&pv_id=d1948add-db90-4d14-bbdf-bfab9bf3678b&amts=ban&asizes=728x90&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&auct_id=fbfd8915-fbdf-44ec-85f5-c91db858f9b0&auct_start=1684178076902&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1684178076180&partid=2023051519&bidders=adagio%2Csmartadserver%2Cappnexus&cpm=%2C%2C&cpm_adjst_rate=%2C%2C&net_rev=%2C%2C&cur=%2C%2C&cur_rate=%2C%2C&ttr=%2C%2C&bttr=%2C%2C&sts=%2C%2C&w=%2C%2C&h=%2C%2C&deal=%2C%2C&timeout=%2C%2C&won=%2C%2C&no_bid=%2C%2C&crea_id=%2C%2C&mt=%2C%2C&cat=&dvc=&env=&org_id=1096&pgtyp=&plcmt=%2F22652677200%2Fvisiontimes_en%2Fdesktop_middle_01&site=visiontimes-com&subcat=&os=&brwsr=&u_ts=1684178076&adgjsv=1.16.2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=%2F22652677200%2Fvisiontimes_en%2Fdesktop_middle_02&evt=init&ts=1684178077056&pv_id=d1948add-db90-4d14-bbdf-bfab9bf3678b&amts=ban&asizes=728x90&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&auct_id=fbfd8915-fbdf-44ec-85f5-c91db858f9b0&auct_start=1684178076902&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1684178076180&partid=2023051519&bidders=adagio%2Csmartadserver%2Cappnexus&cpm=%2C%2C&cpm_adjst_rate=%2C%2C&net_rev=%2C%2C&cur=%2C%2C&cur_rate=%2C%2C&ttr=%2C%2C&bttr=%2C%2C&sts=%2C%2C&w=%2C%2C&h=%2C%2C&deal=%2C%2C&timeout=%2C%2C&won=%2C%2C&no_bid=%2C%2C&crea_id=%2C%2C&mt=%2C%2C&cat=&dvc=&env=&org_id=1096&pgtyp=&plcmt=%2F22652677200%2Fvisiontimes_en%2Fdesktop_middle_02&site=visiontimes-com&subcat=&os=&brwsr=&u_ts=1684178076&adgjsv=1.16.2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
bids.gif
c.4dex.io/ 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=%2F22652677200%2Fvisiontimes_en%2Fdesktop_middle_03&evt=init&ts=1684178077056&pv_id=d1948add-db90-4d14-bbdf-bfab9bf3678b&amts=ban&asizes=728x90&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&auct_id=fbfd8915-fbdf-44ec-85f5-c91db858f9b0&auct_start=1684178076902&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1684178076180&partid=2023051519&bidders=adagio%2Csmartadserver%2Cappnexus&cpm=%2C%2C&cpm_adjst_rate=%2C%2C&net_rev=%2C%2C&cur=%2C%2C&cur_rate=%2C%2C&ttr=%2C%2C&bttr=%2C%2C&sts=%2C%2C&w=%2C%2C&h=%2C%2C&deal=%2C%2C&timeout=%2C%2C&won=%2C%2C&no_bid=%2C%2C&crea_id=%2C%2C&mt=%2C%2C&cat=&dvc=&env=&org_id=1096&pgtyp=&plcmt=%2F22652677200%2Fvisiontimes_en%2Fdesktop_middle_03&site=visiontimes-com&subcat=&os=&brwsr=&u_ts=1684178076&adgjsv=1.16.2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=%2F22652677200%2Fvisiontimes_en%2Fdesktop_sidebar_01&evt=init&ts=1684178077056&pv_id=d1948add-db90-4d14-bbdf-bfab9bf3678b&amts=ban&asizes=300x250%7C300x600&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&auct_id=fbfd8915-fbdf-44ec-85f5-c91db858f9b0&auct_start=1684178076902&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1684178076180&partid=2023051519&bidders=adagio%2Csmartadserver%2Cappnexus&cpm=%2C%2C&cpm_adjst_rate=%2C%2C&net_rev=%2C%2C&cur=%2C%2C&cur_rate=%2C%2C&ttr=%2C%2C&bttr=%2C%2C&sts=%2C%2C&w=%2C%2C&h=%2C%2C&deal=%2C%2C&timeout=%2C%2C&won=%2C%2C&no_bid=%2C%2C&crea_id=%2C%2C&mt=%2C%2C&cat=&dvc=&env=&org_id=1096&pgtyp=&plcmt=%2F22652677200%2Fvisiontimes_en%2Fdesktop_sidebar_01&site=visiontimes-com&subcat=&os=&brwsr=&u_ts=1684178076&adgjsv=1.16.2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=%2F22652677200%2Fvisiontimes_en%2Fdesktop_sidebar_02&evt=init&ts=1684178077056&pv_id=d1948add-db90-4d14-bbdf-bfab9bf3678b&amts=ban&asizes=300x250%7C300x600&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&auct_id=fbfd8915-fbdf-44ec-85f5-c91db858f9b0&auct_start=1684178076902&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1684178076180&partid=2023051519&bidders=adagio%2Csmartadserver%2Cappnexus&cpm=%2C%2C&cpm_adjst_rate=%2C%2C&net_rev=%2C%2C&cur=%2C%2C&cur_rate=%2C%2C&ttr=%2C%2C&bttr=%2C%2C&sts=%2C%2C&w=%2C%2C&h=%2C%2C&deal=%2C%2C&timeout=%2C%2C&won=%2C%2C&no_bid=%2C%2C&crea_id=%2C%2C&mt=%2C%2C&cat=&dvc=&env=&org_id=1096&pgtyp=&plcmt=%2F22652677200%2Fvisiontimes_en%2Fdesktop_sidebar_02&site=visiontimes-com&subcat=&os=&brwsr=&u_ts=1684178076&adgjsv=1.16.2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=%2F22652677200%2Fvisiontimes_en%2Fdesktop_top&evt=init&ts=1684178077056&pv_id=d1948add-db90-4d14-bbdf-bfab9bf3678b&amts=ban&asizes=728x90&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&auct_id=fbfd8915-fbdf-44ec-85f5-c91db858f9b0&auct_start=1684178076902&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1684178076180&partid=2023051519&bidders=adagio%2Csmartadserver%2Cappnexus&cpm=%2C%2C&cpm_adjst_rate=%2C%2C&net_rev=%2C%2C&cur=%2C%2C&cur_rate=%2C%2C&ttr=%2C%2C&bttr=%2C%2C&sts=%2C%2C&w=%2C%2C&h=%2C%2C&deal=%2C%2C&timeout=%2C%2C&won=%2C%2C&no_bid=%2C%2C&crea_id=%2C%2C&mt=%2C%2C&cat=&dvc=&env=&org_id=1096&pgtyp=&plcmt=%2F22652677200%2Fvisiontimes_en%2Fdesktop_top&site=visiontimes-com&subcat=&os=&brwsr=&u_ts=1684178076&adgjsv=1.16.2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
448123030045464
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/448123030045464?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5daf3ddd0d8644eaaf32623d688bc566f5c0085f28fe8a3b9010fe243fe2343e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 15 May 2023 19:14:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
B2BCOWDNkoHEMTnZP+MkU643Oa5hFvZzZWVTLzNDS+w/Kzzgbe+5ST24ykbVHsZVYMFnndPl3Yxm/c3UfrTLTA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), bluetooth=(), idle-detection=(), screen-wake-lock=(), serial=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-conversion/464712619/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/464712619/?random=1208201178&cv=11&fst=1684178076938&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
  • https://www.google.com/pagead/1p-conversion/464712619/?random=1208201178&cv=11&fst=1684178076938&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F202...
42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/464712619/?random=1208201178&cv=11&fst=1684178076938&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Celebrities%2C%20Internet%20Personalities%20Open%20Their%20Wallets%20to%20Fund%20Daniel%20Penny%E2%80%99s%20Defense%20-%20Vision%20Times&value=0&auid=2073693243.1684178077&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExDSG93WVFsb3ktdlBmTzQ0TXBFaVlBRmtPelljd3R6VkxxVEtGMTR3Q3RkemJvU1o1UnhFa3d2UEdKRVR0Zkpxc3g4SkFDUHcaWENoQUk4TENIb3dZUWlJTzMzdnZENkpadEVpNEFHMU5XMGVWbXVyNXpCV2gtNE5kd3E2b3pQWGtEbjVxVWdDMUNoWFVqQ0lfYlhWaW1vZGl6YmFPRUdQMWg&is_vtc=1&ocp_id=nYRiZJqqAcSF_gTEwrmQAw&eitems=ChAI8LCHowYQlqKdsc7m4tJYEh0AJVrbTf-DR0WceR6Gu4oK1huFrRi23FU8oZ9eKw&random=1640366969
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Server
2607:f8b0:400c:c0a::93 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:37 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/464712619/?random=1208201178&cv=11&fst=1684178076938&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Celebrities%2C%20Internet%20Personalities%20Open%20Their%20Wallets%20to%20Fund%20Daniel%20Penny%E2%80%99s%20Defense%20-%20Vision%20Times&value=0&auid=2073693243.1684178077&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExDSG93WVFsb3ktdlBmTzQ0TXBFaVlBRmtPelljd3R6VkxxVEtGMTR3Q3RkemJvU1o1UnhFa3d2UEdKRVR0Zkpxc3g4SkFDUHcaWENoQUk4TENIb3dZUWlJTzMzdnZENkpadEVpNEFHMU5XMGVWbXVyNXpCV2gtNE5kd3E2b3pQWGtEbjVxVWdDMUNoWFVqQ0lfYlhWaW1vZGl6YmFPRUdQMWg&is_vtc=1&ocp_id=nYRiZJqqAcSF_gTEwrmQAw&eitems=ChAI8LCHowYQlqKdsc7m4tJYEh0AJVrbTf-DR0WceR6Gu4oK1huFrRi23FU8oZ9eKw&random=1640366969
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-7LEG9MJJ0Q&gtm=45je35a0&_p=1850740212&_gaz=1&cid=581514505.1684178077&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684178077&sct=1&seg=0&dl=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&dt=Celebrities%2C%20Internet%20Personalities%20Open%20Their%20Wallets%20to%20Fund%20Daniel%20Penny%E2%80%99s%20Defense%20-%20Vision%20Times&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_author=Todd%20Crawford
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LEG9MJJ0Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7LEG9MJJ0Q&cid=581514505.1684178077&gtm=45je35a0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LEG9MJJ0Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0c::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BAD9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=153820
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 15 May 2023 19:14:37 GMT
expires
Wed, 17 May 2023 13:58:17 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
Tweet.html
platform.twitter.com/embed/ Frame D47E 		345 B
309 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7988b9de461445792d01a5920d592020b5c2bcdbdf1e6449bc3100df4014f373

Request headers

Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=1800
content-encoding
gzip
content-length
215
content-type
text/html; charset=utf-8
date
Mon, 15 May 2023 19:14:37 GMT
etag
"d2097f657a50da1069b7639b48992214+gzip"
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT
x-served-by
cache-iad-kcgs7200061-IAD
Tweet.html
platform.twitter.com/embed/ Frame 0FD4 		345 B
255 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7988b9de461445792d01a5920d592020b5c2bcdbdf1e6449bc3100df4014f373

Request headers

Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=1800
content-encoding
gzip
content-length
215
content-type
text/html; charset=utf-8
date
Mon, 15 May 2023 19:14:37 GMT
etag
"d2097f657a50da1069b7639b48992214+gzip"
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT
x-served-by
cache-iad-kcgs7200061-IAD
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
6aa04e96e8956a78e9c23c30c7e45deb74c804705d48cdc67b825695174406a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.visiontimes.com
date
Mon, 15 May 2023 19:14:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
embed.runtime.232343e99e6d76cfc54c.js
platform.twitter.com/embed/ Frame D47E 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
821e8c616a4a3ed93b1d335bb9e60cc1bd40335c83928965e94e7f60a17812ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
4270
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"e01f8ab700f24c66fe2636ef6d898fe2+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.7796.bcf3cda3b2793b041a6f.js
platform.twitter.com/embed/ Frame D47E 		541 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.7796.bcf3cda3b2793b041a6f.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0210bd6ee99e269e85fd4f173d0be67c0fb1aac30d467c581a8842d5fc751ca9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
178589
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"181758f65a236af2b7df8253478be162+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.Tweet.54eb639af55e6d874411.js
platform.twitter.com/embed/ Frame D47E 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.54eb639af55e6d874411.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a502e91ab570efdd432119394b1f764aea253d13c4fbb51475c712904af8f4fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
6411
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"61f75b72f1cc66571c698582adc626d8+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.runtime.232343e99e6d76cfc54c.js
platform.twitter.com/embed/ Frame 0FD4 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
821e8c616a4a3ed93b1d335bb9e60cc1bd40335c83928965e94e7f60a17812ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
4270
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"e01f8ab700f24c66fe2636ef6d898fe2+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.7796.bcf3cda3b2793b041a6f.js
platform.twitter.com/embed/ Frame 0FD4 		541 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.7796.bcf3cda3b2793b041a6f.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0210bd6ee99e269e85fd4f173d0be67c0fb1aac30d467c581a8842d5fc751ca9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
178589
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"181758f65a236af2b7df8253478be162+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.Tweet.54eb639af55e6d874411.js
platform.twitter.com/embed/ Frame 0FD4 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.54eb639af55e6d874411.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a502e91ab570efdd432119394b1f764aea253d13c4fbb51475c712904af8f4fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
6411
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"61f75b72f1cc66571c698582adc626d8+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448123030045464&ev=PageView&dl=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&rl=&if=false&ts=1684178077238&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684178077237.1974872171&it=1684178077071&coo=false&rqm=GET
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 15 May 2023 19:14:37 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame BAD9 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12536178&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1e1306d384cb6f515c0d7a3d47ff5037158f59dd6b476c8029a68429bb77063f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 19:14:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
AGSKWxUoCxwS8Y6TO3NP2w6mck2dc3DlrA-0rqpL1hMLt9yRY3eHkkdYGOcl-63bXVszfq0htAdNjvkGCRETV7pWeg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUoCxwS8Y6TO3NP2w6mck2dc3DlrA-0rqpL1hMLt9yRY3eHkkdYGOcl-63bXVszfq0htAdNjvkGCRETV7pWeg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0MTc4MDc3LDMwMDAwMDAwMF0sIkZEMEEzQjk5LTMxODMtNEVEQy05Mzk2LUNGNjlGMEEwNkM2QyIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LnZpc2lvbnRpbWVzLmNvbS8yMDIzLzA1LzE1L2NlbGVicml0aWVzLWludGVybmV0LXBlcnNvbmFsaXRpZXMtb3Blbi10aGVpci13YWxsZXRzLXRvLWZ1bmQtZGFuaWVsLXBlbm55cy1kZWZlbnNlLmh0bWwiLG51bGwsW1s4LCJPRlpFR3I4aVdLMCJdLFs5LCJlbi1VUyJdLFsxNywiWzBdIl1dXQ
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::64 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c43af58cde25e8d8df0c92e5554bb499a60788f40c136444a0b4d8f617e3b2a6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9x6SI0P5DY3xKZ6rqOk9Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9x6SI0P5DY3xKZ6rqOk9Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
embed.749.467388cca0b3fe9c3291.js
platform.twitter.com/embed/ Frame D47E 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
6789
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"d3483b9c737e990765e6ba56d01154a3+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js
platform.twitter.com/embed/ Frame D47E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1c0a4cad147f203a808aac602d7206b03cd903c025c887f53042f09b87c2f80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
1519
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"9b4625539e420d3aa9e7164c41134250+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.horizon-web.i18n.en-js.9c8b1fbc0a33ae4da048.js
platform.twitter.com/embed/ Frame D47E 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.9c8b1fbc0a33ae4da048.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0553a78140562483e924790d3da300d14f862bc3b619ab3d7d9039eaadcae24c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
11068
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"d9721c440687123317b741f7ee34aefb+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.visiontimes.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c14::9a Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
embed.749.467388cca0b3fe9c3291.js
platform.twitter.com/embed/ Frame 0FD4 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
6789
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"d3483b9c737e990765e6ba56d01154a3+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js
platform.twitter.com/embed/ Frame 0FD4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1c0a4cad147f203a808aac602d7206b03cd903c025c887f53042f09b87c2f80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
1519
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"9b4625539e420d3aa9e7164c41134250+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.horizon-web.i18n.en-js.9c8b1fbc0a33ae4da048.js
platform.twitter.com/embed/ Frame 0FD4 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.9c8b1fbc0a33ae4da048.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0553a78140562483e924790d3da300d14f862bc3b619ab3d7d9039eaadcae24c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
11068
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"d9721c440687123317b741f7ee34aefb+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
iu3
s.amazon-adsystem.com/ Frame 6E97
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&dcc=t
370 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&dcc=t
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
1b5d32e056bc3ab72bddd2b3d3a1ae15ee13afae22636867109a660cfea064ad
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
370
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 15 May 2023 19:14:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
N7T0W2JFY2ZYC0T2MKK5

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 15 May 2023 19:14:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
KRF1BDTPCAZDY9V485PF
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=939223877380307&correlator=1510331046660767&eid=31072019%2C31074524%2C31074542%2C31074544&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&gdpr=0&iu_parts=22652677200%2Cvisiontimes_en%2Cdesktop_sidebar_02&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=1&adks=2760202181&didk=712528481&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684178077462&lmt=1684178077&dlt=1684178076383&idt=618&adxs=1069&adys=1979&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&frm=20&vis=1&psz=313x310&msz=313x250&fws=4&ohw=1600&ga_vid=581514505.1684178077&ga_sid=1684178077&ga_hid=1850740212&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dedfa3cefe6af2ded8b1839d92d2f928c6a1c5359bcd247a0ff28b0b14610cb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13770
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e76b1da0232d3c8c593de06fd01d61f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0ED2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e76b1da0232d3c8c593de06fd01d61f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c12::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 19:14:37 GMT
expires
Tue, 14 May 2024 19:14:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=939223877380307&correlator=1510331046660767&eid=31072019%2C31074524%2C31074542%2C31074544&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&gdpr=0&iu_parts=22652677200%2Cvisiontimes_en%2Cdesktop_top&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=2296131749&didk=2870634651&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684178077476&lmt=1684178077&dlt=1684178076383&idt=618&adxs=436&adys=30&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&frm=20&vis=1&psz=1600x150&msz=1600x90&fws=4&ohw=1600&ga_vid=581514505.1684178077&ga_sid=1684178077&ga_hid=1850740212&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97d3a1f785335ca684363a71653825817fb87578e6cc36b885614a5bb469a17d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17385
x-xss-protection
0
google-lineitem-id
6248293137
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138426273959
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		54 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=939223877380307&correlator=1510331046660767&eid=31072019%2C31074524%2C31074542%2C31074544&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&gdpr=0&iu_parts=22652677200%2Cvisiontimes_en%2Cdesktop_catfish&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&adks=3176531151&didk=2584957841&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684178077481&lmt=1684178077&dlt=1684178076383&idt=618&adxs=436&adys=1109&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&frm=20&vis=1&psz=1600x-1&msz=1598x-1&fws=512&ohw=0&ga_vid=581514505.1684178077&ga_sid=1684178077&ga_hid=1850740212&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
513fa8fb5152c6d2ee561f013f5ee5f10fae26f24864f8b0a5e4d09f8f9a5a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13181
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=939223877380307&correlator=1510331046660767&eid=31072019%2C31074524%2C31074542%2C31074544&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&gdpr=0&iu_parts=22652677200%2Cvisiontimes_en%2Cdesktop_sidebar_01&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=4&adks=3438327699&didk=2376093582&sfv=1-0-40&prev_scp=amzniid%3DJBG0WWoee4ii4M5s1gAkpfwAAAGIINYGZgEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICARweDx%26amznp%3Dqttzwg%26amznsz%3D300x250%26amznbid%3D122djwg&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684178077485&lmt=1684178077&dlt=1684178076383&idt=618&adxs=1069&adys=728&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&frm=20&vis=1&psz=313x310&msz=313x250&fws=4&ohw=1600&ga_vid=581514505.1684178077&ga_sid=1684178077&ga_hid=1850740212&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e253cf6ef58d361e7561f124f7048dd35f38736495dcc3f3dca368105f500448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17413
x-xss-protection
0
google-lineitem-id
6122896206
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425427223
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
922.json
id5-sync.com/g/v2/ 		594 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/922.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
266582ebd78658e727e305cd41e2322d7f609f05d9085d5c07b5155a1ef0db72
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame B451 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 4BFF
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907266265019291
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907266265019291
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:14:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 15 May 2023 19:14:37 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907266265019291
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
s.amazon-adsystem.com/ Frame D3A4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 May 2023 19:14:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
53E7FT942GM2BXPA3X41

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 15 May 2023 19:14:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
EGQ5E8G7BK6GS7VXQM6W
Pug
image2.pubmatic.com/AdServer/ Frame 1604
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCLVRFN0l4UWtBQUJfelZyVGY3Zw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAB-TE7IxQkAAB_zVrTf7g&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB-TE7IxQkAAB_zVrTf7g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3844925642332914185&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB-TE7IxQkAAB_zVrTf7g&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3844925642332914185%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3844925642332914185&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAB-TE7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB-TE7IxQkAAB_zVrTf7g&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB-TE7IxQkAAB_zVrTf7g&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:00:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 15 May 2023 19:14:38 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB-TE7IxQkAAB_zVrTf7g&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame D4C4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:84f96462-849e-4a00-948a-e81395bd6a4e&gdpr=0&gdpr_consent=
42 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:84f96462-849e-4a00-948a-e81395bd6a4e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:14:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 15 May 2023 19:14:37 GMT
Expires
Mon, 15 May 2023 19:14:36 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master iad-pixel-x29 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:84f96462-849e-4a00-948a-e81395bd6a4e&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 73E0
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=bc1e3022-f354-11ed-911c-92a7124e64ef
42 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=bc1e3022-f354-11ed-911c-92a7124e64ef
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:14:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Mon, 15 May 2023 19:14:37 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=bc1e3022-f354-11ed-911c-92a7124e64ef
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-7
Pug
simage2.pubmatic.com/AdServer/ Frame 79D0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5238790058226081324&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5238790058226081324&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:14:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
569cef48-78cd-41e2-8b06-02192e659f27
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 15 May 2023 19:14:37 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5238790058226081324&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame BE18
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7CzOz-IswZn3IZzO433VzuMszMT3IMnN6CgTib9n
42 B
571 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7CzOz-IswZn3IZzO433VzuMszMT3IMnN6CgTib9n
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:00:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 15 May 2023 19:14:37 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7CzOz-IswZn3IZzO433VzuMszMT3IMnN6CgTib9n
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
141
match.deepintent.com/usersync/ Frame 74D1 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Mon, 15 May 2023 19:14:37 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
usersync.aspx
dis.criteo.com/dis/ Frame 3DED 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 19:14:37 GMT
expires
Mon, 15 May 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
498936
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 31E5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6dGh8dJn1PYDEx5&gdpr=0&gdpr_consent=
42 B
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6dGh8dJn1PYDEx5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:14:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 15 May 2023 19:14:37 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6dGh8dJn1PYDEx5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0c232961b367b3e6e@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame BB2E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TsQVy5XhU41iMArRnN9PSgW16oY&gdpr=0&gdpr_consent=
568 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TsQVy5XhU41iMArRnN9PSgW16oY&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 19:14:37 GMT
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 15 May 2023 19:14:37 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TsQVy5XhU41iMArRnN9PSgW16oY&gdpr=0&gdpr_consent=
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame DE0A
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=0a68a137-55bc-4e9c-8e35-27f2fe51e345&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C
42 B
495 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.122.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-122-89.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Mon, 15 May 2023 19:14:37 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 15 May 2023 19:14:36 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 1184
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&gdpr=0&gdpr_consent=
42 B
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:14:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 19:14:37 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame EF77
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 15 May 2023 19:14:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 15 May 2023 19:14:37 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 32DE
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=780031241462
42 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=780031241462
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:14:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=780031241462
setuid
u.4dex.io/ Frame 8F24 		0
661 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)AFC8F860-34E7-4351-BE58-9A1E0F80EA0C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 15 May 2023 19:14:37 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BAD9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=r8j4YDTnQ1G-WJoeD4DqDA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=153820
accept-ranges
bytes
content-length
5554
expires
Wed, 17 May 2023 13:58:17 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame BAD9
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5ac6cc27-752c-4ae5-bd1d-7bf801d1eb3d%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9ded1e15-51d8-4d7d-a753-c83028365f39&ttd_puid=5ac6cc27-752c-4ae5-bd1d-7bf801d1eb3d%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9ded1e15-51d8-4d7d-a753-c83028365f39&ttd_puid=5ac6cc27-752c-4ae5-bd1d-7bf801d1eb3d%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9ded1e15-51d8-4d7d-a753-c83028365f39&ttd_puid=5ac6cc27-752c-4ae5-bd1d-7bf801d1eb3d%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
xuid
eb2.3lift.com/ Frame BAD9
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 15 May 2023 19:14:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Mon, 15 May 2023 19:14:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame BAD9
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=fd44d589-8c31-4a5b-b0e8-a60a09026853
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=fd44d589-8c31-4a5b-b0e8-a60a09026853
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
34.193.215.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-215-195.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Mon, 15 May 2023 19:14:37 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=fd44d589-8c31-4a5b-b0e8-a60a09026853
date
Mon, 15 May 2023 19:14:37 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame BAD9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUZDOEY4NjAtMzRFNy00MzUxLUJFNTgtOUExRTBGODBFQTBD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:14:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame BAD9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKNrZV5j0mC7AbkWMP-ETck&google_cver=1
42 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKNrZV5j0mC7AbkWMP-ETck&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:14:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKNrZV5j0mC7AbkWMP-ETck&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame BAD9
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8B186010B4F24A0C8B19B031EF91F199
42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8B186010B4F24A0C8B19B031EF91F199
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:14:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 15 May 2023 19:14:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8B186010B4F24A0C8B19B031EF91F199
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 14 May 2023 19:14:37 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame BAD9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3600827481373604381&gdpr=0&gdpr_consent=&us_privacy=
1 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3600827481373604381&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 15 May 2023 19:14:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3600827481373604381&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 15 May 2023 19:14:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame BAD9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=
42 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:14:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame BAD9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Dcb5yfBE2uUv3.5X.T3JGYCf_M7sup0-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Dcb5yfBE2uUv3.5X.T3JGYCf_M7sup0-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:00:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Dcb5yfBE2uUv3.5X.T3JGYCf_M7sup0-~A&gdpr=0
date
Mon, 15 May 2023 19:14:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
AFC8F860-34E7-4351-BE58-9A1E0F80EA0C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BAD9 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/AFC8F860-34E7-4351-BE58-9A1E0F80EA0C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:c104:fcd:17de:de96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame BAD9
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1eb8a53a603614c6&is_secure=true&networkId=17100&version=1&nuid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIn65qZSU8UQNkWOUvAAAAAAA&expiration=1684264478&nuid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&...
42 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIn65qZSU8UQNkWOUvAAAAAAA&expiration=1684264478&nuid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:14:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:38 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIn65qZSU8UQNkWOUvAAAAAAA&expiration=1684264478&nuid=AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame BAD9
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b979531c-bbbd-42e7-bb34-08db7f10ced8&gdpr=0&gdpr_consent=
1 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b979531c-bbbd-42e7-bb34-08db7f10ced8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 15 May 2023 19:14:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b979531c-bbbd-42e7-bb34-08db7f10ced8&gdpr=0&gdpr_consent=
Date
Mon, 15 May 2023 19:14:37 GMT
Connection
keep-alive
X-CI-RTID
b6d37c8f-8410-453d-a765-a67c15c4a243
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame BAD9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a1c7c0cc-1b29-4d10-8861-b07931a64433&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a1c7c0cc-1b29-4d10-8861-b07931a64433&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=4ced5336-0ea6-4dee-82f9-4ae81116ed89&ssp=pubmatic&expires=30&user_group=5&bsw_param=a1c7c0cc-1b29-4d10-8861-b07931a64433
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a1c7c0cc-1b29-4d10-8861-b07931a64433&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a1c7c0cc-1b29-4d10-8861-b07931a64433&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 15 May 2023 19:14:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a1c7c0cc-1b29-4d10-8861-b07931a64433&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 15 May 2023 19:14:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame BAD9
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA9_102B97382_68C2E078&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Server
38.68.201.140 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-367182878; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Mon, 15 May 2023 19:14:37 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-367182878; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 15 May 2023 19:14:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame BAD9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553&gdpr=0&gdpr_consent=
42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:14:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:37 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame BAD9 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.4.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-4-30.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame BAD9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5433832718340559967
42 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5433832718340559967
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 19:14:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5433832718340559967
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
AGSKWxXdxOm1rrpgsHpY2a7hp-QFnkCWm8w_gg8JQgGOLX4-Em5phtt9szjB_mSIjdfXecWzLPX1GCfse_MOkqMhrn2OS81_O0mnAm15BXL752-b3S9UP4h_tu0T9GqqADJ5BoNcXlUw
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXdxOm1rrpgsHpY2a7hp-QFnkCWm8w_gg8JQgGOLX4-Em5phtt9szjB_mSIjdfXecWzLPX1GCfse_MOkqMhrn2OS81_O0mnAm15BXL752-b3S9UP4h_tu0T9GqqADJ5BoNcXlUw?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0MTc4MDc3LDU2NjAwMDAwMF0sIkZEMEEzQjk5LTMxODMtNEVEQy05Mzk2LUNGNjlGMEEwNkM2QyIsbnVsbCxudWxsLFtudWxsLFs3LDldLG51bGwsMl0sImh0dHBzOi8vd3d3LnZpc2lvbnRpbWVzLmNvbS8yMDIzLzA1LzE1L2NlbGVicml0aWVzLWludGVybmV0LXBlcnNvbmFsaXRpZXMtb3Blbi10aGVpci13YWxsZXRzLXRvLWZ1bmQtZGFuaWVsLXBlbm55cy1kZWZlbnNlLmh0bWwiLG51bGwsW1s4LCJPRlpFR3I4aVdLMCJdLFs5LCJlbi1VUyJdLFsxNywiWzBdIl1dXQ
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::64 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd72bde488a217bf2a5af538455b9eaee01538d383f35b504e0759e8a9461482
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8dt71LrN7jJ94HB8pAjo1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8dt71LrN7jJ94HB8pAjo1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
embed.5644.a53236fb4061481eff44.js
platform.twitter.com/embed/ Frame D47E 		275 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.5644.a53236fb4061481eff44.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ebe3f2ea3aec31e4502dbd0c26c8c020ec580ac688fb78a0be8e3f9bb3666ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
86309
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"fffbc835ce5ea74b50841277f004ec87+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.Tweet.fc3eba2dbbfef0df6508.js
platform.twitter.com/embed/ Frame D47E 		82 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.fc3eba2dbbfef0df6508.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2cc55f87a88132c7ff74f0e7681cee8a8f760be0f62c3e0b55d7ce2b02318b39

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
19182
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"78eb335064b247abbd726915a1908ad4+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.5644.a53236fb4061481eff44.js
platform.twitter.com/embed/ Frame 0FD4 		275 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.5644.a53236fb4061481eff44.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ebe3f2ea3aec31e4502dbd0c26c8c020ec580ac688fb78a0be8e3f9bb3666ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
86309
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"fffbc835ce5ea74b50841277f004ec87+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.Tweet.fc3eba2dbbfef0df6508.js
platform.twitter.com/embed/ Frame 0FD4 		82 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.fc3eba2dbbfef0df6508.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2cc55f87a88132c7ff74f0e7681cee8a8f760be0f62c3e0b55d7ce2b02318b39

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
19182
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"78eb335064b247abbd726915a1908ad4+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
tweet-result
cdn.syndication.twimg.com/ Frame D47E 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3A%3Btfw_follower_count_sunset%3Atrue%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_fosnr_soft_interventions_enabled%3Aon%3Btfw_mixed_media_15897%3Atreatment%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_show_birdwatch_pivots_enabled%3Aon%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_use_profile_image_shape_enabled%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_legacy_timeline_sunset%3Atrue%3Btfw_tweet_edit_frontend%3Aon&id=1658097052083970050&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.7796.bcf3cda3b2793b041a6f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:13d:2176:94a:948:148e , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0D) / Express
Resource Hash
e3e83b75cf467cca5fe56d85cf4537e08f346153fea2ef35a62e82bedacf414a
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 15 May 2023 19:14:37 GMT
strict-transport-security
max-age=631138519
age
43
x-powered-by
Express
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
1543
x-xss-protection
0
x-response-time
34
last-modified
Mon, 15 May 2023 19:13:54 GMT
server
ECS (nyb/1D0D)
etag
W/"1754-13CFpm62bhx6+h9gbpXlPI6dwm0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
a28c65efc8ff67b1
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
6caf4d0ee94d88fbe135b0c7864e548a697d08e5008892cffe1b1fa63f7cd35a
accept-ranges
bytes
x-frame-options
SAMEORIGIN
x-tw-cdn
VZ, VZ, VZ
access-contol-allow-origin
platform.twitter.com
pr
s.amazon-adsystem.com/v3/ Frame ADCE 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9da52faec6701f465e4f9d2e3edc8d69fb0913204dfe96cbd8cf835b4da7bf78
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3205
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 15 May 2023 19:14:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
9T41C4V75Z94D8REFKGB
tweet-result
cdn.syndication.twimg.com/ Frame 0FD4 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3A%3Btfw_follower_count_sunset%3Atrue%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_fosnr_soft_interventions_enabled%3Aon%3Btfw_mixed_media_15897%3Atreatment%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_show_birdwatch_pivots_enabled%3Aon%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_use_profile_image_shape_enabled%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_legacy_timeline_sunset%3Atrue%3Btfw_tweet_edit_frontend%3Aon&id=1657212176178855939&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.7796.bcf3cda3b2793b041a6f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:13d:2176:94a:948:148e , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0E) / Express
Resource Hash
57e302cbd822a261cda9cf3fa747ef1beb8bf00acda6f79d76f007a2d7b44216
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 15 May 2023 19:14:37 GMT
strict-transport-security
max-age=631138519
age
50
x-powered-by
Express
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
1529
x-xss-protection
0
x-response-time
42
last-modified
Mon, 15 May 2023 19:13:47 GMT
server
ECS (nyb/1D0E)
etag
W/"170b-5JmWp8Os/aO1PQLCiIKW94+JDsM"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
e32b680fa45256ea
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
56e1f76111f7ee78fec553a4888489cb72207a13799c5f3eecd3de8f5209f566
accept-ranges
bytes
x-frame-options
SAMEORIGIN
x-tw-cdn
VZ, VZ, VZ
access-contol-allow-origin
platform.twitter.com
ecm3
s.amazon-adsystem.com/ Frame ADCE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?id=AAB-TE7IxQkAAB_zVrTf7g&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAB-TE7IxQkAAB_zVrTf7g&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J1YWC6E7FS47W0QQC5F8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AAB-TE7IxQkAAB_zVrTf7g&ex=beeswax.com
Date
Mon, 15 May 2023 19:14:37 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame ADCE
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=ac5f9951
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=ac5f9951
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BFCSR2XMA164J2PQ2VC3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 15 May 2023 19:14:37 GMT
via
1.1 a5d336173547b6dd7fc78ab1ca70f12a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CMH68-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=ac5f9951
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
cEMncEyyPvqM1UNf-xfopHVkAH6QgC5hG9aS3uCw48_ON6It7RF_Vw==
/
onetag-sys.com/match/ Frame ADCE 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame ADCE
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=8B186010B4F24A0C8B19B031EF91F199&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=8B186010B4F24A0C8B19B031EF91F199&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z9R70ET6M0ANCF9F6J4X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 15 May 2023 19:14:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=8B186010B4F24A0C8B19B031EF91F199&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 14 May 2023 19:14:38 GMT
embed.4384.d53eef7ab8f79aa4e703.js
platform.twitter.com/embed/ Frame D47E 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.4384.d53eef7ab8f79aa4e703.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b69c1ee662af72e770d4e2fb06732b3a4a7fe69e9ed6f01b6bc9cda4cb077357

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
4211
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"667b1857275fdf15ab6ebeed943928a5+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.6387.77d90dda9fac16610d27.js
platform.twitter.com/embed/ Frame D47E 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.6387.77d90dda9fac16610d27.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0268cdb70a38d6d5f08308884d07ffc2bdef635c0658d134e1a7d2ba2f1cf5c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
3396
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"5b5de734baa237eec11d8149e5cc84c1+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.6404.09c1aa1cb08d1f4265a0.js
platform.twitter.com/embed/ Frame D47E 		437 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.6404.09c1aa1cb08d1f4265a0.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c366f3a0be47d8f92a9000fd3bebadd47200f8a260a04f2a4e6d76c374214c0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
116153
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"62b1a10970a6541009dd3c16e77d7263+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.Card.b811d3a9dc7162086a35.js
platform.twitter.com/embed/ Frame D47E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Card.b811d3a9dc7162086a35.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe7ed849b743afe9beee14126199ea23ba03538787efa192ea7ff3e0bfb71188

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
908
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"92e145318025c22d7c3fed438ec5a156+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embeds
syndication.twitter.com/i/jot/ Frame D47E 		43 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1684178077892%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22856813858445c%3A1682708899865%22%2C%22item_ids%22%3A%5B%221658097052083970050%22%5D%2C%22item_details%22%3A%7B%221658097052083970050%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
6
date
Mon, 15 May 2023 19:14:37 GMT
strict-transport-security
max-age=631138519
last-modified
Mon, 15 May 2023 19:14:37 GMT
server
tsa_b
vary
Origin
content-type
image/gif
x-transaction-id
a2b8f4b6cd5e3de1
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
f334bc0712286e3102da6fdc617d3c02d1a4cc876a89c5013a1677c699c5c03a
content-length
43
embed.4384.d53eef7ab8f79aa4e703.js
platform.twitter.com/embed/ Frame 0FD4 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.4384.d53eef7ab8f79aa4e703.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b69c1ee662af72e770d4e2fb06732b3a4a7fe69e9ed6f01b6bc9cda4cb077357

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
4211
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"667b1857275fdf15ab6ebeed943928a5+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.6387.77d90dda9fac16610d27.js
platform.twitter.com/embed/ Frame 0FD4 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.6387.77d90dda9fac16610d27.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0268cdb70a38d6d5f08308884d07ffc2bdef635c0658d134e1a7d2ba2f1cf5c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
3396
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"5b5de734baa237eec11d8149e5cc84c1+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.6404.09c1aa1cb08d1f4265a0.js
platform.twitter.com/embed/ Frame 0FD4 		437 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.6404.09c1aa1cb08d1f4265a0.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c366f3a0be47d8f92a9000fd3bebadd47200f8a260a04f2a4e6d76c374214c0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
116153
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"62b1a10970a6541009dd3c16e77d7263+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.Card.b811d3a9dc7162086a35.js
platform.twitter.com/embed/ Frame 0FD4 		2 KB
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Card.b811d3a9dc7162086a35.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe7ed849b743afe9beee14126199ea23ba03538787efa192ea7ff3e0bfb71188

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:37 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
908
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"92e145318025c22d7c3fed438ec5a156+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embeds
syndication.twitter.com/i/jot/ Frame 0FD4 		43 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1684178077939%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22856813858445c%3A1682708899865%22%2C%22item_ids%22%3A%5B%221657212176178855939%22%5D%2C%22item_details%22%3A%7B%221657212176178855939%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
6
date
Mon, 15 May 2023 19:14:37 GMT
strict-transport-security
max-age=631138519
last-modified
Mon, 15 May 2023 19:14:37 GMT
server
tsa_b
vary
Origin
content-type
image/gif
x-transaction-id
72689b8e1bc8e1dd
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
f334bc0712286e3102da6fdc617d3c02d1a4cc876a89c5013a1677c699c5c03a
content-length
43
/
www.facebook.com/tr/ Frame 2B13 		0
52 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.visiontimes.com
Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.visiontimes.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 19:14:37 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
usermatch
ssum-sec.casalemedia.com/ Frame DBDC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
18ca411a5940f1699389ca08fa3a0173cb29d00c3d04726ca532e6519b847e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1903
Content-Type
text/html
Date
Mon, 15 May 2023 19:14:38 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 15 May 2023 19:14:38 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
ecm3
s.amazon-adsystem.com/ Frame F487
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3377001389364036220&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3377001389364036220&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 May 2023 19:14:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
22TE853ESKV46B22AG9H

Redirect headers

content-length
0
date
Mon, 15 May 2023 19:14:38 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3377001389364036220&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame E03D
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-2d5cJFu0fjqbtphLQ3asaYqOHoPpUe6BhWORRyEpMg
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-2d5cJFu0fjqbtphLQ3asaYqOHoPpUe6BhWORRyEpMg
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 May 2023 19:14:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
JW05APRQVSXX3YPQYWEM

Redirect headers

date
Mon, 15 May 2023 19:14:37 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-2d5cJFu0fjqbtphLQ3asaYqOHoPpUe6BhWORRyEpMg
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ecm3
s.amazon-adsystem.com/ Frame 7FAC
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4527078dd50c14c6&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHFJ6azbnzJgN0UYwLAAAAAAA&expiration=1684264478&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHFJ6azbnzJgN0UYwLAAAAAAA&expiration=1684264478&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 May 2023 19:14:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
H6GRMKMESYX8G1D6N9MK

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Mon, 15 May 2023 19:14:38 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHFJ6azbnzJgN0UYwLAAAAAAA&expiration=1684264478&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
/
match.sharethrough.com/jwumXNuB/v1/ Frame C550 		427 B
936 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.38.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-38-37.compute-1.amazonaws.com
Software
/
Resource Hash
8c1c37f88b414e3253ba00b858539d6b37d45a42d1997d6c9722a71925824b48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
427
date
Mon, 15 May 2023 19:14:38 GMT
tamptsync
sync-amz.ads.yieldmo.com/ Frame F7B2 		957 B
1008 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.47.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-47-217.compute-1.amazonaws.com
Software
/
Resource Hash
88d0d43b3282611a985006450920215805727a36b640118614100896a05d6703

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 15 May 2023 19:14:38 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 5015 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 15 May 2023 19:14:38 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 44AC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JdHAyaTVSRTJ1THh5bWVOZEExQkhtdHBaM2RiX0lVOX5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JdHAyaTVSRTJ1THh5bWVOZEExQkhtdHBaM2RiX0lVOX5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 May 2023 19:14:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
6ASQPJ9DJDV99R45BBCC

Redirect headers

age
0
content-length
0
date
Mon, 15 May 2023 19:14:38 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JdHAyaTVSRTJ1THh5bWVOZEExQkhtdHBaM2RiX0lVOX5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.57
strict-transport-security
max-age=31536000
amazon
ce.lijit.com/beacon/ Frame 199D
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cdee63d72ac76a05d78dc43fa57f4d4b83b9df318002159648e7ab936c7e3ad4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
508
Content-Type
text/html
Date
Mon, 15 May 2023 19:14:38 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Mon, 15 May 2023 19:14:38 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
PQ7C3PWNDT5PQ85P
age
2973
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7c7db47b9abb17ad-EWR
x-amz-id-2
y02Rj1RI08s4c4IfxSvT8R7dwTQfftImI35bDj4GYvrtNME+6uGlbu5OiSAv0wULKS2pzUchies=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 19:14:38 GMT
x-content-type-options
nosniff
content-encoding
br
age
22462
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-lga21958-LGA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
45743643f59f16035654fdd211460a86c9b3572ef7faaa109a8d41350ee624d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 11 May 2023 09:44:47 GMT
server
nginx
etag
W/"645cb90f-a938"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 16 May 2023 19:14:38 GMT
SIzmWW9p_normal.jpg
pbs.twimg.com/profile_images/1554464415944249346/ Frame D47E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1554464415944249346/SIzmWW9p_normal.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5c68d890e609a033fe79187db62bdf52c097db5830fcf6a32b5da96b1c5afe5f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 15 May 2023 19:14:38 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
1959
x-served-by
cache-fty21339-FTY, cache-lga21950-LGA, cache-tw-ZZZ1
last-modified
Tue, 02 Aug 2022 13:47:31 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
aeaad9026569a1b9
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
ecm3
s.amazon-adsystem.com/ Frame D136
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2219360552203096644640
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2219360552203096644640
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 May 2023 19:14:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KAVFAJT927CWMZFSR12Z

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 15 May 2023 19:14:38 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2219360552203096644640
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
YJj-7vbw_normal.jpg
pbs.twimg.com/profile_images/1604922472788361243/ Frame 0FD4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1604922472788361243/YJj-7vbw_normal.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e21e5736e7ba932e78de6ff5300d956c21505f13965d6a083a40c35ae568b81d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 15 May 2023 19:14:38 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
2339
x-served-by
cache-fty21357-FTY, cache-lga21950-LGA, cache-tw-ZZZ1
last-modified
Mon, 19 Dec 2022 19:29:50 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
1d906685df5a877a
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
usync.js
eus.rubiconproject.com/ Frame 5015 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2e6d92f0118d445dfdde3874d9d440d55baa2f68a4926b68d350d362c4fd787a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 19:14:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 May 2023 02:58:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27793
Connection
keep-alive
Content-Length
10020
Expires
Tue, 16 May 2023 02:57:51 GMT
ecm3
s.amazon-adsystem.com/ Frame F7B2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g2c1af3b0a649612876b
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FE2S8DM7QY7T50BSF63W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame F7B2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=5238790058226081324&pn_id=an
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=5238790058226081324&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.214.100.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-100-121.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:38 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Date
Mon, 15 May 2023 19:14:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7661fffb-f072-4c9e-a671-a06b0cbb009b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.yieldmo.com/v000/sync?userid=5238790058226081324&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame F7B2
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=g2c1af3b0a649612876b
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D5ac6cc27-752c-4ae5-bd1d-7bf801d1eb3d%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5238790058226081324&pt=5ac6cc27-752c-4ae5-bd1d-7bf801d1eb3d%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5238790058226081324&pt=5ac6cc27-752c-4ae5-bd1d-7bf801d1eb3d%2C%2C
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Date
Mon, 15 May 2023 19:14:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
66085171-48fc-4702-9665-ed9d92473b87
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5238790058226081324&pt=5ac6cc27-752c-4ae5-bd1d-7bf801d1eb3d%2C%2C
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F7B2 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=ZzJjMWFmM2IwYTY0OTYxMjg3NmI=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.210.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vn-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame F7B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEDd0rKJ4zEEBCvGCNdMQ_ig&google_cver=1
43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEDd0rKJ4zEEBCvGCNdMQ_ig&google_cver=1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.214.100.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-100-121.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:38 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEDd0rKJ4zEEBCvGCNdMQ_ig&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/ Frame F7B2
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LHP856MI-1I-KK08
43 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LHP856MI-1I-KK08
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.214.100.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-100-121.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:39 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LHP856MI-1I-KK08
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Expires
0
grumi.js
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ Frame C6B8 		241 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:b000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c4d58aadd59e1cedc90cef210d1f7d5e6b06a8a28c5366b609e790d6a96dab6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 18:37:29 GMT
x-amz-version-id
1csbLMFc7N8qFgi0ob5NMtZKYwUpg97s
content-encoding
br
last-modified
Mon, 15 May 2023 18:23:00 GMT
server
AmazonS3
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"72069307276fcd2627d025ae6854e9d4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2229
x-amz-cf-id
IghJWBeXwndngFwMlUz_63SXhffnxDeSjBzUDq_NXKHbVdfEoGkhhA==
grumi.js
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ Frame CE94 		241 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:b000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c4d58aadd59e1cedc90cef210d1f7d5e6b06a8a28c5366b609e790d6a96dab6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 18:37:29 GMT
x-amz-version-id
1csbLMFc7N8qFgi0ob5NMtZKYwUpg97s
content-encoding
br
last-modified
Mon, 15 May 2023 18:23:00 GMT
server
AmazonS3
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"72069307276fcd2627d025ae6854e9d4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2229
x-amz-cf-id
wqaOnZ5RXWvvFHV92D7dLGTQS4DiTeQB_8n4wDI8PWuL-qP-ceg3tg==
grumi.js
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ Frame EB61 		241 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:b000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c4d58aadd59e1cedc90cef210d1f7d5e6b06a8a28c5366b609e790d6a96dab6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 18:37:29 GMT
x-amz-version-id
1csbLMFc7N8qFgi0ob5NMtZKYwUpg97s
content-encoding
br
last-modified
Mon, 15 May 2023 18:23:00 GMT
server
AmazonS3
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"72069307276fcd2627d025ae6854e9d4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2229
x-amz-cf-id
Ud3BXWICpPz7tuhMQPIJpL85dEftmyDU6XAre1yVNDW9at9E6cH-lQ==
rum
dsum-sec.casalemedia.com/ Frame DBDC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=9ded1e15-51d8-4d7d-a753-c83028365f39&expiration=1686770078&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=9ded1e15-51d8-4d7d-a753-c83028365f39&expiration=1686770078&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=9ded1e15-51d8-4d7d-a753-c83028365f39&expiration=1686770078&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame DBDC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZGKEnonZraFhHhu2nwTybAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFdaWha1Fo2Fhhdh3itOwwk&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFdaWha1Fo2Fhhdh3itOwwk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFdaWha1Fo2Fhhdh3itOwwk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame DBDC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGKEnonZraFhHhu2nwTybAAADWUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAoj9x0m3gbn_okBJxrrGz4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAoj9x0m3gbn_okBJxrrGz4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEAoj9x0m3gbn_okBJxrrGz4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame DBDC 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGKEnonZraFhHhu2nwTybAAADWUAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NGP7TMGH4080MG4RN1TB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DBDC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=84f96462-849e-4a00-948a-e81395bd6a4e
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=84f96462-849e-4a00-948a-e81395bd6a4e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 15 May 2023 19:14:38 GMT
Server
MT3 851 9bd98ae master iad-pixel-x15 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=84f96462-849e-4a00-948a-e81395bd6a4e
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 15 May 2023 19:14:37 GMT
rum
dsum.casalemedia.com/ Frame DBDC
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=2bf042e10f981846&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHFJ6azbnzNwNk0r4rAAAAAAA&expiration=1684264478&is_secure=true
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHFJ6azbnzNwNk0r4rAAAAAAA&expiration=1684264478&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:38 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHFJ6azbnzNwNk0r4rAAAAAAA&expiration=1684264478&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame DBDC
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6dGh8dJn1PYDEx5
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6dGh8dJn1PYDEx5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-076b5a369871c3954@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6dGh8dJn1PYDEx5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DBDC
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZGKEnonZraFhHhu2nwTybAAA%263429&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=c561c36a-05cd-4440-b6f6-efee0edf1a72-tuctb5c0a1e
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=c561c36a-05cd-4440-b6f6-efee0edf1a72-tuctb5c0a1e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=c561c36a-05cd-4440-b6f6-efee0edf1a72-tuctb5c0a1e
date
Mon, 15 May 2023 19:14:38 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
11499
ecm3
s.amazon-adsystem.com/ Frame DBDC 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZGKEnonZraFhHhu2nwTybAAADWUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KPJKG4K7Q6W0WBJKRK90
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame C550 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=078b28bf-8d47-4199-bdcb-b33b17d36d52
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
42SFGP092M5QB6F9VQYF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame C550
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=cwEnbd6q8UIf6KZcn_UQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DC...
  • https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=cwEnbd6q8UIf6KZcn_UQ
68 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=cwEnbd6q8UIf6KZcn_UQ
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.212.38.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-38-37.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:39 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:39 GMT
Content-Type
text/html; charset=utf-8
Location
https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=cwEnbd6q8UIf6KZcn_UQ
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
147
Expires
Thu, 01 Dec 1994 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame C550
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=
68 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.212.38.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-38-37.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame C550
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://sync.srv.stackadapt.com/sync?nid=15
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134&gdpr=&gdpr_consent=
68 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134&gdpr=&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.212.38.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-38-37.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a$ip$5.181.234.134&gdpr=&gdpr_consent=
Date
Mon, 15 May 2023 19:14:38 GMT
Connection
keep-alive
Content-Length
199
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame C550
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.212.38.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-38-37.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usync.html
eus.rubiconproject.com/ Frame 39BB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 15 May 2023 19:14:38 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 15 May 2023 19:14:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server
AkamaiGHost
ecm3
s.amazon-adsystem.com/ Frame 199D 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=GprCiPZHxyTrprMOQMCZ6PcE&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
931KYZVTBMNA18GCAVH7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 199D
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=GprCiPZHxyTrprMOQMCZ6PcE&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=ZGKEnocZEk8VGWQqRSr7mnCi
43 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=ZGKEnocZEk8VGWQqRSr7mnCi
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 15 May 2023 19:14:38 GMT
server
Aorta/20230424.0cea469ad
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=ZGKEnocZEk8VGWQqRSr7mnCi
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
9b645a296ab2
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame 199D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D3cc06a...
  • https://ce.lijit.com/merge?pid=16&3pid=3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 15 May 2023 19:14:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 199D
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=5238790058226081324&gdpr=0&gdpr_consent=
43 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=5238790058226081324&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 15 May 2023 19:14:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.181.234.134; 5.181.234.134; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fe3e0314-2029-462b-a63f-a004adee5147
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=12&3pid=5238790058226081324&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 199D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=bM0hJWLNLnN3wHMkY5w6JGPNIy53wSYnaMk-dIJU
43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=bM0hJWLNLnN3wHMkY5w6JGPNIy53wSYnaMk-dIJU
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=bM0hJWLNLnN3wHMkY5w6JGPNIy53wSYnaMk-dIJU
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sovrn
tr.blismedia.com/v1/api/sync/ Frame 199D 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.visiontimes.com
date
Mon, 15 May 2023 19:14:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
SIzmWW9p_normal.jpg
pbs.twimg.com/profile_images/1554464415944249346/ Frame D47E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1554464415944249346/SIzmWW9p_normal.jpg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.5644.a53236fb4061481eff44.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5c68d890e609a033fe79187db62bdf52c097db5830fcf6a32b5da96b1c5afe5f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 15 May 2023 19:14:38 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
1959
x-served-by
cache-fty21339-FTY, cache-lga21950-LGA, cache-tw-ZZZ1
last-modified
Tue, 02 Aug 2022 13:47:31 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
aeaad9026569a1b9
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
YJj-7vbw_normal.jpg
pbs.twimg.com/profile_images/1604922472788361243/ Frame 0FD4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1604922472788361243/YJj-7vbw_normal.jpg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.5644.a53236fb4061481eff44.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e21e5736e7ba932e78de6ff5300d956c21505f13965d6a083a40c35ae568b81d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 15 May 2023 19:14:38 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
2339
x-served-by
cache-fty21357-FTY, cache-lga21950-LGA, cache-tw-ZZZ1
last-modified
Mon, 19 Dec 2022 19:29:50 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
1d906685df5a877a
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
syncframe
gum.criteo.com/ Frame 8113 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.visiontimes.com&gdpr=0&gdpr_consent=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 19:14:38 GMT
server
Kestrel
server-processing-duration-in-ticks
738881
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
embed.ondemand.Dropdown.c0a535df7d1870aad9cb.js
platform.twitter.com/embed/ Frame D47E 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Dropdown.c0a535df7d1870aad9cb.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97eec64c82270abd3007d7422bb5bdadb7e5284d214927ee9f1178a239409918

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1658097052083970050&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
2338
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"93dca47e269dfed26ff74f2631f0c7d2+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
embed.ondemand.Dropdown.c0a535df7d1870aad9cb.js
platform.twitter.com/embed/ Frame 0FD4 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Dropdown.c0a535df7d1870aad9cb.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97eec64c82270abd3007d7422bb5bdadb7e5284d214927ee9f1178a239409918

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1657212176178855939&lang=en&origin=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html&sessionId=e05b3d83e48654980e37561fd4d1219f5cc84978&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
2338
x-served-by
cache-iad-kcgs7200061-IAD
last-modified
Fri, 28 Apr 2023 20:58:50 GMT
etag
"93dca47e269dfed26ff74f2631f0c7d2+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
grumi.js
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ Frame F728 		241 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:b000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c4d58aadd59e1cedc90cef210d1f7d5e6b06a8a28c5366b609e790d6a96dab6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 18:37:29 GMT
x-amz-version-id
1csbLMFc7N8qFgi0ob5NMtZKYwUpg97s
content-encoding
br
last-modified
Mon, 15 May 2023 18:23:00 GMT
server
AmazonS3
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"72069307276fcd2627d025ae6854e9d4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2229
x-amz-cf-id
dn36LJnLn7UvupelVztYS1A0e9suZXgVxZo34XnnWWVw9F9-xiK9Rw==
usync.js
eus.rubiconproject.com/ Frame 39BB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2e6d92f0118d445dfdde3874d9d440d55baa2f68a4926b68d350d362c4fd787a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 19:14:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 May 2023 02:58:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27793
Connection
keep-alive
Content-Length
10020
Expires
Tue, 16 May 2023 02:57:51 GMT
init
gw.geoedge.be/api/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:e000:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 19:14:38 GMT
via
1.1 97838e4a7e48c5b1ece191e6f727eb80.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
content-length
0
x-amz-cf-id
oSGXx8A-2ea1lj_PROnoj5EFOrph7uelpm8RIlBv4SnPv3rblR9wwg==
x-cache
Miss from cloudfront
view
securepubads.g.doubleclick.net/pcs/ Frame CE94 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXadigKpSK6Pipn-teKWONE-JVf_UTQTumCfA4VuyT5kUaFfaWsfie67TnBUw_tf3WpJEGH8ZN6CURQXjxQgEkQV0i-n-EiKgqUwtjbqHPLTQEN7NX6kKiWrV2c34kUuq4TvUjSP-FZ-bcr9pVpOXVdbKjUiecP6VXFltsp0wZmM73ihxbl6AA6D5nl2yj7YpN851pKavJ2YsSNDr3p4Ar2Xr1zkPYBjEy8LX3pfAzoDR3jP9Cp6sqC5eCfjUxq-7q8N_lLBMw3MYW1QlKJjeAfUoQxpcW5hiaiIVub2HxnH9cmzQToTyVVeh9mGRy_Kv_MNSYs9EQwQgJOztLIAH3gVOhkA&sai=AMfl-YR1xpIRw6dgeeV9nINfK105sdpF_Iy7azBBP_CVrIvb-P7jOXah42l6mNsUWsKKYhWuuMksEjLouw08nThv-zWv6uTP11cjEHxlhcT-cHluC4nAstkQ7spZTrxTwA&sig=Cg0ArKJSzG7Uk8UsSc_cEAE&uach_m=[UACH]&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame CE94 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 04:03:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
54692
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 May 2023 04:03:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame CE94 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 04:54:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
51582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 May 2023 04:54:56 GMT
l
www.google.com/ads/measurement/ Frame CE94 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQccqurKo_EajRj1KGGHZAVjplLMLPiVuBOr6CmjCHKC2RadUHSbqHrrZptVdh0RKvCVe3UUCldAD6_rtkLlfDI930_Sw
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0a::93 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CE94 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 May 2023 19:14:38 GMT
5356390243999610093
tpc.googlesyndication.com/simgad/ Frame CE94 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5356390243999610093
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0669ed123dc3ae2053bc81f1c9e2eaa7097b2a5586b5e011aa2ca78d3e8e4fdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97471
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 20:38:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 14 May 2024 19:14:38 GMT
init
gw.geoedge.be/api/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:e000:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 19:14:38 GMT
via
1.1 97838e4a7e48c5b1ece191e6f727eb80.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
content-length
0
x-amz-cf-id
dIMkz_WgQfGPxjOH908TpOv3FUlBg19gpvZnFehLFOuYfKbQSxAzJw==
x-cache
Miss from cloudfront
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305051745000/ Frame C6B8 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5305e00f72123f81c8d7bf9016797c7c161b7d73a28cb4037425c93d5c50214
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:20 GMT
age
9918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61874
x-xss-protection
0
server
sffe
etag
"1f10ad03381c56f5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:20 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame C6B8 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:22 GMT
age
9916
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5227
x-xss-protection
0
server
sffe
etag
"c5726c99a9d8e9d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:22 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame C6B8 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-analytics-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:27 GMT
age
9911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28894
x-xss-protection
0
server
sffe
etag
"e449c041a52d1404"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:27 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame C6B8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-fit-text-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:33 GMT
age
9905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1910
x-xss-protection
0
server
sffe
etag
"40d60bfa9b2b96dd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame C6B8 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-form-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:33 GMT
age
9905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12944
x-xss-protection
0
server
sffe
etag
"8267429d1a59707e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:33 GMT
css
fonts.googleapis.com/ Frame C6B8 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 May 2023 19:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 May 2023 18:37:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 May 2023 19:14:38 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C6B8 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 20:29:48 GMT
x-content-type-options
nosniff
server
cafe
age
81890
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Mon, 15 May 2023 20:29:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C6B8 		295 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 11:37:12 GMT
x-content-type-options
nosniff
server
cafe
age
27446
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 16 May 2023 11:37:12 GMT
l
www.google.com/ads/measurement/ Frame C6B8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRHtqRkUQSHg9cO3CgeEti6GZQiChclFX1lKl8QgvvH9zEp_FVJ480B7nA--UKIdTGWavvzXJJK_VOVJ11VHU9JyaICbw
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0a::93 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C6B8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cg2OjnYRiZOHPIIi5nwSbybmoCr-P3aZwzMrMg-gQ2Ky2lYsDEAEg0MujjwFgycapi8Ck2A-gAaO17vgoyAEJqQK4Sb-1M2eyPuACAKgDAcgDCqoE5wJP0FMo8jfcw9v4WJ_hGKnSYbgeZrt4Afp31-BKinucxiywBR36JRLq0PYOg_bhkYpT90RWmrMkxn3ffmF1nz9afBmrCdcNZiv-QBj-7loUAIJZg8pNYr6eXpA60rfy9jJj7ZIeC7BaPr1IBoP8hT_Oagy-brLiyi9o14Boz_RyFxvcMOBAr1vmsgUEPrOGxOnkNx5gj_6euzbixgkT250nyEIfGaM6CqpEsXrV97C48wp53X0xSAb62Kr3jU36nxmxA2q-awl2UOBxicacPGKaH_Pn0g6dgGHXHD6RV3Cs0yocxKJ5il5wGP_SOjXbydfTmacmf8K7s6atHfz25swBZMbIcxypQe5QIm4QH40PuuaHVJBjeu4nJwjxY9uySGz81qVtQ5r4DHr_nerICy48VD1k1WwQpF9U7Noj0yteDcUzLV8TUVVODo8VSvt31Ilitq1FqlsHDwzJGkXGl29xzak1lxfnWsAEtP3Y2LgE4AQBkgUECAQYAZIFBAgFGASgBi6AB6PtvtgDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQmKEG0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDAgqBgoEw7CxArgT5APYEwzQFQGYFgGAFwGyFx8KHQgAEhRwdWItMjU1NTQzNzc0NDA4NDQyMBiL0IEB&sigh=Jy3AopsOIPQ&uach_m=[UACH]&cid=CAQSPABygQiDcGHWgHZjNc0eT__0XOoWNeZSRuTfFFmaNcMgLhet_hW9p45DpqHCPUJmuTCj_PhSafRWTNvughgB&template_id=484
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
init
gw.geoedge.be/api/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:e000:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 19:14:38 GMT
via
1.1 97838e4a7e48c5b1ece191e6f727eb80.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
content-length
0
x-amz-cf-id
vXCKOsjga0MgZcE3Hz1yzKK0NRwJ900spbg0k1UHJjNSpzv_JsiBJQ==
x-cache
Miss from cloudfront
view
securepubads.g.doubleclick.net/pcs/ Frame EB61 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXg7ZG4Z2tUG77GfGqS_FdCRyWqwchRSeAuzOHjvXonWVYqlDGP7D9RSSC81JxyjgG1JxyCelz6xTn63p-Y6k1jyq9UC6RL-opQEEB_3Km1driWoVR9ihtZW4prwP6AlJxmHT5BKmVrLNsTZEqg6e06EhznStJNdzkqzdYcFhtVChFdmDwFhsICa3yIc9td0Lpmi4t-a-S2Zhw89Qg6PEexhu3VyK5T1uU1VNSMHR9okA81BgDqker6Wope7X0xOFOx1-oylMpexIqCsHdFv0QrmKrRjAprOLNOxht58JI9JCTJHY-YC8VNksoSnTG6i6WjRAYVFLb77iaoumcxrAc2iOlro8FH-1EMFc&sai=AMfl-YT4N8LxvQDjOgga5u9Q_iiCbBMM7qnV0E6SnDHWXLEJxjB0xLVyJ9TOM7rnFSoQI3U4yoEg6hlibBzCUkpsYdmePtSZgUMLX_YziXuWJ__zon1h76U9qje2apbusA&sig=Cg0ArKJSzCyxzueVjHAREAE&uach_m=[UACH]&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame EB61 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 04:03:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
54692
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 May 2023 04:03:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame EB61 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 04:54:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
51582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 May 2023 04:54:56 GMT
l
www.google.com/ads/measurement/ Frame EB61 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFWgzDLCarqE4RnfL_EdMvHBo0XiBAAusUso-8sAd5UEWlCvu3WSYwGfN0HaWufSqNG0Hv0vMVnBIoglVuma2BSvelqQ
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0a::93 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EB61 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 May 2023 19:14:38 GMT
15553136177080229858
tpc.googlesyndication.com/simgad/ Frame EB61 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15553136177080229858
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02d3ed522826ea7593c553e235a86b94eb65703d5e7a53ce3b87fc9ae51b7975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:39:10 GMT
x-content-type-options
nosniff
age
45328
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110391
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 19:09:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 14 May 2024 06:39:10 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/1851009841850555316/ Frame C6B8 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1851009841850555316/2076313506083323656
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b55701c2d203968a39407f3ad5cee1130cda7ebb47c4100f24513e0add25c4e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 08:05:13 GMT
x-content-type-options
nosniff
age
126565
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33305
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 18:52:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 13 May 2024 08:05:13 GMT
8613947210465666894
tpc.googlesyndication.com/simgad/ Frame C6B8 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8613947210465666894?w=100&h=100
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c48405cd099aeaefe68cbb972e3fd9e46fae50a6f75cffd3b84814e24cc744ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 11:19:39 GMT
x-content-type-options
nosniff
age
114899
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1456
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 18:47:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 13 May 2024 11:19:39 GMT
truncated
/ Frame C6B8 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C6B8 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
444d29444b12bd41e1d0d28ab044606647c03c21a84fd42fd78b430d12023f8f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
embeds
syndication.twitter.com/i/jot/ Frame D47E 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1684178078731%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22856813858445c%3A1682708899865%22%2C%22item_ids%22%3A%5B%221658097052083970050%22%5D%2C%22item_details%22%3A%7B%221658097052083970050%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1319.7999992370605%7D&dnt=1
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
7
date
Mon, 15 May 2023 19:14:38 GMT
strict-transport-security
max-age=631138519
last-modified
Mon, 15 May 2023 19:14:38 GMT
server
tsa_b
vary
Origin
content-type
image/gif
x-transaction-id
46564a3dfa121fdc
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
f334bc0712286e3102da6fdc617d3c02d1a4cc876a89c5013a1677c699c5c03a
content-length
43
embeds
syndication.twitter.com/i/jot/ Frame 0FD4 		43 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1684178078732%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fcelebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22856813858445c%3A1682708899865%22%2C%22item_ids%22%3A%5B%221657212176178855939%22%5D%2C%22item_details%22%3A%7B%221657212176178855939%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1319.2000007629395%7D&dnt=1
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
6
date
Mon, 15 May 2023 19:14:38 GMT
strict-transport-security
max-age=631138519
last-modified
Mon, 15 May 2023 19:14:38 GMT
server
tsa_b
vary
Origin
content-type
image/gif
x-transaction-id
6b982bfab87f68cd
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
f334bc0712286e3102da6fdc617d3c02d1a4cc876a89c5013a1677c699c5c03a
content-length
43
sid
mug.criteo.com/ Frame 8113
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=visiontimes.com&sn=ChromeSyncframe&so=3&topUrl=www.visiontimes.com&bundle=V3mixV9Sa04wRE9RSzklMkZ0MlZnQkdDTlpOSEpJU1VSJTJGVU4zaHdwcXVWT...
  • https://mug.criteo.com/sid?cpp=tDc1Nnw3OEFpdTF0MS9HY2ZxSXJjSzJpekc3NGk0QnI3amRmem5MVmtVZDV3Z1JIKytZbnRGcFNVTHVLbUtNMDJ4WmN6TUFTd2owbUx4cnc4QkNRRzREaWpTVmQ1T000UTl0dXZObFkyVksrSGdncjgzRzBLWCtaMVRpVU...
433 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tDc1Nnw3OEFpdTF0MS9HY2ZxSXJjSzJpekc3NGk0QnI3amRmem5MVmtVZDV3Z1JIKytZbnRGcFNVTHVLbUtNMDJ4WmN6TUFTd2owbUx4cnc4QkNRRzREaWpTVmQ1T000UTl0dXZObFkyVksrSGdncjgzRzBLWCtaMVRpVUtiL2F4U3VmbVZwdlRjK3dkYU9SSmI0MHp6U0FnakUzWGZ2V21lZDZFQjVaaVcwMjJhU1MxK0MwU0srZTNmWmNIcENXb3V1bFRGdmRQM1BPNk1vejhvU2hiRS8rZ3drVFU3STZwdU01RlUvMm1sTWtHQytPOHNFUjlGOU91RU80aGxKNmNvWFhuOG56YnFLRWIrTUFpSnM1MUpaTU5TSXg2VDB3K0NIRVhZdVBLcVFQelpOdz18&cppv=2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3b1f2f24f9238e5c4e0664908eaa7a2b7c22df3dbb8e5c054cdbd17faee21a05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2557969
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=tDc1Nnw3OEFpdTF0MS9HY2ZxSXJjSzJpekc3NGk0QnI3amRmem5MVmtVZDV3Z1JIKytZbnRGcFNVTHVLbUtNMDJ4WmN6TUFTd2owbUx4cnc4QkNRRzREaWpTVmQ1T000UTl0dXZObFkyVksrSGdncjgzRzBLWCtaMVRpVUtiL2F4U3VmbVZwdlRjK3dkYU9SSmI0MHp6U0FnakUzWGZ2V21lZDZFQjVaaVcwMjJhU1MxK0MwU0srZTNmWmNIcENXb3V1bFRGdmRQM1BPNk1vejhvU2hiRS8rZ3drVFU3STZwdU01RlUvMm1sTWtHQytPOHNFUjlGOU91RU80aGxKNmNvWFhuOG56YnFLRWIrTUFpSnM1MUpaTU5TSXg2VDB3K0NIRVhZdVBLcVFQelpOdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
431437
content-length
0
expires
0
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=7.379145967719091
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::64 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-hbjxUpxNW0oP_v8XyYGwqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-hbjxUpxNW0oP_v8XyYGwqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=1.1211466555986023
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::64 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5ZBT469LSYI4eBEcKaH9RA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-5ZBT469LSYI4eBEcKaH9RA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		6 KB
753 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
466798fae129eb3899a28dc6cd8aaab04bfbad6e4a9f51d598a225041ea64165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 May 2023 19:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 May 2023 19:04:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 May 2023 19:14:38 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C6B8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.visiontimes.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 05:55:38 GMT
x-content-type-options
nosniff
age
220741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 05:55:38 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C6B8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.visiontimes.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 21:41:17 GMT
x-content-type-options
nosniff
age
164002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 21:41:17 GMT
truncated
/ Frame CE94 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
312ec018c251b3b6a170685ba27664b9a2fcba4c72d6178734e51b9a89844ca7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EB61 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4bf69b34c6038e7fc2852ff4f609937290ecfe6de8db4eadda8b50250cd8c84

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
khaos.jpg
token.rubiconproject.com/ Frame 5015 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
init
gw.geoedge.be/api/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:e000:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 19:14:38 GMT
via
1.1 97838e4a7e48c5b1ece191e6f727eb80.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
content-length
0
x-amz-cf-id
5uGRZjIK_XQNFMR0ibKXfWnq-jrL8haYlmGBa_eDyWW9SofULwa2og==
x-cache
Miss from cloudfront
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305051745000/ Frame F728 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5305e00f72123f81c8d7bf9016797c7c161b7d73a28cb4037425c93d5c50214
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:20 GMT
age
9918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61874
x-xss-protection
0
server
sffe
etag
"1f10ad03381c56f5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:20 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame F728 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:22 GMT
age
9917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5227
x-xss-protection
0
server
sffe
etag
"c5726c99a9d8e9d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:22 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame F728 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-analytics-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:27 GMT
age
9912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28894
x-xss-protection
0
server
sffe
etag
"e449c041a52d1404"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:27 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame F728 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-fit-text-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:33 GMT
age
9906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1910
x-xss-protection
0
server
sffe
etag
"40d60bfa9b2b96dd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame F728 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-form-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:33 GMT
age
9906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12944
x-xss-protection
0
server
sffe
etag
"8267429d1a59707e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:33 GMT
css
fonts.googleapis.com/ Frame F728 		9 KB
932 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 May 2023 19:14:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 May 2023 18:07:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 May 2023 19:14:39 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F728 		295 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 11:37:12 GMT
x-content-type-options
nosniff
server
cafe
age
27447
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 16 May 2023 11:37:12 GMT
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F728 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 18:01:34 GMT
x-content-type-options
nosniff
server
cafe
age
4385
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2471
x-xss-protection
0
expires
Tue, 16 May 2023 18:01:34 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F728 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBJManYRiZJPVN46vnwSw2rfgCbm5gd9vh_qT-eoQwI23ARABINDLo48BYMnGqYvApNgPoAGjte74KMgBBqkCuEm_tTNnsj7gAgCoAwGqBOMCT9Cb0X17oa8i1buzBlFgPKfg2EGjRROKxndY3OsgflmHihNbf3DW5PPmMKBWtDoYbfBvoLD2YXY9sH0x1baSzp85moYvkSUkP1Wmiuu65-I_KgAtoi6tHezW0iPQ9IsBDJFfAMALTKrYB781c76LuywBXYPZTxBQ0v7QDtDvlPFjQJpj6l0npaaKDRbh2gMijowBOcMVODNeypEhiR7RYKpfhBF29YpywWiShLv7CT-7egfHgx0YJItuKF0SYRjAQW3TW9FJlLamamj791G3bLgQ98lNivaMX2L_1G4rPHQHsfZID9__AVFxoOsC2T7wjdsbNWjGxUXHtAOWo4TdpDiDlX8Yx0ibJD9BRFfOg-YD6oVJcIWxuk1Vr8bBZePVO8REBJzi5Pwa15CfCjC2Uqs1YW6yonMUIQ4Bg_VtJJvdLLVDIo9ob8rP74oF7eJchgnq72cWwuWrQ7kQNh_Gnyky9cAE9LP6r6wE4AQBkgUECAQYAZIFBAgFGASAB6PtvtgDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ2qsS0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwHYEwzQFQGYFgGAFwGyFx8KHQgAEhRwdWItMjU1NTQzNzc0NDA4NDQyMBiL0IEB&sigh=gdZTDMvQS-U&uach_m=[UACH]&cid=CAQSPABygQiDe_ZovjxnVeVZS0cp3x58A2KNbn9MrNUmtw0QEFxBNW9L2d9bWst2nsKbNoObyZyAz_mNN1HJVRgB&template_id=492
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame EB61 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaRpfMa7S4QzrpQCpGm0tFFBPqLoN2vFJ7687CdxO4-JOkaLENn-vxbC2jCENLRZ7r96pemEK9ct1OMvsPKAV3aXvAjJDw-ZRn6kJzAGjwspssJq2PdfcRDmAzsH93tSkGqEWWwpQUbU6vbCRxmjeJNIRR-DywHPOyCFn5cdeUJIUgzOsC00gXzPh3PnuZdw33zjXe7EfUI8l6k1sZWsQ4GgawkAtk8xTZmtk8b2gXEvPO9A-vPTgbfwaZVfevxDQiTEo-PSMd0WykJGZoZEvxLCIq-hNiaAQJkHCtU_0ZLLrQ_NbRWn2OcvFKF75mbbF1f87NqsLUWAL2VKmQpEwHg9heH--bxCIFVAOwsg&sai=AMfl-YR_zDhvIYUzNmsGzoYGoGjYh7Dv6nQcfLmP2S5KPREpGbMjMmfPf3pvjK84DjC4NUejV5wiKP650f0ZnYk0JzMRUcFQ8r_lMWUbGfjQpqN8Ua7n_HqgRQAb3nIMtA&sig=Cg0ArKJSzCN4PZ08NVyrEAE&uach_m=[UACH]&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 15 May 2023 19:14:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CE94 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzQbqLg14UJat77i-VQ_q1EXQ_2kSZB_gWMjjCy4U2Whbd3fbaC0x0TJbQlvpsSRBNdQv1vyT-d76OYflJiZQRQIQ1dKcN2R6f2KOEDMaBAtp6SWx_9U4mRBTeIjuryTwUhOOy6KFujOqL0pgXXpQNtMiV1WFPkPvdLoLGnLXc8ONiiLyXf8fgWInAqmWNjVZpIIbYepezItkrLPAZJh4JNtx-LWJtZYrl9FESzz6tkoVjuFxxVAsSyLYuxItNw0fQSAamn_eHBpvGGXp5bidGa01vKEbwqN02y9-PFZVuTVOWOSTrfNZ1MA23FOgi3N6jP_VAVL1mf0nkqMdr7q5tMcZKKf4o&sai=AMfl-YQ6t3s8G4GCK9LmX0cy2dlRrmKKcxF0VHrkIXwrRTquguoDs97bbDMsTas-boK4OERkc_ZsNChpdOyfc_0LZcBAuL2L7nrX9MOOxilkkRM5ldNn2y50yyFM1vr37A&sig=Cg0ArKJSzEepMQxzwyHEEAE&uach_m=[UACH]&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::9b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 15 May 2023 19:14:39 GMT
truncated
/ Frame F728 		161 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F728 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ef253d202cb1593cf874a852df034049e821c1d0c6365d63d22c52d34d7a457

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame F728 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.visiontimes.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 07:33:17 GMT
x-content-type-options
nosniff
age
214882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 07:33:17 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZGKEnonZraFhHhu2nwTybAAADWUAAAIB
0
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZGKEnonZraFhHhu2nwTybAAADWUAAAIB
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:39 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZGKEnonZraFhHhu2nwTybAAADWUAAAIB
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
0
Expires
0
AGSKWxXUpkzUkM-hKcVNtoj8mmWJ2l1MOPKT-fZDmad-zpfb8itOEQOOeafyj1n48Lwf6gHj0fVnj7zIt7ga6WVIy2SkHO8vGbWsUVDdJG-Q0BX_7xhQ88qcLyaJroVKBhFqMINgjZDR
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXUpkzUkM-hKcVNtoj8mmWJ2l1MOPKT-fZDmad-zpfb8itOEQOOeafyj1n48Lwf6gHj0fVnj7zIt7ga6WVIy2SkHO8vGbWsUVDdJG-Q0BX_7xhQ88qcLyaJroVKBhFqMINgjZDR
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.OFZEGr8iWK0.es5.O/d=1/rs=AJlcJMxsxcSdpCr8VY5raTwbKK74i17g8w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::64 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-r_xvBzSXYOyXwJF7eaSYsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 19:14:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-r_xvBzSXYOyXwJF7eaSYsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.visiontimes.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame F728
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Server
2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Mon, 15 May 2023 19:14:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F728 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 18:01:34 GMT
x-content-type-options
nosniff
server
cafe
age
4385
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2471
x-xss-protection
0
expires
Tue, 16 May 2023 18:01:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F728 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c11::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 11:37:12 GMT
x-content-type-options
nosniff
server
cafe
age
27447
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 16 May 2023 11:37:12 GMT
setuid
u.4dex.io/ Frame 39BB
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LHP856MI-1I-KK08
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LHP856MI-1I-KK08
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=LHP856MI-1I-KK08
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:39 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=LHP856MI-1I-KK08
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8879d63542e1f07dd8e6d691f6d521da
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame BAD9 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ecm3
s.amazon-adsystem.com/ Frame 5015
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LHP8572C-19-6ATV
  • https://s.amazon-adsystem.com/ecm3?id=LHP8572C-19-6ATV&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LHP8572C-19-6ATV&ex=d-rubiconproject.com&status=ok
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3DTEJ5KQGJ51F7TEJF2F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LHP8572C-19-6ATV&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 5015
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uAXLRQCDSe-gwFk0YmK7mQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uAXLRQCDSe-gwFk0YmK7mQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uAXLRQCDSe-gwFk0YmK7mQ
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z31C82WK5P9R07TD17JW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uAXLRQCDSe-gwFk0YmK7mQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5015
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9ded1e15-51d8-4d7d-a753-c83028365f39&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame 5015
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhQODU3MkMtMTktNkFUVg==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG5p-UXf-an2jeVKpz8rJ4w&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQODU2TUktMUktS0swOA==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQODU2TUktMUktS0swOA==&google_push=
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H3
Server
173.194.210.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vn-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQODU2TUktMUktS0swOA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5015 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 19:14:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1T3S2CYH8QZYB2XE9GFR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5015
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWJiZTBjNDQ2ZDEyOWVhYmZiNzc4ZDc3MjI0ZGQ2ZDNlNjc1NmM5Zg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWJiZTBjNDQ2ZDEyOWVhYmZiNzc4ZDc3MjI0ZGQ2ZDNlNjc1NmM5Zg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H3
Server
173.194.210.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vn-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWJiZTBjNDQ2ZDEyOWVhYmZiNzc4ZDc3MjI0ZGQ2ZDNlNjc1NmM5Zg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5015
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECB2RH0FmqnBDBkNK6Oi16c&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECB2RH0FmqnBDBkNK6Oi16c&google_cver=1
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECB2RH0FmqnBDBkNK6Oi16c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5015
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/UGoAuA3iUvwzSqVME-fMOMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4kLU731E2oK5rZmAvTutI2v5T9bgVOrtwgaeyA--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4kLU731E2oK5rZmAvTutI2v5T9bgVOrtwgaeyA--~A
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 15 May 2023 19:14:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4kLU731E2oK5rZmAvTutI2v5T9bgVOrtwgaeyA--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 5015
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHP8572C-19-6ATV
0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHP8572C-19-6ATV
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:40 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 70BE2F8BB751487DA40CBA37E40ADB47 Ref B: EWR30EDGE1622 Ref C: 2023-05-15T19:14:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX7wEQ4CNwQBpeTNfJEQA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHP8572C-19-6ATV
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
adsec.
fundingchoicesmessages.google.com/f/AGSKWxVRNJjhOOfFblij572xCGR_duZyoSPEs-jbsCbBPQBHs_cJi67eudIIufnmiTLLKB7SFIhEuXAbtj8Ma19NGtqPw3Z4Niio4qyuzW3gJ5WcgEyohBP04gHdP4xl7fmIdA6-XXe9hMwBFyTsq1nEar-2aWqhU... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVRNJjhOOfFblij572xCGR_duZyoSPEs-jbsCbBPQBHs_cJi67eudIIufnmiTLLKB7SFIhEuXAbtj8Ma19NGtqPw3Z4Niio4qyuzW3gJ5WcgEyohBP04gHdP4xl7fmIdA6-XXe9hMwBFyTsq1nEar-2aWqhUFkyk3yamxlbiWb7VpG_F2qpvmYDeQg=/__adspace-/ad8./ads-01./adsico2./adsec.
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::64 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
97eed46fbdba21a0f9d7bae678429a048fe9f4112f890dc9d3486cbb7c87c20e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9vy2X7XbjJ8CWFQeNibvcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9vy2X7XbjJ8CWFQeNibvcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.210.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vn-in-f157.1e100.net
Software
cafe /
Resource Hash
34787464e140d5204aaa1d5582db39538f3cdb2ff72e17daa2b88bdc739b0d81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 18:57:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
1009
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23385
x-xss-protection
0
server
cafe
etag
3962869941991229512
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 15 May 2023 19:57:50 GMT
AGSKWxXUpkzUkM-hKcVNtoj8mmWJ2l1MOPKT-fZDmad-zpfb8itOEQOOeafyj1n48Lwf6gHj0fVnj7zIt7ga6WVIy2SkHO8vGbWsUVDdJG-Q0BX_7xhQ88qcLyaJroVKBhFqMINgjZDR
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXUpkzUkM-hKcVNtoj8mmWJ2l1MOPKT-fZDmad-zpfb8itOEQOOeafyj1n48Lwf6gHj0fVnj7zIt7ga6WVIy2SkHO8vGbWsUVDdJG-Q0BX_7xhQ88qcLyaJroVKBhFqMINgjZDR
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.OFZEGr8iWK0.es5.O/d=1/rs=AJlcJMxsxcSdpCr8VY5raTwbKK74i17g8w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::64 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-41F7iBgrXOEd0sqKhyZ6kQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 19:14:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-41F7iBgrXOEd0sqKhyZ6kQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.visiontimes.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXUpkzUkM-hKcVNtoj8mmWJ2l1MOPKT-fZDmad-zpfb8itOEQOOeafyj1n48Lwf6gHj0fVnj7zIt7ga6WVIy2SkHO8vGbWsUVDdJG-Q0BX_7xhQ88qcLyaJroVKBhFqMINgjZDR
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXUpkzUkM-hKcVNtoj8mmWJ2l1MOPKT-fZDmad-zpfb8itOEQOOeafyj1n48Lwf6gHj0fVnj7zIt7ga6WVIy2SkHO8vGbWsUVDdJG-Q0BX_7xhQ88qcLyaJroVKBhFqMINgjZDR
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.OFZEGr8iWK0.es5.O/d=1/rs=AJlcJMxsxcSdpCr8VY5raTwbKK74i17g8w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::64 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ceI-9gmmFbMX-QCRwY3-2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 19:14:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-ceI-9gmmFbMX-QCRwY3-2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.visiontimes.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXUpkzUkM-hKcVNtoj8mmWJ2l1MOPKT-fZDmad-zpfb8itOEQOOeafyj1n48Lwf6gHj0fVnj7zIt7ga6WVIy2SkHO8vGbWsUVDdJG-Q0BX_7xhQ88qcLyaJroVKBhFqMINgjZDR
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXUpkzUkM-hKcVNtoj8mmWJ2l1MOPKT-fZDmad-zpfb8itOEQOOeafyj1n48Lwf6gHj0fVnj7zIt7ga6WVIy2SkHO8vGbWsUVDdJG-Q0BX_7xhQ88qcLyaJroVKBhFqMINgjZDR
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.OFZEGr8iWK0.es5.O/d=1/rs=AJlcJMxsxcSdpCr8VY5raTwbKK74i17g8w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::64 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zlQsf_zAInBCaIRafLK11Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 19:14:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zlQsf_zAInBCaIRafLK11Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.visiontimes.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXUpkzUkM-hKcVNtoj8mmWJ2l1MOPKT-fZDmad-zpfb8itOEQOOeafyj1n48Lwf6gHj0fVnj7zIt7ga6WVIy2SkHO8vGbWsUVDdJG-Q0BX_7xhQ88qcLyaJroVKBhFqMINgjZDR
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXUpkzUkM-hKcVNtoj8mmWJ2l1MOPKT-fZDmad-zpfb8itOEQOOeafyj1n48Lwf6gHj0fVnj7zIt7ga6WVIy2SkHO8vGbWsUVDdJG-Q0BX_7xhQ88qcLyaJroVKBhFqMINgjZDR
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.OFZEGr8iWK0.es5.O/d=1/rs=AJlcJMxsxcSdpCr8VY5raTwbKK74i17g8w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::64 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9Pj6T9EFYDTN6_uMaU9OOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 19:14:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9Pj6T9EFYDTN6_uMaU9OOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.visiontimes.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXR6hrXZT0Wh-986EbI55K10sPwFhZFmCCeRej6FrRrr3exZ09CvwurURHrEIFspamqM0V5rMrt4s5XM9t0P1x-r0Rkw5eW2bg0X4GmOiOe9VLvIpTKixvBGB0kqUsGXjUZLoXH
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXR6hrXZT0Wh-986EbI55K10sPwFhZFmCCeRej6FrRrr3exZ09CvwurURHrEIFspamqM0V5rMrt4s5XM9t0P1x-r0Rkw5eW2bg0X4GmOiOe9VLvIpTKixvBGB0kqUsGXjUZLoXH?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0MTc4MDc5LDk2MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cudmlzaW9udGltZXMuY29tLzIwMjMvMDUvMTUvY2VsZWJyaXRpZXMtaW50ZXJuZXQtcGVyc29uYWxpdGllcy1vcGVuLXRoZWlyLXdhbGxldHMtdG8tZnVuZC1kYW5pZWwtcGVubnlzLWRlZmVuc2UuaHRtbCIsbnVsbCxbWzgsIk9GWkVHcjhpV0swIl0sWzksImVuLVVTIl0sWzE3LCJbMF0iXV1d
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::64 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ee98ded0bc48e44e38a199fdfed06c41020b513bb16d14e877a5d4fd81096e0f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1ozkiU4SsF7iO-TVYE57Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 19:14:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1ozkiU4SsF7iO-TVYE57Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXRLN6hYSJic9pMS9Qlt8vmDcEtljGKBQqZ2bfbdb3sWRKiIfzZA4t6wF2_0fBKme1OQdVyu9yT4paLLrbfOkEJjlMJh4sFtYsQn33BevA5tibg0VU0m24QhYw23xVwlTFIkIZe
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXRLN6hYSJic9pMS9Qlt8vmDcEtljGKBQqZ2bfbdb3sWRKiIfzZA4t6wF2_0fBKme1OQdVyu9yT4paLLrbfOkEJjlMJh4sFtYsQn33BevA5tibg0VU0m24QhYw23xVwlTFIkIZe
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.OFZEGr8iWK0.es5.O/d=1/rs=AJlcJMxsxcSdpCr8VY5raTwbKK74i17g8w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c13::64 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9hQTV6Y8C_iosstfrKyTuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 19:14:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-9hQTV6Y8C_iosstfrKyTuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.visiontimes.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EB61 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxTdkOBb4THm6-OzSYo0kXscYH5MjLqXYZuKRgm-rlBUU1eOxCF4fY0pnbtTB_RTEvAjUv0fQQ0RxUhhVBHj6F4s2E-vvDmDBRh6Ot1fUh22LL3QdO&sig=Cg0ArKJSzFCMJXTLi4TkEAE&id=lidar2&mcvt=1021&p=728,1069,978,1369&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3438327699&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684178078165&rpt=874&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c01::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CE94 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEDMUZGPT6N47XaCzo7mtz2uuJ1xgDIXefvlPDa_oid7QwmVqhd94Yy1q1bd3_MyWBM9yS8FIBuj0y7-U1niOuRYrQh9ieUzjHrf2V9Hqd8BOzSWlQ&sig=Cg0ArKJSzIHg5O__MJnMEAE&id=lidar2&mcvt=1046&p=30,436,120,1164&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2296131749&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684178078147&rpt=924&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c01::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F728 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsst-oxoGe9J193LAYr8ttHP_EcEMk9AKn8WwACy_To2FKhYTfwA1_2sRmFr3AR4qgiGPd70quHvaN0CWuOjHui7nyClYNkjob-zsm-_0DjDTEfrZANudRJc0PeF_gGAGQEkgOQ&sai=AMfl-YRvcUwRGPKygm3q90EwQ0j5MVX2ugjbRCad6zhY-rthg5EFchP4M8SrT6RMPUp_gDL88GQnDBdUscmil1Pq5DlZALVcOJ1SD4-1YsSnF0yXO5LqeHflHX_NVJEL&sig=Cg0ArKJSzFTbJiQ7SduKEAE&cid=CAQSPABygQiDe_ZovjxnVeVZS0cp3x58A2KNbn9MrNUmtw0QEFxBNW9L2d9bWst2nsKbNoObyZyAz_mNN1HJVRgB&id=ampim&o=436,1109&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=975&tls=1975&g=100&h=100&tt=1975&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/celebrities-internet-personalities-open-their-wallets-to-fund-daniel-pennys-defense.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.210.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
vn-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lhp857f3&ctx=0&met.9=1.i2~13.mn~2.mu&met.3=112.2wr_2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 19:14:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
certify-js.alexametrics.com
URL
https://certify-js.alexametrics.com/atrk.js
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 boolean| credentialless string| gtm4wp_datalayer_name object| dataLayer object| VisionData object| VisionDataComment object| truepush object| _paq object| dataLayer_content object| __twttrll object| twttr object| __twttr function| jQuery object| lazySizesConfig object| lazySizes string| _itbcss_1 string| _itbccs_2 number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| requestManager object| pbjs object| adUnits function| prebidBidsBack function| sendBidsToAdServer object| grumi object| apstag undefined| $ object| googletag object| truepushVersionInfo string| r object| HTTP function| pbjsChunk object| _pbjsGlobals object| ADAGIO object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager object| GooglebQhCsO object| _atrk_opts function| fbq function| _fbq boolean| apstagLOADED object| apscustom object| _aps undefined| google_measure_js_timing undefined| key object| browserData undefined| subscription undefined| permissionAllowed undefined| iFrameReference undefined| skipSubscriberReport undefined| subscriberIdCallback boolean| isSubscribed string| optinStatus string| host string| cdnUrl string| imgUrl string| subDomainsHost boolean| fromSubDomain string| EnableHTTPLocalTest string| version string| defaultKey boolean| fromIframe boolean| fromWordpress boolean| fromshopifyDomain boolean| forShopifyCall object| xhttp object| desktopAllowedVersions object| mobileAllowedVersions function| isNotifAllowed function| CheckBrowserCampatability function| isPrivateMode function| truepushSDK function| loadAppJs object| sas object| apntag object| _ADAGIO function| onYouTubeIframeAPIReady object| gaGlobal function| setImmediate function| clearImmediate object| ID5 object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| ODFiNDc3NjI2ZDJmZjFlbG9hZGVyX2pz string| ODFiNDc3NjI2ZDJmZjFlY2FjaGVkX2pz object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| slotElement object| ONFOCUS object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_136 object| Criteo object| Criteo_identitytag_136 object| promise object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| 2e9bddb7-1598-44aa-a392-33f765e025b3 number| google_srt object| _google_rum_ns_

168 Cookies

Domain/Path Name / Value
www.visiontimes.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.visiontimes.com/ Name: _pubcid
Value: ff8b606a-4771-4abd-b632-43ff030a610a
.visiontimes.com/ Name: _gcl_au
Value: 1.1.2073693243.1684178077
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: e392dc37c975656d95dd603f31367e61
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDW2NEpJNjZPtjQ3NTM1S7E0TUkxMzBOMzY0NjNPNTNkAIKUpJY5IBoKAEmQCk0%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBISWqZA6SgAAAXaAHn"
.visiontimes.com/ Name: panoramaId_expiry
Value: 1684264476912
.visiontimes.com/ Name: _cc_id
Value: e392dc37c975656d95dd603f31367e61
.adnxs.com/ Name: icu
Value: ChgIgKZ7EAoYASABKAEwnYmKowY4AUABSAEQnYmKowYYAA..
.adnxs.com/ Name: uuid2
Value: 5238790058226081324
.visiontimes.com/ Name: _ga_7LEG9MJJ0Q
Value: GS1.1.1684178077.1.0.1684178077.60.0.0
.visiontimes.com/ Name: _ga
Value: GA1.1.581514505.1684178077
.visiontimes.com/ Name: _fbp
Value: fb.1.1684178077237.1974872171
.pubmatic.com/ Name: KADUSERCOOKIE
Value: AFC8F860-34E7-4351-BE58-9A1E0F80EA0C
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 159110:2
.pubmatic.com/ Name: DPSync3
Value: 1684713600%3A248%7C1685318400%3A201_263_262
.pubmatic.com/ Name: SyncRTB3
Value: 1685318400%3A54_249_55_5_240_48_233_220_22_46_166_8_21_250_7_104_3_71_231_178_165_13_56_234%7C1685404800%3A35%7C1684713600%3A223_15_2%7C1686700800%3A224%7C1684972800%3A63
www.visiontimes.com/ Name: cto_bundle
Value: V3mixV9Sa04wRE9RSzklMkZ0MlZnQkdDTlpOSEpJU1VSJTJGVU4zaHdwcXVWT011Y1VidUNJRDhFcWtkWHgxYjdtejJ3MEhNZHdPeXVXeUdEWU92U3FHMkxidTc2ODVyVVRjdUdwMWk1QSUyRmV1M3E0TE9wbUFydXYzc0VjcVMlMkY3SVMlMkJpJTJCODF2WQ
www.visiontimes.com/ Name: cto_bidid
Value: wgbaeV84aXpaS04yelNhTWMlMkIxMTBmTmo2UWlTYXFoZ3QlMkZuMnFnRU1FakslMkZyOVp3a2tJbmtyZjZJQnRBYlBkNG9za000ZjlxNGJIRGIlMkZRR216OTFmSzh2R0RBJTNEJTNE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tapad.com/ Name: TapAd_TS
Value: 1684178077631
.tapad.com/ Name: TapAd_DID
Value: 5ac6cc27-752c-4ae5-bd1d-7bf801d1eb3d
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5238790058226081324&KRTB&23339-5238790058226081324
.adsrvr.org/ Name: TDID
Value: 9ded1e15-51d8-4d7d-a753-c83028365f39
.3lift.com/ Name: tluid
Value: 2219360552203096644640
.deepintent.com/ Name: CDIUSER
Value: di_b1aa459a8e104795a5580
.quantserve.com/ Name: mc
Value: 6462849d-9d39e-39449-81020
.acuityplatform.com/ Name: auid
Value: 780031241462
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRAgaYD6WmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUQIGmA+lo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.yahoo.com/ Name: A3
Value: d=AQABBJ2EYmQCEFtuKiXb9WIpGIEreJzTqwYFEgEBAQHWY2RsZNxH0iMA_eMAAA&S=AQAAAv0ccVrRxArmleVjqIJgah0
.w55c.net/ Name: wfivefivec
Value: 6dGh8dJn1PYDEx5
.turn.com/ Name: uid
Value: 3600827481373604381
.amazon-adsystem.com/ Name: ad-id
Value: A1prbrSkO0fyrwX3rFlGldI
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-0a68a137-55bc-4e9c-8e35-27f2fe51e345&KRTB&23340-0a68a137-55bc-4e9c-8e35-27f2fe51e345
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&KRTB&23413-AFC8F860-34E7-4351-BE58-9A1E0F80EA0C&KRTB&23479-AFC8F860-34E7-4351-BE58-9A1E0F80EA0C
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-780031241462&KRTB&23428-780031241462
.bidr.io/ Name: bito
Value: AAB-TE7IxQkAAB_zVrTf7g
.bidr.io/ Name: bitoIsSecure
Value: ok
.w55c.net/ Name: matchpubmatic
Value: 5
.mathtag.com/ Name: uuid
Value: 84f96462-849e-4a00-948a-e81395bd6a4e
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 2a2a261c-47e8-4cc8-9a40-d05de04627b1
beacon.lynx.cognitivlabs.com/ Name: ss
Value: gbBKfd%2FGmRNywnQuOPptQFq6qdCrXC9m4WhQFG9cDDx%2FBTZNT%2FaYeRoUH%2FMl6ttDhlqeau1vtsUKlfiGaiQj9A%3D%3D
.simpli.fi/ Name: suid
Value: 8B186010B4F24A0C8B19B031EF91F199
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:6dGh8dJn1PYDEx5&KRTB&23421-uid:6dGh8dJn1PYDEx5
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:84f96462-849e-4a00-948a-e81395bd6a4e&KRTB&16736-uid:84f96462-849e-4a00-948a-e81395bd6a4e&KRTB&23019-uid:84f96462-849e-4a00-948a-e81395bd6a4e&KRTB&23114-uid:84f96462-849e-4a00-948a-e81395bd6a4e
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-7CzOz-IswZn3IZzO433VzuMszMT3IMnN6CgTib9n&KRTB&19420-7CzOz-IswZn3IZzO433VzuMszMT3IMnN6CgTib9n&KRTB&22979-7CzOz-IswZn3IZzO433VzuMszMT3IMnN6CgTib9n&KRTB&23462-7CzOz-IswZn3IZzO433VzuMszMT3IMnN6CgTib9n
.adgrx.com/ Name: ADGRX_UID
Value: bc1e3022-f354-11ed-911c-92a7124e64ef
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3600827481373604381&KRTB&23150-3600827481373604381
.thrtle.com/ Name: mc
Value: eyJpZCI6ImZkNDRkNTg5LThjMzEtNGE1Yi1iMGU4LWE2MGEwOTAyNjg1MyIsImwiOjE2ODQxNzgwNzc3MjIsInQiOjF9
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEKNrZV5j0mC7AbkWMP-ETck&KRTB&22987-CAESEKNrZV5j0mC7AbkWMP-ETck&KRTB&23025-CAESEKNrZV5j0mC7AbkWMP-ETck&KRTB&23386-CAESEKNrZV5j0mC7AbkWMP-ETck
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4ec415cb-95e1-538d-6230-0ad19cdf4f4a.ThMKHCuF%2FJiNjxJhTPfbakT3gEbx7tQi6GLJSli%2BVUs
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATsQVy5XhU41iMArRnN9PSgW16oY.i5mo9QoecSwoP0wOW%2BfnxOCMamrAGqlyxwUBXZLx5g4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ATsQVy5XhU41iMArRnN9PSgW16oY.i5mo9QoecSwoP0wOW%2BfnxOCMamrAGqlyxwUBXZLx5g4
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-bc1e3022-f354-11ed-911c-92a7124e64ef&KRTB&23275-bc1e3022-f354-11ed-911c-92a7124e64ef
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:8B186010B4F24A0C8B19B031EF91F199&KRTB&23486-uid:8B186010B4F24A0C8B19B031EF91F199&KRTB&23489-uid:8B186010B4F24A0C8B19B031EF91F199
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-9ded1e15-51d8-4d7d-a753-c83028365f39&KRTB&22918-9ded1e15-51d8-4d7d-a753-c83028365f39&KRTB&23031-9ded1e15-51d8-4d7d-a753-c83028365f39
.sitescout.com/ Name: ssi
Value: 3cc06ae1-cf32-4e40-97b4-ec21c2a82371#1684178077784
.ipredictive.com/ Name: cu
Value: b979531c-bbbd-42e7-bb34-08db7f10ced8|1684178077792
.mxptint.net/ Name: mxpim
Value: R35CA9_102B97382_68C2E078.1.00000000000000006462849D
.technoratimedia.com/ Name: tads_uidp_44
Value: LHP6SL9D-1I-EREP
.technoratimedia.com/ Name: tads_uidp_88
Value: 1018520182429802298707
.technoratimedia.com/ Name: tads_uidp_77
Value: j91B-Z2XW8MLEl-ZTUYGw_OsbnVcJWCr7m6K9-2qpn0
.technoratimedia.com/ Name: tads_uidp_45
Value: 49562057-E92D-4D3A-A1BB-8F03FB740315
.technoratimedia.com/ Name: tads_uidp_46
Value: 3752900315434054020
.technoratimedia.com/ Name: tads_uidp_79
Value: 6686966f-ede3-429a-aa4e-9c202438584b
.technoratimedia.com/ Name: tads_uidp_37
Value: 5998daad-bddb-3043-a561-aafb62465b85
.technoratimedia.com/ Name: tads_uidp_48
Value: 8cd1fa26-fd08-41b4-a182-562a21870c0f
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAHTMCe9GtnTwMVs0QqAAAAAAA
.technoratimedia.com/ Name: tads_uidp_90
Value: 8fdbc304-6b1b-4375-ac1f-60f3edbe1943
.technoratimedia.com/ Name: tads_uidp_7
Value: 2bd1bf41-9857-4683-a777-83431422f0e4
.technoratimedia.com/ Name: tads_uidp_80
Value: y-Qm21Bm5E2uFHi0skI4v.GCy99Dg3fbS4~A
.technoratimedia.com/ Name: tads_uidp_70
Value: 1664836083826-933092590846-007289-008-005688
.technoratimedia.com/ Name: tads_uidp_82
Value: ZGJwhh4YWMj5ZITqytaaGQAA&3566
.technoratimedia.com/ Name: tads_uidp_50
Value: bab7a57a-407f-4c57-8e71-8b9e791fb09b
.technoratimedia.com/ Name: tads_uidp_61
Value: 212163166839014
.technoratimedia.com/ Name: tads_uidp_62
Value: 3271774100813453000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: i5wHsJjavqopMqj1tSUdXgebCRqyuDwK
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-66cdac91-4dcd-4f75-bfd3-6fc2e785cd8d-005
.technoratimedia.com/ Name: tads_uid
Value: 6C9509C18A274A72AA6720B9342CCB7A
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220529214707+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1681186223197
.bidswitch.net/ Name: tuuid
Value: a1c7c0cc-1b29-4d10-8861-b07931a64433
.bidswitch.net/ Name: c
Value: 1684178077
.csync.loopme.me/ Name: viewer_token
Value: 91b1ed31-9c46-41eb-9e80-6fdae7081f43
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_bc30f182-f354-11ed-8ccf-12fa6b58ae11
.smaato.net/ Name: SCM
Value: ac5f9951
.smaato.net/ Name: SCMaps
Value: ac5f9951
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzIzMzIzNTC0NLI0FOIz1M0p8s_K9EgscHFKyQQAEpI3KSQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzIzMzIzNTC0NLI0FOIz1M0p8s_K9EgscHFKyQQAEpI3KSQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFiaG5hYG5uaWgIALNdxfEQAAAA
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAB-TE7IxQkAAB_zVrTf7g
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CA9_102B97382_68C2E078&KRTB&23092-R35CA9_102B97382_68C2E078
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-b979531c-bbbd-42e7-bb34-08db7f10ced8&KRTB&23011-b979531c-bbbd-42e7-bb34-08db7f10ced8&KRTB&23355-b979531c-bbbd-42e7-bb34-08db7f10ced8
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-968907266265019291
.bidswitch.net/ Name: tuuid_lu
Value: 1684178078
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2bnv:18y3~2bnv"
.casalemedia.com/ Name: CMID
Value: ZGKEnonZraFhHhu2nwTybAAA
.casalemedia.com/ Name: CMPS
Value: 3429
.casalemedia.com/ Name: CMPRO
Value: 3429
.yieldmo.com/ Name: yieldmo_id
Value: g2c1af3b0a649612876b%7C1684178078049%7C0%7C
.ads.yieldmo.com/ Name: rptr
Value: rc%3D1170408%7Cc%3D1170408%7Ctapad%3D1170408%7Cdv360%3D1170408%7Can%3D1170408
.sharethrough.com/ Name: stx_user_id
Value: 078b28bf-8d47-4199-bdcb-b33b17d36d52
.contextweb.com/ Name: V
Value: XrlS4uYF1R4c
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1klq|7dN.0.AAB-TE7IxQkAAB_zVrTf7g
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 9401b6f8de880cb9
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAIn65qZSU8UQNkWOUvAAAAAAA&KRTB&22713-AAAIn65qZSU8UQNkWOUvAAAAAAA&KRTB&22715-AAAIn65qZSU8UQNkWOUvAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553&KRTB&23418-3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAB-TE7IxQkAAB_zVrTf7g
.lijit.com/ Name: ljt_reader
Value: GprCiPZHxyTrprMOQMCZ6PcE
.id5-sync.com/ Name: id5
Value: e3bcd382-396d-7eca-95a5-0eb290feecdc#1684178077058#3
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjI0U7IyNLMwNbYwNzO30FGyMEHlmxij8g2NUPmWKOprAabgELA%3D
.creative-serving.com/ Name: tuuid
Value: 4ced5336-0ea6-4dee-82f9-4ae81116ed89
.creative-serving.com/ Name: c
Value: 1684178078
.creative-serving.com/ Name: tuuid_lu
Value: 1684178078
.doubleclick.net/ Name: IDE
Value: AHWqTUkHJ0AyxYygDSi9jGn6NUImYzE4ZYd1IAFIHfKriFMBfcf16s2PUA23wQuOsD0
.adform.net/ Name: C
Value: 1
.visiontimes.com/ Name: __gads
Value: ID=940dcae8ccdf974e:T=1684178077:S=ALNI_MbiUU5i5ra9rkef7z3MhlAAI_vO8w
.visiontimes.com/ Name: __gpi
Value: UID=000009f30d301367:T=1684178077:RT=1684178077:S=ALNI_MasSrWOWZHRoQ3xMYqRtBOef1PZ_Q
.w55c.net/ Name: matchcasale
Value: 5
.dotomi.com/ Name: DotomiTest
Value: 2bf042e10f981846
.taboola.com/ Name: t_gid
Value: c561c36a-05cd-4440-b6f6-efee0edf1a72-tuctb5c0a1e
.ads.yieldmo.com/ Name: ptran
Value: 5238790058226081324
.ads.yieldmo.com/ Name: ptrc
Value: CAESEDd0rKJ4zEEBCvGCNdMQ_ig
.clickagy.com/ Name: cb
Value: ZGKEnocZEk8VGWQqRSr7mnCi
aorta.clickagy.com/ Name: chs
Value: [{"ch":"185","t":"2023-05-15 19:14:38"}]
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY4NDE3ODA3ODAwMiwiNDgiOjE2ODQxNzgwNzgzNzQsIjM5IjoxNjg0MTc4MDc4Mzc0LCI3IjoxNjg0MTc4MDc4Mzc0fQ
.quantserve.com/ Name: d
Value: EKABEgH_KPijDejbEA
.criteo.com/ Name: uid
Value: 32cb696e-54f6-4fee-889a-aaea1d0dc73c
.zemanta.com/ Name: zuid
Value: cwEnbd6q8UIf6KZcn_UQ
.adform.net/ Name: uid
Value: 5433832718340559967
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!3259-2!3259
.lijit.com/ Name: _ljtrtb_84
Value: ZGKEnocZEk8VGWQqRSr7mnCi
.lijit.com/ Name: _ljtrtb_43
Value: bM0hJWLNLnN3wHMkY5w6JGPNIy53wSYnaMk-dIJU
.blismedia.com/ Name: b
Value: 6462849E8B4173F6408C1DCEBLIS
.lijit.com/ Name: _ljtrtb_12
Value: 5238790058226081324
.smartadserver.com/ Name: pid
Value: 3377001389364036220
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5433832718340559967&KRTB&23263-5433832718340559967&KRTB&23481-5433832718340559967
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-a1c7c0cc-1b29-4d10-8861-b07931a64433
.pubmatic.com/ Name: PugT
Value: 1684178078
.lijit.com/ Name: ljtrtb
Value: eJyrVjI0UrJSMjUytjC3NDAwtTAyMjOwMDQ2MlHSUbIwAUpFuXu75uUnR7lmW4S5hwcWBgUXmefmOWcC5U2MgfJJvgYZXuE%2Bfj55fsblHr7ZkablZl7uAX6elabG5cGReYm%2B2bopnl6hSrUAzIEd0Q%3D%3D
.lijit.com/ Name: _ljtrtb_16
Value: 3cc06ae1-cf32-4e40-97b4-ec21c2a82371-6462849d-5553
.bluekai.com/ Name: bku
Value: ikG99JbWRZHcCnTQ
.bluekai.com/ Name: bkpa
Value: KJhD02Nr3M9z9wY7yDL2+GeKZOBnSS7kxtiOXgX8TK+LHsDm1/+fIZUJqFR9FX6Xnw6sTKNrdl4GertcwpS5IffwhU2UxMFI02wPNc4e5cC5kF+LTSmaZ/PRL8t4RfFIfsdNrBEg2rNZ/4SRItkIM3taVcB22J5bLOOgbIrN35Fn+XmLLpYBYx3WEUDQMcJhuJ/Lv2Bxb8iAhGzyMykyNyZeIsQThpCZeCiaBVDmo+TjLpwJ0gxvAXCHs+kRH90T5vC/ELj/y1/cUx3q3iYFF1Ms8bx9pAcrR3RG3ATZXWcnYavKt2unvx2/oiVzPmueaoDZwWKdUaJ9vVlNTfWHCKWIAenhqujP0eZy/32yWM30XaRFlU6bdwAS9OcWSWR=
.ads.yieldmo.com/ Name: ptrrc
Value: LHP856MI-1I-KK08
.visiontimes.com/ Name: cto_bundle
Value: k3699V9Sa04wRE9RSzklMkZ0MlZnQkdDTlpOSElsWm5lRWxUb0JmMFUwZ1NoOEE1SU1oMnpYV0olMkYyZ2w2Y2ZUYkpsZ2RuN0dtZk9xNGdiSXRLb2lzeWY2cE1DSDlRJTJGMk5DaFM5ZVE0VlFiUiUyQm92cUNFUjZBMGZucGloJTJCTEZmblBZNU1hVlMlMkZ2WU56U095UnoycmdadEJBSUNMTHclM0QlM0Q
.www.visiontimes.com/ Name: cto_bundle
Value: k3699V9Sa04wRE9RSzklMkZ0MlZnQkdDTlpOSElsWm5lRWxUb0JmMFUwZ1NoOEE1SU1oMnpYV0olMkYyZ2w2Y2ZUYkpsZ2RuN0dtZk9xNGdiSXRLb2lzeWY2cE1DSDlRJTJGMk5DaFM5ZVE0VlFiUiUyQm92cUNFUjZBMGZucGloJTJCTEZmblBZNU1hVlMlMkZ2WU56U095UnoycmdadEJBSUNMTHclM0QlM0Q
match.sharethrough.com/ Name: AWSALBCORS
Value: CCo5Yk3i/ahy0XjmQSKBoaRQ6eh8E6I+e0hiYzWe62LnNpmCiULLDUZiIA9gl+s7r+TyXwQkiZfJJpnvTACdBeyWt+GDPclnrqvsPdNZEJZSIaFezvWmYoxR3Y+F
.doubleclick.net/ Name: DSID
Value: NO_DATA
.pubmatic.com/ Name: SPugT
Value: 1684178080
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjenuOJ1eDqOxAFEhQKBXRhcGFkEgsIiJrFitXg6jsQBRIVCgZjYXNhbGUSCwiU9KyO1eDqOxAFEhsKDHNoYXJldGhyb3VnaBILCLjG85DV4Oo7EAUSFgoHcnViaWNvbhILCKqDtpzV4Oo7EAUYASACKAIyCwi4vva96-DqOxAFOAFaDHNoYXJldGhyb3VnaGAC
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyJpbmRleGV4Y2hhbmdlIjoiMjAyMy0wNS0xNVQxOToxNDozNy4wNDQ2NTkyM1oiLCJwdWJtYXRpYyI6IjIwMjMtMDUtMTVUMTk6MTQ6MzcuMDQ0NjUyNDI3WiIsInJ1Ymljb24iOiIyMDIzLTA1LTE1VDE5OjE0OjM3LjA0NDY1ODE3N1oifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiY2IyMTg5NjctNDNkZC00NWE0LTljZWMtZjFiOGIzNDk2YjBmIiwiZXhwaXJlcyI6IjIwMjMtMDctMTRUMTk6MTQ6MzcuMDQzNjMxMTIzWiJ9LCJpbmRleGV4Y2hhbmdlIjp7InVpZCI6IlpHS0Vub25acmFGaEhodTJud1R5YkFBQURXVUFBQUlCIiwiZXhwaXJlcyI6IjIwMjMtMDctMTRUMTk6MTQ6MzkuMzExNDM3MloifSwicHVibWF0aWMiOnsidWlkIjoiQUZDOEY4NjAtMzRFNy00MzUxLUJFNTgtOUExRTBGODBFQTBDIiwiZXhwaXJlcyI6IjIwMjMtMDctMTRUMTk6MTQ6MzcuNjY3MTk4MTU2WiJ9LCJydWJpY29uIjp7InVpZCI6IkxIUDg1Nk1JLTFJLUtLMDgiLCJleHBpcmVzIjoiMjAyMy0wNy0xNFQxOToxNDozOS45MTMwMjAwMTFaIn19LCJiZGF5IjoiMjAyMy0wNS0xNVQxOToxNDozNy4wNDM0MDczMDRaIn0=
.visiontimes.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8mIyXW8Kb3D66HwLWH1u0Bom556qikYnYoUxgHpxkGD57ei22fa1SVyTAWtDhDW1W-8YKTQ2B-XlApHaHTIDujz5L4Bw1Dbb2UkMU226nTOiOfAu2V6tQAXfufSskjypxvoiVSAheJr294yj04JNEfID4jYg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.rubiconproject.com/ Name: khaos
Value: LHP856MI-1I-KK08
.rubiconproject.com/ Name: audit
Value: 1|QF4bHd2yDIak77EXTTNWnDKDhGxPGYfrF31dV1GcWlfFwpmMCvAS5nia04shgWzZTpoDu1IlcXHqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.linkedin.com/ Name: bcookie
Value: "v=2&852dbc5b-e83e-47e9-8ba0-9deef411a142"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2935:u=1:x=1:i=1684178080:t=1684264480:v=2:sig=AQEGjkNnrDsGa7yn7gWBwepvfLAjNUSe"

3 Console Messages

Source Level URL
Text
network error URL: https://certify-js.alexametrics.com/atrk.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn.matomo.cloud/kreativreason.matomo.cloud/matomo.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TsQVy5XhU41iMArRnN9PSgW16oY&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.mrtnsvr.com
ad.turn.com
ads.creative-serving.com
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
amazon-tam-match.dotomi.com
analytics.google.com
aorta.clickagy.com
ap.lijit.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
c.4dex.io
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.matomo.cloud
cdn.syndication.twimg.com
ce.lijit.com
certify-js.alexametrics.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
csync.loopme.me
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e76b1da0232d3c8c593de06fd01d61f1.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
gw.geoedge.be
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.visiontimes.com
intothebid.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prg.smartadserver.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rumcdn.geoedge.be
s.ad.smaato.net
s.amazon-adsystem.com
script.4dex.io
sdk.truepush.com
sdki.truepush.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-us.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
sync.technoratimedia.com
syndication.twitter.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.4dex.io
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.visiontimes.com
x.bidswitch.net
certify-js.alexametrics.com
sync-tm.everesttech.net
103.231.212.226
104.127.172.242
104.244.42.200
104.76.100.229
108.156.164.236
108.156.180.227
141.226.224.48
142.251.40.98
146.75.36.157
162.19.138.116
162.248.18.37
169.197.150.8
173.194.210.157
173.231.178.115
18.233.122.89
185.167.164.37
192.40.39.223
198.148.27.140
199.187.193.179
199.187.193.181
199.38.167.131
20.127.253.7
2001:4860:4802:34::181
207.198.113.89
209.54.182.161
216.22.16.1
23.54.68.197
2404:6800:4008:c07::5e
2600:1f18:4e9:5a02:c104:fcd:17de:de96
2600:9000:210b:e000:10:43f:4352:ad61
2600:9000:24f7:7400:c:7d55:b3c0:93a1
2600:9000:24f7:c200:7:6b7b:1000:93a1
2600:9000:24fd:ea00:1b:5138:8a40:93a1
2600:9000:2511:b000:4:b37b:9440:93a1
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:2800:220:13d:2176:94a:948:148e
2606:4700:10::6816:3456
2606:4700:20::681a:2e4
2606:4700:20::681a:9a9
2606:4700:20::ac43:48db
2606:4700::6812:272
2606:ae80:1451:17::1400
2607:f8b0:4006:80e::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:81f::200a
2607:f8b0:400c:c01::9d
2607:f8b0:400c:c0a::93
2607:f8b0:400c:c0c::9a
2607:f8b0:400c:c11::84
2607:f8b0:400c:c11::9b
2607:f8b0:400c:c12::84
2607:f8b0:400c:c13::64
2607:f8b0:400c:c13::9b
2607:f8b0:400c:c14::9a
2607:f8b0:400c:c18::61
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:a021:b886:81cc:55cf
2620:1ec:21::14
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:46::159
2a04:4e42::485
2a04:fa87:fffe::c000:4902
3.212.38.37
3.214.100.121
3.215.81.226
3.225.4.30
34.102.163.6
34.111.113.62
34.149.40.38
34.171.234.26
34.193.215.195
34.200.65.202
34.224.47.217
34.96.105.8
35.211.178.172
35.214.153.92
35.241.34.106
35.71.131.137
38.68.201.140
44.208.128.231
44.210.31.106
44.212.188.189
50.31.142.31
51.222.39.185
52.223.22.214
52.4.80.63
54.157.170.29
54.221.166.70
54.236.114.111
54.239.38.253
63.251.86.49
63.251.86.50
68.67.160.137
68.67.160.75
69.90.254.78
74.119.119.139
74.119.119.150
74.121.140.211
8.28.7.81
8.28.7.83
8.28.7.84
8.39.36.142
8.43.72.97
0210bd6ee99e269e85fd4f173d0be67c0fb1aac30d467c581a8842d5fc751ca9
0268cdb70a38d6d5f08308884d07ffc2bdef635c0658d134e1a7d2ba2f1cf5c8
02d3ed522826ea7593c553e235a86b94eb65703d5e7a53ce3b87fc9ae51b7975
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
0553a78140562483e924790d3da300d14f862bc3b619ab3d7d9039eaadcae24c
0669ed123dc3ae2053bc81f1c9e2eaa7097b2a5586b5e011aa2ca78d3e8e4fdd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08ca7520df21a77ad6adfc790f9c1b6d76d91b7133040edf4c2769e2815dda10
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11de1ddbb4162e02aa4affd850e901836d332e087c3aac3604a971dc4d2f2c01
1544e43ec27c6b71ef0760af8c4305e1d3edeee7c03138f2ee539b1a8580ac58
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c641d6ffba288e8c3aa659e344f5078e06bef643a3f70b738a107f5225d9a7
18ca411a5940f1699389ca08fa3a0173cb29d00c3d04726ca532e6519b847e5e
1a609e03ee829de7700174fe87ea28bd52c3d4e38a5dfd55ba975c5b39383b71
1b5d32e056bc3ab72bddd2b3d3a1ae15ee13afae22636867109a660cfea064ad
1d034eebaa59c0d499dcbe8cbe0fba6d96b0d9abf6b0ab07942496965db4392d
1d949d7fbe7bb0064c62827e80cdf1fb7ab581e0f505589fa8e36721fe22c9f5
1e1306d384cb6f515c0d7a3d47ff5037158f59dd6b476c8029a68429bb77063f
20895e64fdd28d1b1259a68c123ab86947a12d0408ffdefb1060b9152b8c01c2
255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
266582ebd78658e727e305cd41e2322d7f609f05d9085d5c07b5155a1ef0db72
29cf64f2803d13b3dd5fa49d8e9fbbd9808168fbf0885fa80379c95b0be4d2f2
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2b92670afda59fa4ccc4a37cf5709f8452696eab3a58f2fc3e17a109e37c2d78
2cc55f87a88132c7ff74f0e7681cee8a8f760be0f62c3e0b55d7ce2b02318b39
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6d92f0118d445dfdde3874d9d440d55baa2f68a4926b68d350d362c4fd787a
2ebe3f2ea3aec31e4502dbd0c26c8c020ec580ac688fb78a0be8e3f9bb3666ce
312ec018c251b3b6a170685ba27664b9a2fcba4c72d6178734e51b9a89844ca7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34787464e140d5204aaa1d5582db39538f3cdb2ff72e17daa2b88bdc739b0d81
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
371dedf7de0db5146a3d67d490d968951d5098b692b72a22364f0886a830b093
37ee14a863ff71490b976ec2dd4891f72aaa350cbae91ea6590fa079a17ca482
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3b1f2f24f9238e5c4e0664908eaa7a2b7c22df3dbb8e5c054cdbd17faee21a05
3b4ee1774ed4fa693e66c07b19a8c8a08ab1a977b5493e64b9a55be5ac6ef84b
3e39b4b63e11dc12a31c99d45e033e2700b248dfcf23ec9663af26b375978276
3e6297a42d20c71ca777f68400b7ebadec574018ca39062469821c99fec9a50f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
444d29444b12bd41e1d0d28ab044606647c03c21a84fd42fd78b430d12023f8f
4517329a1a3efcb408a4d33f16b3b7b56ee8472ed54533efebb2627532c9ecf1
45743643f59f16035654fdd211460a86c9b3572ef7faaa109a8d41350ee624d3
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
466798fae129eb3899a28dc6cd8aaab04bfbad6e4a9f51d598a225041ea64165
466fa9d542d97ff29e7394170a360f14c03bcc1fbf79c0d14bae574dc3f11cab
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49ebf0bdd576265a71f5c6bc6ba67fef24915d414dc8b2597c409cda4bbf2ffa
4a75c6f77d0be8906f6b1845fd5a8bd7611e3f25533c61ff054a35c4a1758e6d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecf24b7db78a8e99bb3c0581cc859f5edc4ef62e682d91e963ff3e9f8763c62
5008c5ece0fc4bfc91cc04ba0209a1c808c27835e6cb2859a336e5ab6f232da7
5100114c81972af7136eb0a8342be9526e84ee64048b648993e3b19ed3fd13a2
513fa8fb5152c6d2ee561f013f5ee5f10fae26f24864f8b0a5e4d09f8f9a5a61
5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723
543c813be0525f2c048c1c3976f9a8291df8adec2b57e6d0e6891c2670909ea1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57e302cbd822a261cda9cf3fa747ef1beb8bf00acda6f79d76f007a2d7b44216
5c68d890e609a033fe79187db62bdf52c097db5830fcf6a32b5da96b1c5afe5f
5daf3ddd0d8644eaaf32623d688bc566f5c0085f28fe8a3b9010fe243fe2343e
5ef253d202cb1593cf874a852df034049e821c1d0c6365d63d22c52d34d7a457
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
62067d30a82c5fa271f263c2bca39a7091afb9fb6ebcd321190e17c489b7529c
6899fddcfe69388ba17a95eb9b4768f3e0d5eee6aebb1c25a786fe28213f496b
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6aa04e96e8956a78e9c23c30c7e45deb74c804705d48cdc67b825695174406a8
6ae19d089b3e0cc99f179f96b84d9f0b881a17a6cd354910a546480b40b068b4
6dc50509c75d563ba18f32e35c8aa2ff630f46492df8dad7c66515fe6eaf34ef
70b3d660cfa369db69d2a34a66590c51ae01c59e1e5e153b8fdb5ba27c33b97f
723589e86355c5e053b1e56ece7a7e6f517de9d67c6d128641f8a1f5dfdc9b16
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
7988b9de461445792d01a5920d592020b5c2bcdbdf1e6449bc3100df4014f373
7d023f18fa0dabb2d29a1926fe8e6e0f794724f4359ceb19869a409a1e7e98a0
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
821e8c616a4a3ed93b1d335bb9e60cc1bd40335c83928965e94e7f60a17812ca
83cea0e6811a07f7a7c0c7988ecce5ae88c7d68add131d570206723737ab607a
88d0d43b3282611a985006450920215805727a36b640118614100896a05d6703
8941f19dc443373147a8e47863cfee85ba13770d855b9de7e8d2eaf1820554ca
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
8c1c37f88b414e3253ba00b858539d6b37d45a42d1997d6c9722a71925824b48
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
924b00ecb2d3b22c84dfd3e73f23d8ccabba0f1810b9bc1828a0b5aa4c9e0310
973d61ffd9b8fc5464a6d8fcf39f4d518e79fa361c231c7476fd84d0c43a3990
97d3a1f785335ca684363a71653825817fb87578e6cc36b885614a5bb469a17d
97eec64c82270abd3007d7422bb5bdadb7e5284d214927ee9f1178a239409918
97eed46fbdba21a0f9d7bae678429a048fe9f4112f890dc9d3486cbb7c87c20e
98a3ab26574717a95d200c12658c4dbbb28109a057cc52f8a100e6da2b645963
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9bd1c04468c18abf9010ddb236bc7303af83acad77b42afe8cec2f469248cdf2
9c4d58aadd59e1cedc90cef210d1f7d5e6b06a8a28c5366b609e790d6a96dab6
9da52faec6701f465e4f9d2e3edc8d69fb0913204dfe96cbd8cf835b4da7bf78
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a502e91ab570efdd432119394b1f764aea253d13c4fbb51475c712904af8f4fc
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5305e00f72123f81c8d7bf9016797c7c161b7d73a28cb4037425c93d5c50214
a95e7d0a3cb18909649c1c1cf3a03b867df399d7a68a95438700d0c250190ea5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170
b55701c2d203968a39407f3ad5cee1130cda7ebb47c4100f24513e0add25c4e1
b60a514edd6504bc0b32248d47c8071f7fa846e134ab2da6dcc9b66f37d1d9c4
b69c1ee662af72e770d4e2fb06732b3a4a7fe69e9ed6f01b6bc9cda4cb077357
b768a60e29472accdc1c52bf54069169b033481a0866608643e369e9c6b5429c
b9781006eadf402f4feba4449c9c94faefdf6c209fd367f1ffbb25e25653ab5c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2803a6c3d48a023daf4db4bf1747ca82522ddbc951350aef12d88f1ba2a96a7
c366f3a0be47d8f92a9000fd3bebadd47200f8a260a04f2a4e6d76c374214c0a
c434dd6ec2695636ee632be0021ace68f74ac6cf12b55a541398c81becdb8d45
c43af58cde25e8d8df0c92e5554bb499a60788f40c136444a0b4d8f617e3b2a6
c48405cd099aeaefe68cbb972e3fd9e46fae50a6f75cffd3b84814e24cc744ad
c600adb1e3d6281621818ba058f98a8fa9ba43bd31a97c2cf98901400ba6f461
cdee63d72ac76a05d78dc43fa57f4d4b83b9df318002159648e7ab936c7e3ad4
d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d1c0a4cad147f203a808aac602d7206b03cd903c025c887f53042f09b87c2f80
d4bf69b34c6038e7fc2852ff4f609937290ecfe6de8db4eadda8b50250cd8c84
d8229f8206a0b49a2dc74820a78380eaf807c3d0f2066a53562d2b650aa21139
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
dcd17d87223e4a3c2032ebf5197703e662d81c36f61f73e13667dacf2931d291
dcfb32778237c4943934f45b8373ddc2dac1ff2bce0758f1206919d6b771935c
dedfa3cefe6af2ded8b1839d92d2f928c6a1c5359bcd247a0ff28b0b14610cb4
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e21e5736e7ba932e78de6ff5300d956c21505f13965d6a083a40c35ae568b81d
e253cf6ef58d361e7561f124f7048dd35f38736495dcc3f3dca368105f500448
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d5684523c3de8ab2ac3bca237d12e4affbb4d4b39a41109d975a489fa12427
e3e83b75cf467cca5fe56d85cf4537e08f346153fea2ef35a62e82bedacf414a
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb84d55d0eff18a727382e14c781549b9157e06de76f7fd0fbd1ba3993ef47d3
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee98ded0bc48e44e38a199fdfed06c41020b513bb16d14e877a5d4fd81096e0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f944b4d78cfac8ea5eb30b3445a8c0d393d46e8b625878d10ab29079c97d9638
fa6978820330032ed14523dbcc082cbb7c621e7061ed75192981cc22324292a2
fbaac91675e4fb73e0e243081c362535d0160dd5713886ecd67d07b563d847f7
fd72bde488a217bf2a5af538455b9eaee01538d383f35b504e0759e8a9461482
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
fe7ed849b743afe9beee14126199ea23ba03538787efa192ea7ff3e0bfb71188