www.inc.com Open in urlscan Pro
151.101.13.54 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Submission Tags: falconsandbox
Submission: On January 15 via api (January 15th 2021, 10:15:51 pm UTC) from US

Summary HTTP 122 Redirects Behaviour Indicators

Summary

This website contacted 57 IPs in 8 countries across 49 domains to perform 122 HTTP transactions. The main IP is 151.101.13.54, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.inc.com.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on August 19th 2020. Valid for: 8 months.

This is the only time www.inc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	151.101.13.54 151.101.13.54	54113 (FASTLY) (FASTLY)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
6	151.101.193.54 151.101.193.54	54113 (FASTLY) (FASTLY)
1 4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	52.217.99.142 52.217.99.142	16509 (AMAZON-02) (AMAZON-02)
3	143.204.215.12 143.204.215.12	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:eb:... 2a02:26f0:eb:3b1::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.113.54 151.101.113.54	54113 (FASTLY) (FASTLY)
2	151.101.114.59 151.101.114.59	54113 (FASTLY) (FASTLY)
3	2a02:26f0:eb:... 2a02:26f0:eb:390::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
5	104.111.247.126 104.111.247.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.111.219.144 104.111.219.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	34.253.102.121 34.253.102.121	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.114.137 151.101.114.137	54113 (FASTLY) (FASTLY)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	2a02:26f0:eb:... 2a02:26f0:eb::214:bdd3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2606:4700::68... 2606:4700::6811:b7b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e0:... 2606:4700:e0::ac40:6704	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:4da5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	34.251.167.52 34.251.167.52	16509 (AMAZON-02) (AMAZON-02)
1	143.204.214.185 143.204.214.185	16509 (AMAZON-02) (AMAZON-02)
2	99.86.5.213 99.86.5.213	16509 (AMAZON-02) (AMAZON-02)
3	34.241.227.67 34.241.227.67	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 4	2600:9000:206... 2600:9000:206f:9000:e:ec66:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.35.255.237 13.35.255.237	16509 (AMAZON-02) (AMAZON-02)
1	52.49.59.93 52.49.59.93	16509 (AMAZON-02) (AMAZON-02)
1 1	34.253.145.149 34.253.145.149	16509 (AMAZON-02) (AMAZON-02)
1 2	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	65.9.58.118 65.9.58.118	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	69.195.148.66 69.195.148.66	19969 (JOESDATAC...) (JOESDATACENTER)
1	54.163.116.114 54.163.116.114	14618 (AMAZON-AES) (AMAZON-AES)
1	35.168.139.27 35.168.139.27	14618 (AMAZON-AES) (AMAZON-AES)
2	15.237.76.117 15.237.76.117	16509 (AMAZON-02) (AMAZON-02)
1	3.213.50.82 3.213.50.82	14618 (AMAZON-AES) (AMAZON-AES)
2	52.73.237.132 52.73.237.132	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:205... 2600:9000:2057:d400:10:ce97:9fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
2 2	54.72.52.19 54.72.52.19	16509 (AMAZON-02) (AMAZON-02)
2 2	52.49.190.28 52.49.190.28	16509 (AMAZON-02) (AMAZON-02)
1	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:170... 2a02:26f0:1700:498::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	3.225.38.72 3.225.38.72	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
122	57

4 151.101.13.54 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.inc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.193.54 (United States)

ASN54113 (FASTLY, US)

assets.fastcompany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
one.mansueto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.217.99.142 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.215.12 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-12.fra53.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:3b1::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.54 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

assets.inc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.59 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.incimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:eb:390::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.247.126 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-126.deploy.static.akamaitechnologies.com

cdn.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.219.144 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.102.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-102-121.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.137 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb::214:bdd3 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6704 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.53.17 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:4da5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.251.167.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-167-52.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.185 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-185.fra53.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.5.213 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-5-213.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.241.227.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-227-67.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206f:9000:e:ec66:e40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.255.237 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-255-237.fra6.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.59.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

mansueto.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.145.149 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-145-149.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.59.101 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)

ac.realvu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.195.148.66 (Kansas City, United States)

ASN19969 (JOESDATACENTER, US)

www.queryly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.163.116.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pixel.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.139.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)

grunerandjahr.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.50.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

srv-2021-01-15-22.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.73.237.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (Sweden)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:d400:10:ce97:9fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.durationmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.207.148 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.52.19 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-52-19.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.190.28 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-190-28.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:498::268b (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:16::1370 (Sweden)

ASN41041 (VCLK-EU-SE, US)

api.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.38.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

be.durationmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET, US)

zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	consensu.org cdn.conversant.mgr.consensu.org api.conversant.mgr.consensu.org	173 KB
7	ml314.com ml314.com in.ml314.com	15 KB
7	skimresources.com 1 redirects s.skimresources.com r.skimresources.com t.skimresources.com p.skimresources.com	16 KB
6	facebook.com www.facebook.com	652 B
6	inc.com www.inc.com assets.inc.com	1 MB
5	keywee.co 1 redirects cdn.keywee.co pixel.keywee.co	35 KB
5	tinypass.com experience.tinypass.com cdn.tinypass.com id.tinypass.com	130 KB
5	mansueto.com one.mansueto.com	82 KB
4	googletagmanager.com www.googletagmanager.com	153 KB
4	doubleclick.net 2 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	100 KB
4	demdex.net dpm.demdex.net mansueto.demdex.net	3 KB
4	lightboxcdn.com www.lightboxcdn.com	142 KB
4	amazonaws.com s3.amazonaws.com	71 KB
3	durationmedia.net tag.durationmedia.net be.durationmedia.net	25 KB
3	google.de www.google.de	703 B
3	google.com 2 redirects www.google.com	1 KB
3	facebook.net connect.facebook.net	162 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com www.google-analytics.com	36 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	adobedtm.com assets.adobedtm.com	108 KB
3	adlightning.com tagan.adlightning.com	62 KB
3	moatads.com z.moatads.com mb.moatads.com px.moatads.com	71 KB
2	qualtrics.com zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com siteintercept.qualtrics.com	17 KB
2	googleadservices.com www.googleadservices.com	14 KB
2	cxense.com cdn.cxense.com	31 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1005 B
2	adsrvr.org 2 redirects match.adsrvr.org	926 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	774 B
2	chartbeat.net ping.chartbeat.net	337 B
2	2o7.net grunerandjahr.112.2o7.net	646 B
2	queryly.com www.queryly.com	10 KB
2	parsely.com cdn.parsely.com srv-2021-01-15-22.pixel.parsely.com	18 KB
2	amazon-adsystem.com c.amazon-adsystem.com	33 KB
2	connatix.com 1 redirects cd.connatix.com cds.connatix.com	253 KB
2	fastclick.net secure.cdn.fastclick.net	19 KB
2	incimages.com www.incimages.com	4 KB
2	typekit.net p.typekit.net use.typekit.net	17 KB
1	googlesyndication.com pagead2.googlesyndication.com	6 KB
1	eyeota.net ps.eyeota.net	344 B
1	dotomi.com proc.ad.cpe.dotomi.com	590 B
1	azurewebsites.net lightboxapi.azurewebsites.net	785 B
1	realvu.net ac.realvu.net	8 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	1 KB
1	npttech.com www.npttech.com	3 KB
1	polyfill.io cdn.polyfill.io	2 KB
1	googletagservices.com www.googletagservices.com	19 KB
1	fastcompany.com assets.fastcompany.com	69 KB
122	49

	Domain	Requested by
6	www.facebook.com	www.inc.com
6	ml314.com	www.inc.com ml314.com
5	one.mansueto.com	assets.inc.com
5	cdn.conversant.mgr.consensu.org	www.inc.com secure.cdn.fastclick.net cdn.conversant.mgr.consensu.org
4	www.googletagmanager.com	tagan.adlightning.com www.googletagmanager.com
4	cdn.keywee.co	1 redirects www.inc.com cdn.keywee.co
4	www.lightboxcdn.com	www.inc.com www.lightboxcdn.com
4	s3.amazonaws.com	www.inc.com
4	www.inc.com	assets.inc.com
3	api.conversant.mgr.consensu.org	cdn.conversant.mgr.consensu.org
3	www.google.de	www.inc.com
3	www.google.com	2 redirects www.inc.com
3	connect.facebook.net	assets.adobedtm.com connect.facebook.net
3	dpm.demdex.net	assets.adobedtm.com www.inc.com
3	sb.scorecardresearch.com	1 redirects www.inc.com
3	assets.adobedtm.com	www.inc.com assets.adobedtm.com
3	tagan.adlightning.com	www.inc.com tagan.adlightning.com
2	googleads.g.doubleclick.net	1 redirects tagan.adlightning.com
2	be.durationmedia.net	tag.durationmedia.net
2	www.googleadservices.com	www.googletagmanager.com tagan.adlightning.com
2	id.tinypass.com	cdn.tinypass.com
2	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
2	sync.crwdcntrl.net	2 redirects
2	match.adsrvr.org	2 redirects
2	idsync.rlcdn.com	2 redirects
2	ping.chartbeat.net	www.inc.com
2	grunerandjahr.112.2o7.net	assets.adobedtm.com
2	www.queryly.com	assets.inc.com www.inc.com
2	p.skimresources.com	www.inc.com
2	t.skimresources.com	www.inc.com s.skimresources.com
2	r.skimresources.com	1 redirects www.inc.com
2	c.amazon-adsystem.com	s3.amazonaws.com c.amazon-adsystem.com
2	ssl.google-analytics.com	1 redirects www.inc.com
2	experience.tinypass.com	www.inc.com cdn.tinypass.com
2	secure.cdn.fastclick.net	www.inc.com secure.cdn.fastclick.net
2	www.incimages.com	www.inc.com
2	assets.inc.com	www.inc.com
1	siteintercept.qualtrics.com	zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com
1	zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com	tagan.adlightning.com
1	www.google-analytics.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	ps.eyeota.net	www.inc.com
1	tag.durationmedia.net	assets.adobedtm.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	srv-2021-01-15-22.pixel.parsely.com	www.inc.com
1	cdn.tinypass.com	experience.tinypass.com
1	in.ml314.com	ml314.com
1	pixel.keywee.co	www.inc.com
1	securepubads.g.doubleclick.net	tagan.adlightning.com
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	ac.realvu.net	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	mansueto.demdex.net	assets.adobedtm.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	stats.g.doubleclick.net	1 redirects
1	static.ads-twitter.com	assets.adobedtm.com
1	d1z2jf7jlzjs58.cloudfront.net	www.inc.com
1	www.npttech.com	www.inc.com
1	use.typekit.net	assets.inc.com
1	cds.connatix.com	www.inc.com
1	cd.connatix.com	1 redirects
1	px.moatads.com	www.inc.com
1	mb.moatads.com	z.moatads.com
1	s.skimresources.com	www.inc.com
1	cdn.polyfill.io	www.inc.com
1	p.typekit.net	www.inc.com
1	www.googletagservices.com	www.inc.com
1	assets.fastcompany.com	www.inc.com
1	z.moatads.com	www.inc.com
122	69

This site contains no links.

Subject Issuer	Validity	Valid
mansueto.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-19` - `2021-04-23`	8 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.adlightning.com Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
www.incimages.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-04` - `2022-02-12`	2 years	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
cdn.conversant.mgr.consensu.org Let's Encrypt Authority X3	`2020-11-09` - `2021-02-07`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2020-01-10` - `2021-04-10`	a year	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2020-09-10` - `2021-10-12`	a year	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
ssl516460.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-10-27` - `2021-05-05`	6 months	crt.sh
*.ml314.com Amazon	`2020-02-17` - `2021-03-17`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.keywee.co Amazon	`2020-06-01` - `2021-07-01`	a year	crt.sh
*.parsely.com Amazon	`2020-08-02` - `2021-09-02`	a year	crt.sh
ac.realvu.net Amazon	`2020-03-27` - `2021-04-27`	a year	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 01	`2020-09-28` - `2021-09-28`	a year	crt.sh
www.queryly.com Go Daddy Secure Certificate Authority - G2	`2020-04-19` - `2022-06-02`	2 years	crt.sh
*.112.2o7.net DigiCert SHA2 High Assurance Server CA	`2019-04-23` - `2021-04-27`	2 years	crt.sh
*.pixel.parsely.com Let's Encrypt Authority X3	`2020-11-27` - `2021-02-25`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2020-03-30` - `2022-06-25`	2 years	crt.sh
*.durationmedia.net Amazon	`2020-09-07` - `2021-10-07`	a year	crt.sh
*.eyeota.net R3	`2020-12-29` - `2021-03-29`	3 months	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2020-03-11` - `2021-06-10`	a year	crt.sh
*.conversant.mgr.consensu.org GlobalSign RSA OV SSL CA 2018	`2020-03-31` - `2022-06-06`	2 years	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-26`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Frame ID: D1933C446C43FDD518989BB0A0F30A74
Requests: 117 HTTP requests in this frame

Frame: https://cds.connatix.com/p/92215/connatix.playspace.dc.js
Frame ID: 1420A95777DF0D849DCA11660B059D85
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/55ecb6d7-3a26-4842-a19b-853a7835fd15/lightbox.js?mb=1610748901288&lv=1
Frame ID: 7EC9904619EC1A7F47593EFD7367F962
Requests: 2 HTTP requests in this frame

Frame: https://mansueto.demdex.net/dest5.html?d_nsid=0
Frame ID: 4BE6C8AE062931C1B324A04FCBE3C543
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.8801883494302525
Frame ID: 068797BA43DA6A43806733217B7E850B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

122
Requests

100 %
HTTPS

35 %
IPv6

49
Domains

69
Subdomains

57
IPs

8
Countries

2955 kB
Transfer

10690 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/92215/connatix.playspace.dc.js

Request Chain 35

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1755852784&utmhn=www.inc.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Login%20%7C%20Inc.com&utmhid=55892339&utmr=-&utmp=%2Flogout%3Fret%3Dhttp%25253A%25252F%25252Fklukvaint.obrazovanie46.ru%25252Fbur%25252F&utmht=1610748901379&utmac=UA-98096820-1&utmcc=__utma%3D247916127.1803083262.1610748901.1610748901.1610748901.1%3B%2B__utmz%3D247916127.1610748901.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=329178093&utmredir=1&utmu=qgAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-98096820-1&cid=1803083262.1610748901&jid=329178093&_v=5.7.2&z=1755852784 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-98096820-1&cid=1803083262.1610748901&jid=329178093&_v=5.7.2&z=1755852784 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-98096820-1&cid=1803083262.1610748901&jid=329178093&_v=5.7.2&z=1755852784&slf_rd=1&random=2586923691

Request Chain 36

https://cdn.keywee.co/dist/analytics.min.js HTTP 301
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

Request Chain 37

https://sb.scorecardresearch.com/b?c1=2&c2=6916907&ns__t=1610748901385&ns_c=UTF-8&cv=3.5&c8=Login%20%7C%20Inc.com&c7=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6916907&ns__t=1610748901385&ns_c=UTF-8&cv=3.5&c8=Login%20%7C%20Inc.com&c7=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&c9=&cs_ak_ss=1

Request Chain 46

https://cm.everesttech.net/cm/dd?d_uuid=20610313951091270323436209458189985455 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YAIT5QAAABlKTRz6

Request Chain 56

https://r.skimresources.com/api/ HTTP 307
https://r.skimresources.com/api/?xguid=01EW41VEH4Q80B3XXMH55BX5GF&persistence=1&checksum=99286c679923c456c4219c2b2914cb078ead6e53cc15e18077b95088eb861376

Request Chain 88

https://idsync.rlcdn.com/395886.gif?partner_uid=3615981956513136642 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxNTk4MTk1NjUxMzEzNjY0MhAAGg0I5qeIgAYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=7e9d53ba0375775ca9ccf817815908cddb3df7f9c5a9fbc6d971576ab4e29f79f4cb09cee1a4f8eb&person_id=3615981956513136642&eid=50082

Request Chain 89

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=11418b3d-7d1e-4659-95ef-e110fa284fe8

Request Chain 90

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3615981956513136642 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3615981956513136642 HTTP 302
https://ml314.com/csync.ashx?fp=afba6071ea25ec73d2c0383270a27b09&eid=50146&person_id=3615981956513136642

Request Chain 105

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972240864/?random=106791827&cv=9&fst=1610748902413&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&ig=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&tiba=Login%20%7C%20Inc.com&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=5hMCYM6EG4qSrASWxJjQAw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/972240864/?random=106791827&cv=9&fst=1610748902413&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&ig=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&tiba=Login%20%7C%20Inc.com&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=5hMCYM6EG4qSrASWxJjQAw&cid=CAQSKQCNIrLMtIM9qGf-3R8LAxUggSjtzuVLK7xMZVAd_JES4B56QyLiLhqH&random=3097641232&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/972240864/?random=106791827&cv=9&fst=1610748902413&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&ig=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&tiba=Login%20%7C%20Inc.com&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=5hMCYM6EG4qSrASWxJjQAw&cid=CAQSKQCNIrLMtIM9qGf-3R8LAxUggSjtzuVLK7xMZVAd_JES4B56QyLiLhqH&random=3097641232&resp=GooglemKTybQhCsO&ipr=y

122 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request logout Show response
www.inc.com/ 21 KB
7 KB 506ms
461ms Document
text/html 151.101.13.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.54 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4e772b81a8ad3cc8f394d8c9adef4e6ffe30693244e80ce1d2144ac871a6b7bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.inc.com
:scheme: https
:path: /logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
etag: W/"52e8-AvG6gbOE5IxehAEyYaUhO/oB1Qk"
content-encoding: gzip
x-by: 05d644beebe5ec4a1:build-com
accept-ranges: bytes
date: Fri, 15 Jan 2021 22:15:00 GMT
via: 1.1 varnish
x-served-by: cache-fra19164-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1610748900.342813,VS0,VE440
geoip-city: Amsterdam
geoip-countryname: Netherlands
geoip-latitude: 52.311
geoip-postalcode: 1101
set-cookie: fastlygeo=Amsterdam:Netherlands:1101:185.212.171.67; expires=Fri, 15 Jan 2021 22:15:10 GMT; path=/; X-abtest=a; path=/; domain=inc.com
vary: Accept-Encoding
last-modified: Fri, 15 Jan 2021 22:15:00 GMT

GET
H2 200 yi.js Show response
z.moatads.com/mansuetoprebidheader15141606144/ 196 KB
69 KB 69ms
25ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mansuetoprebidheader15141606144/yi.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6b53b0803e3f406d68624144a6df2e11afecf25db89178b0f94b16a7f1675166

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:00 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 22:07:03 GMT
server: AmazonS3
x-amz-request-id: 35DB45A15BB2B79D
etag: "3b892a58567a376d62f0c74596da2e2f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=14024
accept-ranges: bytes
content-length: 70546
x-amz-id-2: vn6FNvGdXdzZFfrGW+TyMpCjodgO87qw9+vU/Y2UMj+tSacqT8eaLT0k+DYAijdSnmSEjZi0viw=

GET
H2 200 prebid_3.6.js Show response
assets.fastcompany.com/assets/js/vendor/prebid/ 218 KB
69 KB 62ms
18ms Script
application/javascript 151.101.193.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.fastcompany.com/assets/js/vendor/prebid/prebid_3.6.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 370e8e3735b01fd02fbe8e23bcd5d1904a4d640a53ab9d98f056ce2a482fee7d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:00 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 010a88b6d5581241a:s3-redirect
x-cache-hits: 1, 2
content-length: 69927
x-served-by: cache-bwi5148-BWI, cache-ams21057-AMS
last-modified: Wed, 05 Feb 2020 21:29:56 GMT
server: nginx
x-timer: S1610748901.849539,VS0,VE0
etag: W/"ade282153d100ea8ff87a60188b44c50"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000
accept-ranges: bytes
expires: Sun, 01 Dec 2030 07:17:36 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 54 KB
19 KB 60ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd175c2a42681d098607b1ac4d8803ff784679be35f25b6a1d87d05fa7f0a2ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "756 / 520 of 1000 / last-modified: 1610712614"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18756
x-xss-protection: 0
expires: Fri, 15 Jan 2021 22:15:00 GMT

GET
H/1.1 200
OK mansueto_tam.js Show response
s3.amazonaws.com/assets.fastcompany.com/assets/js/vendor/prebid/ 534 B
955 B 451ms
153ms Script
application/javascript 52.217.99.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.fastcompany.com/assets/js/vendor/prebid/mansueto_tam.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.99.142 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f5fa155d6255d27071255802f89607b32018e797ee5a10c579b8654a11c36a2c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:15:02 GMT
Last-Modified: Mon, 24 Feb 2020 18:33:16 GMT
Server: AmazonS3
x-amz-request-id: EF694C168256AA7A
ETag: "a08ae130d1a76e8205ee939debc9a4e2"
Content-Type: application/javascript
x-amz-version-id: ftpDjBw1Tb2iI6ZzpwES1OfAUJnhtjXq
Accept-Ranges: bytes
Content-Length: 534
x-amz-id-2: esbtvwWIt1oFb7g4QViI6T/r7xkF8p6y0F6AU+82d47Lxhm/fF2nlqNjaZGHVec/Kk5LU9jf7xM=

GET
H2 200 op.js Show response
tagan.adlightning.com/mansueto/ 37 KB
14 KB 154ms
85ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/mansueto/op.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-12.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f4a7f4884577bd3a93526ced14696957e357f181278dafe9c766c7d1ab1fc0c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:09:51 GMT
content-encoding: gzip
age: 311
x-cache: Hit from cloudfront
content-length: 13429
x-amz-meta-git_commit: 9a4f7ce
last-modified: Fri, 15 Jan 2021 22:09:48 GMT
server: AmazonS3
etag: "2599b21574d51230a12825ee6e241fae"
x-amz-version-id: UZVfKQB0l._isKd17UqCZK1u7TjvHQwH
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: mgaZYFr_GFImqldXIwAhiZb3sespi_vZDKMlL4EO6nsQaYWUBaClQg==

GET
H/1.1 200
OK inc_keywee.js Show response
s3.amazonaws.com/assets.fastcompany.com/assets/js/vendor/keywee/ 295 B
716 B 112ms
111ms Script
application/javascript 52.217.99.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.fastcompany.com/assets/js/vendor/keywee/inc_keywee.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.99.142 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9517437331f4bce7dd1cb91d0bf4083bab59a49b424e751e82561db8f367c404

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:15:02 GMT
Last-Modified: Thu, 17 Dec 2020 17:01:24 GMT
Server: AmazonS3
x-amz-request-id: 0B18131603DE39E6
ETag: "cd6e26ffa8442c205f040224e099c402"
Content-Type: application/javascript
x-amz-version-id: P3QcmCr3Yc6nq0Au7VRN6W.v5B7ZAel6
Accept-Ranges: bytes
Content-Length: 295
x-amz-id-2: tsMiZRuElYkq+c4UQRgyco6ao2fsBuapda/nr47mzUhM1qrMNCww17Dv6e2A0WNzXB8K+5W/BtM=

GET
H/1.1 200
OK connatix_inc.js Show response
s3.amazonaws.com/assets.fastcompany.com/assets/js/vendor/connatix/ 370 B
791 B 443ms
129ms Script
application/javascript 52.217.99.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.fastcompany.com/assets/js/vendor/connatix/connatix_inc.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.99.142 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2dc76e4fe5928089997a62ff369e65385bdd723fed60cb3e2cf9e75147355359

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:15:02 GMT
Last-Modified: Mon, 14 Dec 2020 19:08:21 GMT
Server: AmazonS3
x-amz-request-id: 653A4995E21A96B4
ETag: "bc07dbc0fb13f2cd655ae1b22e76f2ab"
Content-Type: application/javascript
x-amz-version-id: DGFZFYOipejoBiu_z4zGMqv8Xbl3.9QF
Accept-Ranges: bytes
Content-Length: 370
x-amz-id-2: NuiZu+NImdbrnBOJSsgmawh1yfMlnzcAwW9XYYtmnewDpE2PdP1VAOcDAfsA84CwU4DiwySyjsg=

GET
H2 200 p.css
p.typekit.net/ 5 B
149 B 19ms
7ms Stylesheet
text/css 2a02:26f0:eb:3b1::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ixv6uvw&ht=tk&f=17023.24384.24385.24386.24387.39877&a=19253036&app=typekit&e=css
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3b1::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:00 GMT
last-modified: Wed, 02 Sep 2020 04:03:39 GMT
server: nginx
etag: "5f4f199b-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5

GET
H2 200 app.bd66da7fba78a435d1a2148099950a8a.css
assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/ 338 KB
46 KB 162ms
107ms Stylesheet
text/css 151.101.113.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.bd66da7fba78a435d1a2148099950a8a.css
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.54 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b0236966117fd76b61e81ec439b64aa726f70b98b2ac2cd71b6f6e90cd1c381

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:00 GMT
content-encoding: gzip
geoip-postalcode: 1101
age: 17106
x-cache: HIT, MISS
x-by: 0932149ecf23da196:inc-assets:ansible
geoip-latitude: 52.311
content-length: 46250
x-amz-id-2: tNjqGIKgosujDzIdwN97mJ+tc9QbP2HCNSFvgtQ2FBJnsA54yh759AorS+BAx4xNkb+B10BrpjE=
x-served-by: cache-bwi5150-BWI, cache-hhn4045-HHN
last-modified: Fri, 15 Jan 2021 15:27:56 GMT
server: nginx
cache-control: max-age=315360000
x-timer: S1610748901.863650,VS0,VE86
etag: "9bc62e6beaec5492a39fc8dd899d509c"
vary: Accept-Encoding
x-amz-request-id: FWFY4S9Z0PDT9SAP
via: 1.1 varnish, 1.1 varnish
expires: Mon, 13 Jan 2031 17:29:55 GMT
geoip-countryname: Netherlands
accept-ranges: bytes
content-type: text/css
geoip-city: Amsterdam
x-cache-hits: 4017, 0

GET
H2 200 inc-logo-black.png
www.incimages.com/ 3 KB
3 KB 87ms
22ms Image
image/png 151.101.114.59
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.incimages.com/inc-logo-black.png

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.59 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

2a8ac8fc91d686353ef48b2fe4ffea742f32e664e786810c4d5f59feef9e9aa9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.incimages.com http://www.inc.com https://www.inc.com http://www.stumbleupon.com https://www.google.com https://cdn.ampproject.org

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://www.incimages.com http://www.inc.com https://www.inc.com http://www.stumbleupon.com https://www.google.com https://cdn.ampproject.org
content-encoding: gzip
etag: "34428e9-bdb-56868f15cf31c"
x-cacheable: YES
age: 683178
x-cache: HIT
x-cache-hits: 2
content-length: 2926
x-served-by: cache-hhn4039-HHN
last-modified: Tue, 27 Mar 2018 18:20:18 GMT
server: Apache/2.2.15 (CentOS)
x-timer: S1610748901.330222,VS0,VE0
date: Fri, 15 Jan 2021 22:15:01 GMT
vary: Accept-Encoding
content-type: image/png
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=15552000
accept-ranges: bytes
expires: Wed, 07 Jul 2021 00:28:43 GMT

GET
H2 200 launch-ENf6f754d17779412f8d246f49c783f295.min.js Show response
assets.adobedtm.com/ 476 KB
94 KB 26ms
7ms Script
application/x-javascript 2a02:26f0:eb:390::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENf6f754d17779412f8d246f49c783f295.min.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:390::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a3556d5f8e76ec0814c42cd888745353e9ccd932137b842c45840861c8c3c43f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 15:54:42 GMT
server: AkamaiNetStorage
etag: "df8ddb05f42c297c775d3fe434bd34b8:1610034882.709688"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 96178
expires: Fri, 15 Jan 2021 23:15:01 GMT

GET
H2 200 app.e1e52578e9d9e7d1112e.js
assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/ 4 MB
960 KB 111ms
111ms Script
application/javascript 151.101.113.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.e1e52578e9d9e7d1112e.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.54 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
content-encoding: gzip
geoip-postalcode: 1101
age: 16357
x-cache: HIT, MISS
x-by: 0cc7f40058837425d:inc-assets:ansible
geoip-latitude: 52.311
content-length: 981688
x-amz-id-2: n9M3AAPF1/d2zfuABpfaj0EkyAHjcpqQkxyqjmQGxjimoSwSfEzFPp4GF41v9XYY0yeNM2blhQo=
x-served-by: cache-bwi5145-BWI, cache-hhn4045-HHN
last-modified: Fri, 15 Jan 2021 17:38:06 GMT
server: nginx
cache-control: max-age=315360000
x-timer: S1610748901.252796,VS0,VE90
etag: "38a5bd289f53668c5e41f007f6fe249a"
vary: Accept-Encoding
x-amz-request-id: AC2311B398A345CE
via: 1.1 varnish, 1.1 varnish
expires: Mon, 13 Jan 2031 17:42:24 GMT
geoip-countryname: Netherlands
accept-ranges: bytes
content-type: application/javascript
geoip-city: Amsterdam
x-cache-hits: 4003, 0

GET
H2 200 polyfill.js Show response
cdn.polyfill.io/v2/ 6 KB
2 KB 9ms
6ms Script
text/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js?features=es6

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

85f410b417afe9d4669ad814a4f03e662f4ab6168144694faedf7f332275307f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 17937
detected-user-agent: Chrome Mobile/83.0.4103
server-timing: MISS-CLUSTER, fastly;desc="Edge time";dur=15578, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 1384
referrer-policy: origin-when-cross-origin
last-modified: Fri, 15 Jan 2021 13:50:28 GMT
date: Fri, 15 Jan 2021 22:15:01 GMT
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gdpr-cmp-stub.js Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/ 1 KB
995 B 88ms
24ms Script
application/javascript 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/gdpr-cmp-stub.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8334e5eb7851550868428f192dd7d9f10d7b513381d8bb3f5606774bc78c3976

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP DEVo TAIo COR PSA OUR IND NAV"
content-length: 667
last-modified: Mon, 07 Dec 2020 18:40:53 GMT
server: Apache
etag: "48a-5b5e42a78580d"
access-control-max-age: 3600
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 10 KB
4 KB 73ms
22ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
content-encoding: gzip
last-modified: Wed, 29 Jul 2020 17:01:32 GMT
server: Apache
etag: "2988-5ab9781f71d34-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 3813
expires: Fri, 15 Jan 2021 22:30:01 GMT

GET
H2 200 122276X1582760.skimlinks.js Show response
s.skimresources.com/js/ 36 KB
14 KB 71ms
21ms Script
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/122276X1582760.skimlinks.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b0bc9db1ee6d17f92fd9f0f3a536f3b62a01a1fff913fa1555f08d40c978802

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
content-encoding: gzip
last-modified: Mon, 19 Oct 2020 13:56:47 GMT
server: AmazonS3
x-amz-request-id: D4E005EB68816CFA
etag: "97cb8cea46588704e8548c17228174eb"
x-hw: 1610748901.cds006.lo4.hn,1610748901.cds229.lo4.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13867
x-amz-id-2: BpsxW3iC//bk3GhomrxM5PtrFzppCCHeVduz6gCmY/YIfMDf6hblJ/leax1QNEi1tOmelEAscs8=

GET
H2 200 yi.js
mb.moatads.com/ 1 KB
1 KB 1001ms
923ms Script
text/html 34.253.102.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi.js?ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&confidence=2&pcode=mansuetoprebidheader15141606144&callback=MoatNadoAllJsonpRequest_37360015
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/mansuetoprebidheader15141606144/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.102.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-102-121.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "fcc47e53882b7760088df4e489b31cdaef824d4c"
content-length: 1192
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 34ms
33ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1610748900908&de=681115461058&d=MANSUETODFPCW_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=b2249ce-clean&iw=d42bd62&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=inc.com&bd=inc.com%2Flogout&ac=1&bq=11&f=0&na=324458044&cs=0
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:15:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 15 Jan 2021 22:15:01 GMT

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/92215/ Frame 1420
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/92215/connatix.playspace.dc.js

1 MB
253 KB

55ms
15ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/92215/connatix.playspace.dc.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 40026522ccc3a54d113eccee6a55ab2071d15e0da3a91d68622a1683dfd0f58a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: HgUDODLTM4ZolqpftoN.PxbJoQH9ESlo
via: 1.1 varnish, 1.1 varnish
etag: "3971c0674f571c7ed6a759b60a786c8f"
age: 27353
x-cache: HIT, HIT
x-amz-replication-status: FAILED
content-encoding: gzip
content-length: 258775
x-served-by: cache-dca17722-DCA, cache-ams21049-AMS
last-modified: Fri, 15 Jan 2021 14:30:06 GMT
x-timer: S1610748901.390387,VS0,VE0
date: Fri, 15 Jan 2021 22:15:01 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 2, 3807

Redirect headers

date: Fri, 15 Jan 2021 22:15:01 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-served-by: cache-hhn4025-HHN
x-cache: HIT
location: https://cds.connatix.com/p/92215/connatix.playspace.dc.js
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
x-timer: S1610748901.304565,VS0,VE0
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 roboto-v20-latin-500.woff2
one.mansueto.com/assets/fonts/roboto/ 16 KB
16 KB 354ms
311ms Font
application/octet-stream 151.101.193.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://one.mansueto.com/assets/fonts/roboto/roboto-v20-latin-500.woff2
Requested by: Host: assets.inc.com
URL: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.bd66da7fba78a435d1a2148099950a8a.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.14 /
Resource Hash

Request headers

Origin: https://www.inc.com
Referer: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.bd66da7fba78a435d1a2148099950a8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
via: 1.1 varnish
last-modified: Thu, 11 Jun 2020 17:15:03 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.14
x-timer: S1610748901.312218,VS0,VE296
etag: "3e00-5a7d219eafb72"
x-served-by: cache-ams21040-AMS
vary: Cookie
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 15872
x-cache-hits: 0

GET
H2 200 l
use.typekit.net/af/1783fb/00000000000000003b9b2841/27/ 17 KB
17 KB 18ms
6ms Font
application/font-woff2 2a02:26f0:eb::214:bdd3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1783fb/00000000000000003b9b2841/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: assets.inc.com
URL: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.bd66da7fba78a435d1a2148099950a8a.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb::214:bdd3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5e00ff250c3893cc059009a099e84b493528bf6ee7bfa5f48d7564d81bad6da4

Request headers

Origin: https://www.inc.com
Referer: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.bd66da7fba78a435d1a2148099950a8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
server: nginx
etag: "852a0cdd30b9d77bba17128a94987230c3c9c3d2"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 17452

GET
H2 200 load
experience.tinypass.com//xbuilder/experience/ 6 KB
2 KB 222ms
199ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com//xbuilder/experience/load?aid=AezVxbkgJt&ccb=b1a

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 07a9b6cfbd0000c2a9a1b3c000000001
x-request-id: C1txzmqsK7X
wn: prod-exp-10-0-119-22
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800, s-maxage=1800
cf-ray: 6122f3f92b38c2a9-FRA
expires: Fri, 15 Jan 2021 22:45:01 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 81ms
61ms Script
application/javascript 2606:4700:e0::ac40:6704
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6704 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6222
content-type: application/javascript
x-amz-request-id: A27C212E2231D899
x-amz-id-2: 1cd2S2WOvb8G1v6HhOOni90/eIlZtIGi7dwRoYQbHPFhDHUXZRY7neebruxV0Y4+WgfDzXsJLfY=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FJUHUSXfSEppz46HU3G8VBqJX9QkX3cSk%2B6ysnevMuMwbIHsDJX3fVyi4FTZkIiT4HBghlsHqF56%2FM45vbBZ9nHDSRkwkWmDe7OziZ5k3vRTga4WKCAoXb9wsoM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cache-control: max-age=28800
cf-request-id: 07a9b6cfd400002ba1d417d000000001
cf-ray: 6122f3f94fbb2ba1-FRA

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 69ms
23ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:15:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sat, 16 Jan 2021 22:15:01 GMT

GET
H/1.1 200
OK chartbeat_video.js
s3.amazonaws.com/static.chartbeat.com/js/ 69 KB
69 KB 122ms
122ms Script
binary/octet-stream 52.217.99.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.99.142 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:15:02 GMT
Last-Modified: Wed, 14 Oct 2020 02:31:48 GMT
Server: AmazonS3
x-amz-request-id: 15D34A59DE4C2AD5
ETag: "c887ff316bb444ebce177eaefd6c205b"
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 70380
x-amz-id-2: TKflTrPulw0erhfdjj0AWLD5Ud08iflTJF83O9ktVHiDkVMvGA0M6yGJkiOW/Cx8nbYKaujThkc=

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6991
date: Fri, 15 Jan 2021 20:18:30 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 15 Jan 2021 22:18:30 GMT

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/55ecb6d7-3a26-4842-a19b-853a7835fd15/ Frame 7EC9 326 B
591 B 46ms
28ms Script
application/javascript 2606:4700::6810:4da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/55ecb6d7-3a26-4842-a19b-853a7835fd15/lightbox.js?mb=1610748901288&lv=1
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: efaa8d7751913fa5bb57d78e2bf70b533f0b2cb798da7949da81edcc8c3b388c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 3029
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6122f3f98e3fd729-FRA
cf-request-id: 07a9b6cff20000d72923245000000001

GET
H/1.1 200
OK tag.aspx
ml314.com/ 26 KB
12 KB 129ms
34ms Script
application/javascript 34.251.167.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1502021
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-167-52.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:15:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Jan 2021 07:31:05 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=33363
Connection: keep-alive
Content-Length: 11933
Expires: Sat, 16 Jan 2021 07:31:05 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 88ms
32ms Script
application/x-javascript 143.204.214.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.185 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-185.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 02:33:52 GMT
Via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
Age: 70831
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/x-javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: Qpl75R2WgG-XCcyJzAMQ9ftegsWImlJE4l-wuaOBQvXKIynjl0J9IA==
Expires: Sat, 16 Jan 2021 02:33:52 GMT

GET
H2 200 apstag.js
c.amazon-adsystem.com/aax2/ 116 KB
30 KB 85ms
39ms Script
application/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/assets.fastcompany.com/assets/js/vendor/prebid/mansueto_tam.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: Server /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: _tJcEejvI3lMG1vG763SOdL7bPxWjlBE
content-encoding: gzip
server: Server
age: 310
etag: 089c185b065ebe3e9c21625b16dea242
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Fri, 15 Jan 2021 22:09:51 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: we7n1QWa7bHRRIPmXLJtnvDAFMfqHeiifnPU3qc33u_t9heQ-OD5yA==

GET
H/1.1 200
OK id
dpm.demdex.net/ 367 B
1 KB 142ms
36ms XHR
application/json 34.241.227.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=283B366E5AFAA4490A495E0C%40AdobeOrg&d_nsid=0&ts=1610748901331

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf6f754d17779412f8d246f49c783f295.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.227.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-227-67.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v087-084203be0.edge-irl1.demdex.com 5.80.4.20201224153022 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: Noh90NDxTTk=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.inc.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 304
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:eb:390::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf6f754d17779412f8d246f49c783f295.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:390::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Fri, 15 Jan 2021 23:15:01 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:eb:390::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf6f754d17779412f8d246f49c783f295.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:390::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Fri, 15 Jan 2021 23:15:01 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
23 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf6f754d17779412f8d246f49c783f295.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23366
x-fb-rlafr: 0
pragma: public
x-fb-debug: cRMyVILheSG5cxAspiUuTNxcFN3A6Qpft2mK3kvoz9I7Nh4qt+RKVeezwD2jZ4aF36bwfH0S4sQrHJcw8MUwqg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 15 Jan 2021 22:15:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js
static.ads-twitter.com/ 5 KB
2 KB 79ms
27ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf6f754d17779412f8d246f49c783f295.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 76077
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1610748901.447848,VS0,VE0
x-served-by: cache-fra19143-FRA

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1755852784&utmhn=www.inc.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Login%20...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-98096820-1&cid=1803083262.1610748901&jid=329178093&_v=5.7.2&z=1755852784
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-98096820-1&cid=1803083262.1610748901&jid=329178093&_v=5.7.2&z=1755852784
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-98096820-1&cid=1803083262.1610748901&jid=329178093&_v=5.7.2&z=1755852784&slf_rd=1&random=2586923691

42 B
107 B

17ms
17ms

Image
image/gif

2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-98096820-1&cid=1803083262.1610748901&jid=329178093&_v=5.7.2&z=1755852784&slf_rd=1&random=2586923691

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:15:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:15:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-98096820-1&cid=1803083262.1610748901&jid=329178093&_v=5.7.2&z=1755852784&slf_rd=1&random=2586923691
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

analytics-1.5.12.min.js Show response
cdn.keywee.co/dist/
Redirect Chain

https://cdn.keywee.co/dist/analytics.min.js
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

22 KB
8 KB

8ms
8ms

Script
application/javascript

2600:9000:206f:9000:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9000:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 11:05:40 GMT
content-encoding: gzip
last-modified: Mon, 28 Dec 2020 09:55:56 GMT
server: AmazonS3
age: 126562
etag: W/"13a05c433850fad0455e2ee1a1707eb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
cache-control: max-age=259200,public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: CU7wWAoDdL7nUDbHVp8oeqlikvBkyE4UNdIH4YJovN0r8zSsDgDZRw==

Redirect headers

date: Fri, 15 Jan 2021 22:14:36 GMT
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
server: AmazonS3
age: 26
x-cache: Hit from cloudfront
location: /dist/analytics-1.5.12.min.js
x-amz-cf-pop: FRA56-C1
content-length: 0
x-amz-cf-id: 6sSS5eDDvo1dpqY291lP0PfbtH6nUanUFnpe3XqTalXPT5sKnm4M_A==

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6916907&ns__t=1610748901385&ns_c=UTF-8&cv=3.5&c8=Login%20%7C%20Inc.com&c7=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazova...
https://sb.scorecardresearch.com/b2?c1=2&c2=6916907&ns__t=1610748901385&ns_c=UTF-8&cv=3.5&c8=Login%20%7C%20Inc.com&c7=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazov...

0
528 B

25ms
23ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6916907&ns__t=1610748901385&ns_c=UTF-8&cv=3.5&c8=Login%20%7C%20Inc.com&c7=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&c9=&cs_ak_ss=1
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 22:15:01 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6916907&ns__t=1610748901385&ns_c=UTF-8&cv=3.5&c8=Login%20%7C%20Inc.com&c7=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Fri, 15 Jan 2021 22:15:01 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 908965139191815 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 10ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/908965139191815?v=2.9.32&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a5f5e7161217a6a3290b3a429fd0f8e6528f4683accebd3849b938ac02418f39

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70783
x-fb-rlafr: 0
pragma: public
x-fb-debug: IpKmOVegUntsxzmHgBzuE1imI7ObezoMyFNlH5JrRnA1UDRqMEPApM96oAqdchAg+iy5yEpB2/kUADOTmrmXlg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 15 Jan 2021 22:15:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1233477382
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/55ecb6d7-3a26-4842-a19b-853a7835fd15/ Frame 7EC9 787 KB
140 KB 37ms
36ms Script
application/javascript 2606:4700::6810:4da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/55ecb6d7-3a26-4842-a19b-853a7835fd15/user.js?cb=637454671964650853
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/55ecb6d7-3a26-4842-a19b-853a7835fd15/lightbox.js?mb=1610748901288&lv=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faa4ba7e1e2fcddd6c0b5ad1e56eb1520988c5fe15c51e646326cb50b6699daa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Jan 2021 22:15:01 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: mnlupUlZrMlgH99dNHinSQ==
age: 273700
cf-polished: origSize=1300197
last-modified: Tue, 05 Jan 2021 18:13:16 GMT
cf-request-id: 07a9b6d0160000d729f8227000000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 14763015-501e-0131-768e-e34843000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 6122f3f9beacd729-FRA
expires: Sat, 15 Jan 2022 22:15:01 GMT

GET
H2 200 1083.js Show response
cdn.keywee.co/config/ 223 B
563 B 10ms
5ms Script
application/javascript 2600:9000:206f:9000:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/config/1083.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9000:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8308acc1c14ed982c094ff022109168202dbfa2b10ad8d01871f21e5de5c1827

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 21:25:46 GMT
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jun 2020 11:41:27 GMT
server: AmazonS3
age: 3469
etag: "54802b83f0cc2322ea9004c9b919b951"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
content-length: 223
x-amz-cf-id: YercxK6NlVapy5H7hwTdWlOyx5-XWDsXAylK6WKhrmKpYF9_8fGrHQ==

GET
H2 200 sp-2.9.1.js
cdn.keywee.co/dist/ 75 KB
26 KB 11ms
7ms Script
application/x-javascript 2600:9000:206f:9000:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/sp-2.9.1.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9000:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 13:33:11 GMT
content-encoding: gzip
last-modified: Sun, 14 Oct 2018 12:37:03 GMT
server: AmazonS3
age: 3400911
etag: W/"e0e6c30dc2f18c8cee12448a4cbb07eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: dwPgFt_qmNsLpusqv2AmrEjJvq4-RkkauBflCgloWjS3Fn4yZ8i_uQ==

GET
H2 200 p.js
cdn.parsely.com/keys/inc.com/ 45 KB
17 KB 75ms
27ms Script
application/x-javascript 13.35.255.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/inc.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.255.237 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-255-237.fra6.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Thu, 14 Jan 2021 22:59:36 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 16:30:06 GMT
server: nginx
age: 83688
etag: "5f08978e-b578"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: qWV4ZQ4iB4W7JdZVJg0cYKSfJyfGYcT5VMSiRZ3Trcvasu7pFdRWwQ==
expires: Fri, 15 Jan 2021 22:59:36 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 11ms
11ms Stylesheet
text/css 2606:4700::6810:4da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637454671964650853
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/55ecb6d7-3a26-4842-a19b-853a7835fd15/user.js?cb=637454671964650853
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Jan 2021 22:15:01 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 273681
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
cf-request-id: 07a9b6d0840000d72923251000000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 1e77aab2-901e-010e-388e-e3ff9f000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 6122f3fa6ff8d729-FRA
expires: Sat, 15 Jan 2022 22:15:01 GMT

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
285 B 28ms
28ms Image
image/gif 2606:4700::6810:4da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1610748901511&h=www.inc.com&e=p&u=42432
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Jan 2021 22:15:01 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1808822
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
cf-request-id: 07a9b6d0850000d72990b00000000001
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: fea83bb3-001e-000f-6618-dbb837000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6122f3fa6ffad729-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK Cookie set dest5.html
mansueto.demdex.net/ Frame 4BE6 0
0 146ms
40ms Document
text/html 52.49.59.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mansueto.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf6f754d17779412f8d246f49c783f295.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.59.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: mansueto.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=20610313951091270323436209458189985455
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 13 Jan 2021 12:53:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=20610313951091270323436209458189985455;Path=/;Domain=.demdex.net;Expires=Wed, 14-Jul-2021 22:15:01 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: 9xYLEuCRRGQ=
Content-Length: 2785
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YAIT5QAAABlKTRz6
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=20610313951091270323436209458189985455
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YAIT5QAAABlKTRz6

42 B
915 B

35ms
35ms

Image
image/gif

34.241.227.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YAIT5QAAABlKTRz6

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.227.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-227-67.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v087-00e51fc11.edge-irl1.demdex.com 5.80.4.20201224153022 0ms (+2ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: k2ukoeIcTHo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YAIT5QAAABlKTRz6
Date: Fri, 15 Jan 2021 22:15:01 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 roboto-v20-latin-regular.woff2
one.mansueto.com/assets/fonts/roboto/ 15 KB
16 KB 163ms
163ms Font
application/octet-stream 151.101.193.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://one.mansueto.com/assets/fonts/roboto/roboto-v20-latin-regular.woff2
Requested by: Host: assets.inc.com
URL: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.bd66da7fba78a435d1a2148099950a8a.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.14 /
Resource Hash

Request headers

Origin: https://www.inc.com
Referer: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.bd66da7fba78a435d1a2148099950a8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
via: 1.1 varnish
last-modified: Thu, 11 Jun 2020 17:15:09 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.14
x-timer: S1610748902.793609,VS0,VE149
etag: "3d78-5a7d21a4a4dc8"
x-served-by: cache-ams21040-AMS
vary: Cookie
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 15736
x-cache-hits: 0

GET
H2 200 heebo-v7-latin-700.woff2
one.mansueto.com/assets/fonts/heebo/ 17 KB
17 KB 308ms
308ms Font
application/octet-stream 151.101.193.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://one.mansueto.com/assets/fonts/heebo/heebo-v7-latin-700.woff2
Requested by: Host: assets.inc.com
URL: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.bd66da7fba78a435d1a2148099950a8a.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.14 /
Resource Hash

Request headers

Origin: https://www.inc.com
Referer: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.bd66da7fba78a435d1a2148099950a8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
via: 1.1 varnish
last-modified: Thu, 11 Jun 2020 17:19:13 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.14
x-timer: S1610748902.804835,VS0,VE293
etag: "44c8-5a7d228d21ed7"
x-served-by: cache-ams21040-AMS
vary: Cookie
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 17608
x-cache-hits: 0

GET
H2 200 heebo-v7-latin-regular.woff2
one.mansueto.com/assets/fonts/heebo/ 18 KB
18 KB 313ms
313ms Font
application/octet-stream 151.101.193.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://one.mansueto.com/assets/fonts/heebo/heebo-v7-latin-regular.woff2
Requested by: Host: assets.inc.com
URL: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.bd66da7fba78a435d1a2148099950a8a.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.14 /
Resource Hash

Request headers

Origin: https://www.inc.com
Referer: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.bd66da7fba78a435d1a2148099950a8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
via: 1.1 varnish
last-modified: Thu, 11 Jun 2020 17:19:14 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.14
x-timer: S1610748902.805658,VS0,VE294
etag: "46dc-5a7d228dd61a7"
x-served-by: cache-ams21040-AMS
vary: Cookie
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 18140
x-cache-hits: 0

GET
H2 200 roboto-v20-latin-700.woff2
one.mansueto.com/assets/fonts/roboto/ 15 KB
16 KB 318ms
318ms Font
application/octet-stream 151.101.193.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://one.mansueto.com/assets/fonts/roboto/roboto-v20-latin-700.woff2
Requested by: Host: assets.inc.com
URL: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.bd66da7fba78a435d1a2148099950a8a.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.14 /
Resource Hash

Request headers

Origin: https://www.inc.com
Referer: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.bd66da7fba78a435d1a2148099950a8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
via: 1.1 varnish
last-modified: Thu, 11 Jun 2020 17:15:05 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.14
x-timer: S1610748902.806989,VS0,VE294
etag: "3dc8-5a7d21a07709a"
x-served-by: cache-ams21040-AMS
vary: Cookie
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 15816
x-cache-hits: 0

GET
H2 200 0
www.inc.com/rest/mustreads/ 87 KB
25 KB 25ms
23ms XHR
application/json 151.101.13.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inc.com/rest/mustreads/0

Requested by

Host: assets.inc.com
URL: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.e1e52578e9d9e7d1112e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.54 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.incimages.com http://www.inc.com https://www.inc.com http://www.stumbleupon.com https://www.google.com https://cdn.ampproject.org

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://www.incimages.com http://www.inc.com https://www.inc.com http://www.stumbleupon.com https://www.google.com https://cdn.ampproject.org
content-encoding: gzip
x-cacheable: YES
age: 6286
x-cache: HIT
x-by: 0932149ecf23da196:apache-proxy
geoip-latitude: 52.311
x-cache-hits: 1
geoip-postalcode: 1101
content-length: 24783
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-fra19164-FRA
access-control-allow-headers: X-Requested-With
last-modified: Fri, 15 Jan 2021 22:15:01 GMT
server: nginx
cache-control: max-age=7200
x-timer: S1610748902.866406,VS0,VE1
date: Fri, 15 Jan 2021 22:15:01 GMT
vary: Accept-Encoding, Cookie
content-type: application/json
access-control-allow-origin: *
geoip-countryname: Netherlands
accept-ranges: bytes
geoip-city: Amsterdam
expires: Fri, 15 Jan 2021 22:30:14 GMT

GET
H2 200 navmenu
www.inc.com/rest/ 9 KB
2 KB 23ms
22ms XHR
application/json 151.101.13.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inc.com/rest/navmenu

Requested by

Host: assets.inc.com
URL: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.e1e52578e9d9e7d1112e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.54 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.incimages.com http://www.inc.com https://www.inc.com http://www.stumbleupon.com https://www.google.com https://cdn.ampproject.org

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://www.incimages.com http://www.inc.com https://www.inc.com http://www.stumbleupon.com https://www.google.com https://cdn.ampproject.org
content-encoding: gzip
x-cacheable: YES
age: 309
x-cache: HIT
x-by: 0cc7f40058837425d:apache-proxy
geoip-latitude: 52.311
x-cache-hits: 1
geoip-postalcode: 1101
content-length: 1365
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-fra19164-FRA
access-control-allow-headers: X-Requested-With
last-modified: Fri, 15 Jan 2021 22:15:01 GMT
server: nginx
cache-control: max-age=0, s-maxage=600, stale-if-error=86400, stale-while-revalidate=30, store, must-revalidate, max-age=7200, post-check=0, pre-check=0
x-timer: S1610748902.866363,VS0,VE1
date: Fri, 15 Jan 2021 22:15:01 GMT
vary: Accept-Encoding, Cookie
content-type: application/json
access-control-allow-origin: *
geoip-countryname: Netherlands
accept-ranges: bytes
geoip-city: Amsterdam
expires: Sat, 16 Jan 2021 00:09:52 GMT

GET
H2 200 privacy-popup-close-button.svg
www.incimages.com/dev/ 337 B
410 B 23ms
22ms Image
image/svg+xml 151.101.114.59
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.incimages.com/dev/privacy-popup-close-button.svg

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.59 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.incimages.com http://www.inc.com https://www.inc.com http://www.stumbleupon.com https://www.google.com https://cdn.ampproject.org

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://www.incimages.com http://www.inc.com https://www.inc.com http://www.stumbleupon.com https://www.google.com https://cdn.ampproject.org
content-encoding: gzip
etag: "36a07c6-151-5a0f9f7e93ff1"
x-cacheable: YES
age: 573949
x-cache: HIT
x-cache-hits: 22
content-length: 255
x-served-by: cache-hhn4039-HHN
last-modified: Mon, 16 Mar 2020 14:52:30 GMT
server: Apache/2.2.15 (CentOS)
x-timer: S1610748902.866407,VS0,VE0
date: Fri, 15 Jan 2021 22:15:01 GMT
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=15552000
accept-ranges: bytes
expires: Thu, 08 Jul 2021 06:49:12 GMT

GET
H2 200 promotions
www.inc.com/rest/ 17 B
265 B 342ms
342ms XHR
application/json 151.101.13.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inc.com/rest/promotions

Requested by

Host: assets.inc.com
URL: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.e1e52578e9d9e7d1112e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.54 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.incimages.com http://www.inc.com https://www.inc.com http://www.stumbleupon.com https://www.google.com https://cdn.ampproject.org

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://www.incimages.com http://www.inc.com https://www.inc.com http://www.stumbleupon.com https://www.google.com https://cdn.ampproject.org
content-encoding: gzip
x-cacheable: YES
age: 339
x-cache: MISS
x-by: 0cc7f40058837425d:apache-proxy
geoip-latitude: 52.311
x-cache-hits: 0
geoip-postalcode: 1101
content-length: 37
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-fra19164-FRA
access-control-allow-headers: X-Requested-With
last-modified: Fri, 15 Jan 2021 22:15:02 GMT
server: nginx
cache-control: max-age=0, s-maxage=600, stale-if-error=86400, stale-while-revalidate=30, store, must-revalidate, max-age=7200, post-check=0, pre-check=0
x-timer: S1610748902.866489,VS0,VE320
date: Fri, 15 Jan 2021 22:15:02 GMT
vary: Accept-Encoding, Cookie
content-type: application/json
access-control-allow-origin: *
geoip-countryname: Netherlands
accept-ranges: bytes
geoip-city: Amsterdam
expires: Sat, 16 Jan 2021 00:09:22 GMT

GET
H2 200 launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 41 KB
15 KB 27ms
24ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
content-encoding: gzip
last-modified: Wed, 29 Jul 2020 17:01:32 GMT
server: Apache
etag: "a253-5ab9781f71180-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 14886
expires: Fri, 15 Jan 2021 22:30:01 GMT

POST
H2

200

/
r.skimresources.com/api/
Redirect Chain

https://r.skimresources.com/api/
https://r.skimresources.com/api/?xguid=01EW41VEH4Q80B3XXMH55BX5GF&persistence=1&checksum=99286c679923c456c4219c2b2914cb078ead6e53cc15e18077b95088eb861376

173 B
487 B

21ms
21ms

XHR
application/json

35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/?xguid=01EW41VEH4Q80B3XXMH55BX5GF&persistence=1&checksum=99286c679923c456c4219c2b2914cb078ead6e53cc15e18077b95088eb861376

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty/1.11.2.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.inc.com
vary: Accept-Encoding
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
via: 1.1 google

Redirect headers

date: Fri, 15 Jan 2021 22:15:01 GMT
via: 1.1 google
server: openresty/1.11.2.5
access-control-allow-origin: https://www.inc.com
strict-transport-security: max-age=31536000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://r.skimresources.com/api/?xguid=01EW41VEH4Q80B3XXMH55BX5GF&persistence=1&checksum=99286c679923c456c4219c2b2914cb078ead6e53cc15e18077b95088eb861376
access-control-allow-credentials: true
content-type: text/html
alt-svc: clear
content-length: 193

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 0687 0
102 B 64ms
24ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.8801883494302525
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
244 B 68ms
20ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=4.987345358087317
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 69ms
21ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=4.987345358087317
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 b-9a4f7ce-ca0aa685.js
tagan.adlightning.com/mansueto/ 63 KB
21 KB 30ms
29ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/mansueto/b-9a4f7ce-ca0aa685.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-12.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 02:06:44 GMT
content-encoding: gzip
age: 590898
x-cache: Hit from cloudfront
content-length: 21264
x-amz-meta-git_commit: 9a4f7ce
last-modified: Tue, 22 Sep 2020 19:54:28 GMT
server: AmazonS3
etag: "a07eb597681a2f53ad41aef9c35a1223"
x-amz-version-id: k5G262J6xEBZcsYkd3anHjL8wvNIBVZS
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: bgTrwJvjEZVSqIAi7-4UlwWOIeR-6IOdQeo8v-tkDzBuRjbCjJxF7g==

GET
H2 200 bl-c29bca2-13c9605a.js
tagan.adlightning.com/mansueto/ 90 KB
27 KB 37ms
37ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/mansueto/bl-c29bca2-13c9605a.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-12.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:09:53 GMT
content-encoding: gzip
age: 309
x-cache: Hit from cloudfront
content-length: 27195
x-amz-meta-git_commit: c29bca2
last-modified: Fri, 15 Jan 2021 22:09:30 GMT
server: AmazonS3
etag: "d8bf5569f677395c0718e9b731da7c84"
x-amz-version-id: yRjYNNNZfiB2j7FvTHAraozilAAnTEqv
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: _0kZ_cnRCRljVe1ty_0UHgOpuMc1DTBM7J1li-5XrnlDKZ-FlYbbpg==

GET
H2 200 c=E6RJ_f=mint
ac.realvu.net/flip/2/ 21 KB
8 KB 95ms
29ms Script
application/javascript 65.9.58.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.realvu.net/flip/2/c=E6RJ_f=mint
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf6f754d17779412f8d246f49c783f295.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 21:43:38 GMT
content-encoding: gzip
server: nginx
age: 1883
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
x-amz-cf-pop: FRA56-C1
content-length: 7973
via: 1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
x-amz-cf-id: bVYlGjoQD_5FtGo2LdUVEbTKH54VgCa0tmTVay6e4UuvMtDxMnMG5w==
x-proxy-cache: HIT

GET
H2 200 js
www.googletagmanager.com/gtag/ 96 KB
38 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-4300461-33&l=dataLayer

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38967
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Jan 2021 22:15:01 GMT

GET
H/1.1 200
OK z
lightboxapi.azurewebsites.net/z9gd/42432/www.inc.com/jsonp/ 539 B
785 B 572ms
131ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/42432/www.inc.com/jsonp/z?cb=1610748901911&callback=jQuery171041537485718332046_1610748901475&_=1610748901912
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/55ecb6d7-3a26-4842-a19b-853a7835fd15/user.js?cb=637454671964650853
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:15:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 1132775723789114
connect.facebook.net/signals/config/ 241 KB
69 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1132775723789114?v=2.9.32&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70518
x-fb-rlafr: 0
pragma: public
x-fb-debug: dAEILnWkRifbFPL06g/jx7qCtbnoweTEwPHQc3qg/6d8dlDdQM2pj1T7QWcStMNG0A10fHPnopgR471oMvtZ2w==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 15 Jan 2021 22:15:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1447968163
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl_2021010903.js
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 82ms
31ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Fri, 15 Jan 2021 22:15:02 GMT

GET
H/1.1 200
OK queryly.v4.js
www.queryly.com/js/ 44 KB
9 KB 791ms
250ms Script
application/x-javascript 69.195.148.66
JOESDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.queryly.com/js/queryly.v4.js?a1a
Requested by: Host: assets.inc.com
URL: https://assets.inc.com/_/inc/050c23a58ad49bf216c339ee283948da519f587d/app.e1e52578e9d9e7d1112e.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.195.148.66 Kansas City, United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:14:54 GMT
Content-Encoding: gzip
ETag: "016c9a222e7d61:0"
Last-Modified: Sun, 10 Jan 2021 07:31:40 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 8575

GET
H2 200 i
pixel.keywee.co/ 43 B
294 B 326ms
100ms Image
image/gif 54.163.116.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.keywee.co/i?stm=1610748902009&e=pv&url=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&page=Login%20%7C%20Inc.com&tv=js-2.9.1&tna=cf&aid=1083&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_passive=1&f_wheel=wheel&eid=5d868844-8571-4ae8-88c6-fd323ac9f3e4&dtm=1610748902008&vp=1600x1200&ds=1600x1200&vid=1&sid=dfaa0143-f3ba-4758-956a-e0035e61324e&duid=fcec6d3c-405f-47c7-81fd-9af0e9982229&fp=606422418

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.163.116.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200 OK
date: Fri, 15 Jan 2021 22:15:02 GMT
x-content-type-options: nosniff
server: nginx/1.17.6
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 74ms
26ms XHR
application/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 09:05:03 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 47400
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 23 Dec 2020 21:52:09 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: qvfBoISJ5ymXoV8clHCjrjeaYCNnawpM
via: 1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: GtAjbRF56fmQ9-_XflUFgW_6JGkpfHhRLn_ZS9xH_ISJ9XF3IOKeSA==

GET
H/1.1 200
OK utsync.ashx
ml314.com/ 644 B
1 KB 33ms
32ms Script
application/javascript 34.251.167.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=50190&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&pv=1610748902025_1m3r4ozr1&bl=en-us&cb=2590988&return=&ht=&d=&dc=&si=1610748902025_1m3r4ozr1&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1502021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-167-52.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 22:15:01 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 468
Expires: 0

GET
H/1.1 200
OK ud.ashx
in.ml314.com/ 20 B
482 B 515ms
200ms Script
application/javascript 35.168.139.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=1502021
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1502021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.139.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:15:02 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Sat, 16 Jan 2021 22:15:02 GMT

GET
H2 200 tinypass.min.js
cdn.tinypass.com/api/ 393 KB
123 KB 44ms
42ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com//xbuilder/experience/load?aid=AezVxbkgJt&ccb=b1a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 100
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 07a9b6d28e0000c2a9a730c000000001
wn: prod-dash-10-0-127-233
last-modified: Thu, 14 Jan 2021 11:20:02 GMT
server: cloudflare
etag: W/"401984-1610623202000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=300
cf-ray: 6122f3fdb8ecc2a9-FRA
expires: Fri, 15 Jan 2021 22:20:02 GMT

POST
H2 200 s31280975924290
grunerandjahr.112.2o7.net/b/ss/gjincmansuetoprod/1/JS-2.22.0-LAWA/ 43 B
435 B 102ms
29ms XHR
image/gif 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://grunerandjahr.112.2o7.net/b/ss/gjincmansuetoprod/1/JS-2.22.0-LAWA/s31280975924290

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 15 Jan 2021 22:15:01 GMT
x-content-type-options: nosniff
x-c: main-1414.Id04486.M0-474
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 16 Jan 2021 22:15:02 GMT
server: jag
xserver: anedge-75ffb878dc-s7v9t
etag: 3459056929792622592-4621825011481898622
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.inc.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Thu, 14 Jan 2021 22:15:02 GMT

GET
H/1.1 200
OK /
srv-2021-01-15-22.pixel.parsely.com/plogger/ 43 B
229 B 409ms
101ms Image
image/gif 3.213.50.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2021-01-15-22.pixel.parsely.com/plogger/?rand=1610748902054&plid=83003442&idsite=inc.com&url=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22ab%22%3A%22a%22%7D&sid=1&surl=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&sref=&sts=1610748902050&slts=0&title=Login+%7C+Inc.com&date=Fri+Jan+15+2021+23%3A15%3A02+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=9516472&u=pid%3D21da31f7027ee4bbd0ac77e99bc702cc
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.50.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:15:06 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 298ms
99ms Image
image/gif 52.73.237.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=inc.com&p=https%3A%2F%2Fwww.inc.com%2F&u=BPRnKQD5LElAcJws7&d=inc.com&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1783&t=FsMWFKeTQ3wzO_CfhArDDD5cdI&V=121&i=Login%20%7C%20Inc.com&tz=-60&sn=1&sv=b4EA8Ci0lNeCSVcUlDqJfkj9URCV&sd=1&im=06672cf0&_
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.237.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:15:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 398 B
590 B 47ms
13ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.0.8&lid=342
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1460 , Sweden, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.inc.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 398
expires: Fri, 15 Jan 2021 22:45:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 8ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1132775723789114&ev=KWCEPV&dl=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&rl=&if=false&ts=1610748902159&cd[noad30]=1&cd[noadcm]=1&cd[nokart]=0&cd[pvps]=1&cd[slensec]=0&cd[ar30d]=1&cd[arcm]=1&cd[kar30d]=0&cd[karcm]=0&cd[ts30d]=0&cd[tscm]=0&cd[kru]=0&sw=1600&sh=1200&v=2.9.32&r=stable&ec=0&o=30&fbp=fb.1.1610748902157.1787393802&it=1610748901398&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=2&rqm=GET

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 15 Jan 2021 22:15:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1132775723789114&ev=PageView&dl=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&rl=&if=false&ts=1610748902161&sw=1600&sh=1200&v=2.9.32&r=stable&ec=1&o=30&fbp=fb.1.1610748902157.1787393802&it=1610748901398&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 15 Jan 2021 22:15:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=908965139191815&ev=PageView&dl=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&rl=&if=false&ts=1610748902164&sw=1600&sh=1200&v=2.9.32&r=stable&ec=0&o=30&fbp=fb.1.1610748902157.1787393802&it=1610748901398&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 15 Jan 2021 22:15:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
5ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1132775723789114&ev=PageView&dl=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&rl=&if=false&ts=1610748902165&sw=1600&sh=1200&v=2.9.32&r=stable&ec=2&o=30&fbp=fb.1.1610748902157.1787393802&it=1610748901398&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 15 Jan 2021 22:15:02 GMT

GET
H2 200 dm.js
tag.durationmedia.net/sites/10443/ 87 KB
24 KB 35ms
15ms Script
application/javascript 2600:9000:2057:d400:10:ce97:9fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.durationmedia.net/sites/10443/dm.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf6f754d17779412f8d246f49c783f295.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d400:10:ce97:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8W9XNi20xePoriMpCh8tVU2_tF4Z2xAH
content-encoding: gzip
last-modified: Mon, 14 Dec 2020 22:12:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "29360b1854d8cd73b38f987423b0921e"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
cache-control: public,max-age=900
date: Fri, 15 Jan 2021 22:15:02 GMT
accept-ranges: bytes
content-length: 24465
x-amz-cf-id: 8-ednnE2GskQY-9bE1M6y74fESPcMROBDKjnS5BN-jizk0uLbtQvGg==

GET
H2 200 gdpr-cmp-bootstrap.js
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 317 KB
67 KB 22ms
22ms Script
application/javascript 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP DEVo TAIo COR PSA OUR IND NAV"
content-length: 67671
last-modified: Mon, 07 Dec 2020 18:40:53 GMT
server: Apache
etag: "4f353-5b5e42a785424"
access-control-max-age: 3600
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H3-Q050 200 js
www.googletagmanager.com/gtag/ 96 KB
38 KB 45ms
32ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-98096820-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4300461-33&l=dataLayer

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38974
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Jan 2021 22:15:02 GMT

GET
H3-Q050 200 js
www.googletagmanager.com/gtag/ 96 KB
39 KB 44ms
31ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-975200100&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4300461-33&l=dataLayer

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38988
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Jan 2021 22:15:02 GMT

GET
H3-Q050 200 js
www.googletagmanager.com/gtag/ 96 KB
38 KB 47ms
34ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-972240864&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4300461-33&l=dataLayer

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38989
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Jan 2021 22:15:02 GMT

POST
H2 200 page
t.skimresources.com/api/v2/ 22 B
337 B 24ms
23ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/122276X1582760.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:15:02 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.inc.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

GET
H/1.1 200
OK ibs:dpid=22052&dpuuid=3615981956513136642&redir=
dpm.demdex.net/ 42 B
915 B 37ms
36ms Image
image/gif 34.241.227.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3615981956513136642&redir=

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.227.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-227-67.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v087-05c84f922.edge-irl1.demdex.com 5.80.4.20201224153022 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 7iuzb5wVTJY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3615981956513136642
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxNTk4MTk1NjUxMzEzNjY0MhAAGg0I5qeIgAYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=7e9d53ba0375775ca9ccf817815908cddb3df7f9c5a9fbc6d971576ab4e29f79f4cb09cee1a4f8eb&person_id=3615981956513136642&eid=50082

43 B
312 B

32ms
32ms

Image
image/gif

34.251.167.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=7e9d53ba0375775ca9ccf817815908cddb3df7f9c5a9fbc6d971576ab4e29f79f4cb09cee1a4f8eb&person_id=3615981956513136642&eid=50082
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-167-52.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:15:01 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Sat, 16 Jan 2021 17:15:02 GMT

Redirect headers

date: Fri, 15 Jan 2021 22:15:02 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=7e9d53ba0375775ca9ccf817815908cddb3df7f9c5a9fbc6d971576ab4e29f79f4cb09cee1a4f8eb&person_id=3615981956513136642&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

utsync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=11418b3d-7d1e-4659-95ef-e110fa284fe8

43 B
517 B

33ms
31ms

Image
image/gif

34.251.167.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=53819&et=0&fp=11418b3d-7d1e-4659-95ef-e110fa284fe8
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-167-52.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 22:15:01 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Sat, 16 Jan 2021 17:15:02 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:15:02 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ml314.com/utsync.ashx?eid=53819&et=0&fp=11418b3d-7d1e-4659-95ef-e110fa284fe8
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3615981956513136642
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3615981956513136642
https://ml314.com/csync.ashx?fp=afba6071ea25ec73d2c0383270a27b09&eid=50146&person_id=3615981956513136642

43 B
312 B

31ms
31ms

Image
image/gif

34.251.167.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=afba6071ea25ec73d2c0383270a27b09&eid=50146&person_id=3615981956513136642
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-167-52.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:15:02 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Sat, 16 Jan 2021 17:15:02 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:15:02 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ml314.com/csync.ashx?fp=afba6071ea25ec73d2c0383270a27b09&eid=50146&person_id=3615981956513136642
cache-control: no-cache
x-server: 10.45.14.116
content-length: 0
expires: 0

GET
H/1.1 200
OK pixel
ps.eyeota.net/ 0
344 B 93ms
25ms Image
text/plain 3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:15:02 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1 200
OK cx.cce.js
cdn.cxense.com/ 22 KB
6 KB 21ms
7ms Script
application/x-javascript 2a02:26f0:1700:498::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:498::268b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:15:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jan 2021 08:45:40 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5872
Expires: Fri, 15 Jan 2021 23:15:02 GMT

GET
H2 200 logout
id.tinypass.com/id/api/v1/identity/ 0
854 B 131ms
121ms Script
text/plain 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/logout?callback=jQuery1124007737042844182662_1610748902200&client_id=AezVxbkgJt&_=1610748902201

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
content-length: 0
cf-request-id: 07a9b6d3d90000c2a937a87000000001
x-request-id: C2txzmqcTBI
pragma: no-cache
wn: prod-id-10-0-88-26
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.001
cf-ray: 6122f3ffcbdbc2a9-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 21:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6333
x-xss-protection: 0
server: cafe
etag: 400858902502590927
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Jan 2021 22:20:04 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98096820-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2601
date: Fri, 15 Jan 2021 21:31:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 15 Jan 2021 23:31:41 GMT

GET
H2 200 conversion_async.js
www.googleadservices.com/pagead/ 30 KB
12 KB 32ms
31ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-975200100&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12184
x-xss-protection: 0
server: cafe
etag: 16153075511613835353
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Jan 2021 22:15:02 GMT

GET
H2 200 euconsent
api.conversant.mgr.consensu.org/ 120 B
316 B 90ms
63ms XHR
application/json 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/euconsent?configId=10170&cmpVersion=3.2.6&c=14066649695
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1370 , Sweden, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.inc.com
date: Fri, 15 Jan 2021 22:15:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx
vary: Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200 scriptloaded
be.durationmedia.net/ 0
569 B 411ms
102ms Fetch 3.225.38.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://be.durationmedia.net/scriptloaded?siteId=10443

Requested by

Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/sites/10443/dm.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.38.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 22:15:02 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Access-Control-Allow-Origin: https://www.inc.com
Access-Control-Expose-Headers: Authorization
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H2 200 verify
id.tinypass.com/id/api/v1/identity/token/ 196 B
608 B 120ms
120ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jQuery1124007737042844182662_1610748902202&client_id=AezVxbkgJt&token=&site=https%3A%2F%2Fwww.inc.com&_=1610748902203

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 07a9b6d3e50000c2a97d2ff000000001
x-request-id: C2txzmqsTEd
pragma: no-cache
wn: prod-id-10-0-81-96
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.002
cf-ray: 6122f3ffdbf3c2a9-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cx.js
cdn.cxense.com/ 102 KB
25 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:1700:498::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:498::268b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:15:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Oct 2020 10:05:50 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24840
Expires: Fri, 15 Jan 2021 23:15:02 GMT

GET
H3-Q050 200 /
www.googleadservices.com/pagead/conversion/972240864/ 2 KB
2 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/972240864/?random=1610748902413&cv=9&fst=1610748902413&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&ig=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&tiba=Login%20%7C%20Inc.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1197
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/975200100/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975200100/?random=1610748902419&cv=9&fst=1610748902419&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&ig=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&tiba=Login%20%7C%20Inc.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1089
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/975200100/ 42 B
292 B 20ms
19ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975200100/?random=1610748902419&cv=9&fst=1610748000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&tiba=Login%20%7C%20Inc.com&async=1&fmt=3&is_vtc=1&random=2951883432&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:15:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/975200100/ 42 B
530 B 48ms
33ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975200100/?random=1610748902419&cv=9&fst=1610748000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&tiba=Login%20%7C%20Inc.com&async=1&fmt=3&is_vtc=1&random=2951883432&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:15:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/972240864/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972240864/?random=106791827&cv=9&fst=1610748902413&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/972240864/?random=106791827&cv=9&fst=1610748902413&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.de/pagead/1p-conversion/972240864/?random=106791827&cv=9&fst=1610748902413&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
66 B

23ms
22ms

Image
image/gif

2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/972240864/?random=106791827&cv=9&fst=1610748902413&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&ig=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&tiba=Login%20%7C%20Inc.com&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=5hMCYM6EG4qSrASWxJjQAw&cid=CAQSKQCNIrLMtIM9qGf-3R8LAxUggSjtzuVLK7xMZVAd_JES4B56QyLiLhqH&random=3097641232&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:15:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:15:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/972240864/?random=106791827&cv=9&fst=1610748902413&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&ig=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&tiba=Login%20%7C%20Inc.com&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=5hMCYM6EG4qSrASWxJjQAw&cid=CAQSKQCNIrLMtIM9qGf-3R8LAxUggSjtzuVLK7xMZVAd_JES4B56QyLiLhqH&random=3097641232&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendor-list.json
cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/ 215 KB
30 KB 68ms
24ms XHR
application/json 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/vendor-list.json
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP DEVo TAIo COR PSA OUR IND NAV"
content-length: 30770
last-modified: Thu, 14 Jan 2021 16:15:01 GMT
server: Apache
etag: "35ab0-5b8de8ece3d6a"
access-control-max-age: 3600
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

POST
H2 200 execute
experience.tinypass.com/xbuilder/experience/ 7 KB
3 KB 129ms
129ms XHR
application/json 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=AezVxbkgJt

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 07a9b6d4860000c2a9b1000000000001
x-request-id: C2txzmqN5ua
pragma: no-cache
wn: prod-exp-10-0-124-36
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.inc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6122f400dd53c2a9-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 event
api.conversant.mgr.consensu.org/gdpr/cmp/ 0
117 B 89ms
63ms XHR
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1370 , Sweden, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.inc.com
date: Fri, 15 Jan 2021 22:15:02 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

GET
H2 200 gdpr-cmp-ui.js
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 269 KB
73 KB 29ms
29ms Script
application/javascript 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP DEVo TAIo COR PSA OUR IND NAV"
content-length: 74208
last-modified: Mon, 07 Dec 2020 18:40:53 GMT
server: Apache
etag: "435c5-5b5e42a785fdb"
access-control-max-age: 3600
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 en.json
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/ 3 KB
1 KB 34ms
33ms XHR
application/json 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/en.json
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP DEVo TAIo COR PSA OUR IND NAV"
content-length: 939
last-modified: Mon, 07 Dec 2020 18:40:53 GMT
server: Apache
etag: "bc0-5b5e42a786f7c"
access-control-max-age: 3600
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

POST
H2 204 event
api.conversant.mgr.consensu.org/gdpr/cmp/ 0
116 B 65ms
65ms XHR
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1370 , Sweden, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.inc.com
date: Fri, 15 Jan 2021 22:15:02 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1132775723789114&ev=Microdata&dl=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&rl=&if=false&ts=1610748902715&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%20%7C%20Inc.com%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Login%20%7C%20Inc.com%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.inc.com%2Flogin%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Asite_name%22%3A%22Inc.com%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.32&r=stable&ec=3&o=30&fbp=fb.1.1610748902157.1787393802&it=1610748901398&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 15 Jan 2021 22:15:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=908965139191815&ev=Microdata&dl=https%3A%2F%2Fwww.inc.com%2Flogout%3Fret%3Dhttp%253A%252F%252Fklukvaint.obrazovanie46.ru%252Fbur%252F&rl=&if=false&ts=1610748902717&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%20%7C%20Inc.com%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Login%20%7C%20Inc.com%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.inc.com%2Flogin%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Asite_name%22%3A%22Inc.com%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.32&r=stable&ec=1&o=30&fbp=fb.1.1610748902157.1787393802&it=1610748901398&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 15 Jan 2021 22:15:02 GMT

GET
H/1.1 200
OK whitecloseicon.png
www.queryly.com/images/ 816 B
1 KB 132ms
131ms Image
image/png 69.195.148.66
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.queryly.com/images/whitecloseicon.png
Requested by: Host: www.inc.com
URL: https://www.inc.com/logout?ret=http%3A%2F%2Fklukvaint.obrazovanie46.ru%2Fbur%2F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.195.148.66 Kansas City, United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:14:54 GMT
Last-Modified: Thu, 11 Jun 2020 23:20:57 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "d7046f64640d61:0"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 816

GET
H2 200 /
zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 56 KB
17 KB 79ms
41ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_2t6mDnUjRUuS8jH

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 164039
cf-polished: origSize=58381
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 07a9b6d62f00004c0757b47000000001
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"e40d-Km5PybmwS7EUvVV8NaR243ssseo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
cf-ray: 6122f4037c4f4c07-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 200 Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 132 B
424 B 144ms
142ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2t6mDnUjRUuS8jH&Q_CLIENTVERSION=1.42.0&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com
URL: https://zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_2t6mDnUjRUuS8jH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 15 Jan 2021 22:15:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.inc.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6122f403dd3e4c07-AMS
vary: Accept-Encoding
cf-request-id: 07a9b6d66c00004c075f0ae000000001

GET
H/1.1 200 lb
be.durationmedia.net/ 0
569 B 105ms
105ms Fetch 3.225.38.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://be.durationmedia.net/lb?s=10443&t=SD&c=1

Requested by

Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/sites/10443/dm.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.38.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 22:15:05 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Access-Control-Allow-Origin: https://www.inc.com
Access-Control-Expose-Headers: Authorization
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H2 200 s3245209929802
grunerandjahr.112.2o7.net/b/ss/gjincmansuetoprod/1/JS-2.22.0-LAWA/ 43 B
211 B 30ms
30ms Image
image/gif 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grunerandjahr.112.2o7.net/b/ss/gjincmansuetoprod/1/JS-2.22.0-LAWA/s3245209929802?AQB=1&ndh=1&pf=1&t=15%2F0%2F2021%2023%3A15%3A11%205%20-60&mid=20513484855324160303405361223583784393&aamlh=6&ce=UTF-8&pageName=inc%3Amissing&g=https%3A%2F%2Fwww.inc.com%2F%3Funtracked%3Dhttps%3A%2F%2Fwww.inc.com%2Flogout&cc=USD&ch=Inc.&server=inc-node&v0=unspecified&events=event8&c1=D%3Dv1&v1=Inc.&h1=inc.%2CInc.%2C%2C&c2=D%3Dv2&c3=D%3Dv19&c4=D%3Dv4&v4=inc%3Amissing&c5=https%3A%2F%2Fwww.inc.com%2F%3Funtracked%3Dhttps%3A%2F%2Fwww.inc.com%2Flogout&v6=inc.&c7=D%3Dv5&v8=inc.&c10=D%3Dv8&v10=inc-default-id&c11=D%3Dv11&v11=Inc.%20Editor&c13=D%3Dv28&v16=true&c17=D%3Dv43&v17=1&c18=D%3Dv43&c24=D%3Dv10&c25=D%3Dv6&v27=https%3A%2F%2Fwww.inc.com%2F%3Funtracked%3Dhttps%3A%2F%2Fwww.inc.com%2Flogout&c28=D%3Dv66&v28=1&v29=NoProfileID&c30=D%3Dv72&c32=unknown&v33=staff&v34=-1&c36=D%3Dv34&v43=none&v44=D%3Dv43&c45=D%3Dv79&v49=5&c62=D%3Dv62&c63=D%3Dv94&c68=D%3Dv61&c69=D%3Dv62&c70=D%3Dv63&v79=Login%20%7C%20Inc.com&v94=1&v96=-1&v101=1995-11-01&pe=lnk_o&pev2=Engaged%20PageView&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=283B366E5AFAA4490A495E0C%40AdobeOrg&lrt=138&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 22:15:11 GMT
x-content-type-options: nosniff
x-c: main-1414.Id04486.M0-474
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 16 Jan 2021 22:15:11 GMT
server: jag
xserver: anedge-75ffb878dc-5b59v
etag: 3459056949456535552-4621778719251275610
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 14 Jan 2021 22:15:11 GMT

GET
H/1.1 200
OK imsync.ashx
ml314.com/ 17 B
427 B 32ms
32ms Script
text/html 34.251.167.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/imsync.ashx?pi=3615981956513136642&data=eyJwaCI6MTIwMCwid2giOjEyMDAsInRicyI6MCwiZHQiOjE1LCJwaWQiOiIxNjEwNzQ4OTAyMDI1XzFtM3I0b3pyMSIsInNkIjoxMjAwfQ%3D%3D
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1502021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-167-52.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 22:15:16 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Connection: keep-alive
Content-Length: 135

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 101ms
101ms Image
image/gif 52.73.237.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=inc.com&p=https%3A%2F%2Fwww.inc.com%2F&u=BPRnKQD5LElAcJws7&d=inc.com&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=1200&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1783&t=FsMWFKeTQ3wzO_CfhArDDD5cdI&V=121&tz=-60&sn=2&sv=b4EA8Ci0lNeCSVcUlDqJfkj9URCV&sd=1&im=06672cf0&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.237.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 22:15:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 3) Message: >>>>>>Piano Meter INCREMENT<<<<<<<<
console-api	log	(Line 3) Message: >>>>>>Piano Metered Journey START<<<<<<<<

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ac.realvu.net
api.conversant.mgr.consensu.org
assets.adobedtm.com
assets.fastcompany.com
assets.inc.com
be.durationmedia.net
c.amazon-adsystem.com
cd.connatix.com
cdn.conversant.mgr.consensu.org
cdn.cxense.com
cdn.keywee.co
cdn.parsely.com
cdn.polyfill.io
cdn.tinypass.com
cds.connatix.com
cm.everesttech.net
connect.facebook.net
d1z2jf7jlzjs58.cloudfront.net
dpm.demdex.net
experience.tinypass.com
googleads.g.doubleclick.net
grunerandjahr.112.2o7.net
id.tinypass.com
idsync.rlcdn.com
in.ml314.com
lightboxapi.azurewebsites.net
mansueto.demdex.net
match.adsrvr.org
mb.moatads.com
ml314.com
one.mansueto.com
p.skimresources.com
p.typekit.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.keywee.co
proc.ad.cpe.dotomi.com
ps.eyeota.net
px.moatads.com
r.skimresources.com
s.skimresources.com
s3.amazonaws.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
siteintercept.qualtrics.com
srv-2021-01-15-22.pixel.parsely.com
ssl.google-analytics.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.crwdcntrl.net
t.skimresources.com
tag.durationmedia.net
tagan.adlightning.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.inc.com
www.incimages.com
www.lightboxcdn.com
www.npttech.com
www.queryly.com
z.moatads.com
zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com
104.111.219.144
104.111.247.126
104.17.209.240
13.35.255.237
142.250.74.194
143.204.214.185
143.204.215.12
15.237.76.117
151.101.113.54
151.101.114.137
151.101.114.59
151.101.12.157
151.101.13.54
151.101.193.54
151.101.194.137
151.139.128.11
172.217.16.130
2.18.235.40
20.40.202.0
23.37.53.17
2600:9000:2057:d400:10:ce97:9fc0:93a1
2600:9000:206f:9000:e:ec66:e40:93a1
2606:4700::6810:4da5
2606:4700::6811:b7b1
2606:4700:e0::ac40:6704
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:815::2008
2a00:1450:4001:816::200e
2a00:1450:4001:81c::2002
2a00:1450:400c:c00::9d
2a02:26f0:1700:498::268b
2a02:26f0:eb:390::1e80
2a02:26f0:eb:3b1::19fd
2a02:26f0:eb::214:bdd3
2a02:fa8:8806:13::1460
2a02:fa8:8806:16::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::621
3.125.70.222
3.213.50.82
3.225.38.72
34.120.207.148
34.241.227.67
34.251.167.52
34.253.102.121
34.253.145.149
35.168.139.27
35.190.59.101
35.190.91.160
35.201.67.47
52.217.99.142
52.49.190.28
52.49.59.93
52.73.237.132
54.163.116.114
54.72.52.19
65.9.58.118
69.195.148.66
99.86.5.213
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2a8ac8fc91d686353ef48b2fe4ffea742f32e664e786810c4d5f59feef9e9aa9
2dc76e4fe5928089997a62ff369e65385bdd723fed60cb3e2cf9e75147355359
370e8e3735b01fd02fbe8e23bcd5d1904a4d640a53ab9d98f056ce2a482fee7d
40026522ccc3a54d113eccee6a55ab2071d15e0da3a91d68622a1683dfd0f58a
4e772b81a8ad3cc8f394d8c9adef4e6ffe30693244e80ce1d2144ac871a6b7bc
4f4a7f4884577bd3a93526ced14696957e357f181278dafe9c766c7d1ab1fc0c
5e00ff250c3893cc059009a099e84b493528bf6ee7bfa5f48d7564d81bad6da4
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab
6b53b0803e3f406d68624144a6df2e11afecf25db89178b0f94b16a7f1675166
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7b0236966117fd76b61e81ec439b64aa726f70b98b2ac2cd71b6f6e90cd1c381
8308acc1c14ed982c094ff022109168202dbfa2b10ad8d01871f21e5de5c1827
8334e5eb7851550868428f192dd7d9f10d7b513381d8bb3f5606774bc78c3976
85f410b417afe9d4669ad814a4f03e662f4ab6168144694faedf7f332275307f
9517437331f4bce7dd1cb91d0bf4083bab59a49b424e751e82561db8f367c404
9b0bc9db1ee6d17f92fd9f0f3a536f3b62a01a1fff913fa1555f08d40c978802
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3556d5f8e76ec0814c42cd888745353e9ccd932137b842c45840861c8c3c43f
a5f5e7161217a6a3290b3a429fd0f8e6528f4683accebd3849b938ac02418f39
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
bd175c2a42681d098607b1ac4d8803ff784679be35f25b6a1d87d05fa7f0a2ac
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
efaa8d7751913fa5bb57d78e2bf70b533f0b2cb798da7949da81edcc8c3b388c
f5fa155d6255d27071255802f89607b32018e797ee5a10c579b8654a11c36a2c
faa4ba7e1e2fcddd6c0b5ad1e56eb1520988c5fe15c51e646326cb50b6699daa

www.inc.com Open in urlscan Pro 151.101.13.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

122 Requests

100 %HTTPS

35 %IPv6

49 Domains

69 Subdomains

57 IPs

8 Countries

2955 kBTransfer

10690 kBSize

0 Cookies

0 Outgoing links

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.inc.com Open in urlscan Pro
151.101.13.54 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

100 %
HTTPS

35 %
IPv6

49
Domains

69
Subdomains

57
IPs

8
Countries

2955 kB
Transfer

10690 kB
Size

0
Cookies

122 HTTP transactions
0 data transactions